www.patpaynter.com Open in urlscan Pro
38.54.164.113 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://patpaynter.com/
Effective URL:
http://www.patpaynter.com/
Submission: On March 03 via api (March 3rd 2022, 8:12:30 am UTC) from NL — Scanned from NL

Summary HTTP 226 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 18 domains to perform 226 HTTP transactions. The main IP is 38.54.164.113, located in United States and belongs to PEGTECHINC, US. The main domain is www.patpaynter.com.

This is the only time www.patpaynter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	38.54.164.113 38.54.164.113	54600 (PEGTECHINC) (PEGTECHINC)
1	112.34.113.148 112.34.113.148	9808 (CMNET-GD ...) (CMNET-GD Guangdong Mobile Communication Co.Ltd.)
2	136.0.141.3 136.0.141.3	18779 (EGIHOSTING) (EGIHOSTING)
4	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
28	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	180.101.212.103 180.101.212.103	134770 (CHINANET-...) (CHINANET-JIANGSU-SUZHOU-TAIHU-IDC CHINANET Jiangsu province Suzhou taihu IDC network)
26	2606:4700:303... 2606:4700:3030::ac43:b6cf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
100	136.0.141.5 136.0.141.5	18779 (EGIHOSTING) (EGIHOSTING)
10	103.170.15.53 103.170.15.53	7483 (NETPLUS-A...) (NETPLUS-AS Hongkong Telecom Ltd.)
4	45.61.212.143 45.61.212.143	53587 (AZT) (AZT)
5	103.170.15.113 103.170.15.113	7483 (NETPLUS-A...) (NETPLUS-AS Hongkong Telecom Ltd.)
5	45.61.212.60 45.61.212.60	53587 (AZT) (AZT)
4	45.61.212.188 45.61.212.188	53587 (AZT) (AZT)
4	121.14.45.19 121.14.45.19	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
1	154.23.245.118 154.23.245.118	395886 (KURUN-AS-) (KURUN-AS-)
15	121.14.45.23 121.14.45.23	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
4	121.14.45.22 121.14.45.22	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
4	221.231.83.250 221.231.83.250	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
2	2408:4001:f00... 2408:4001:f00::2f	37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.)
2	47.246.136.160 47.246.136.160	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co.)
226	21

4 38.54.164.113 (United States) 1 redirects

ASN54600 (PEGTECHINC, US)

patpaynter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.patpaynter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 112.34.113.148 (China)

ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN)

push.zhanzhang.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.0.141.3 (United States)

ASN18779 (EGIHOSTING, US)

136.0.141.3	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

klx20.zhgm1jglhk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tnlapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 180.101.212.103 (China)

ASN134770 (CHINANET-JIANGSU-SUZHOU-TAIHU-IDC CHINANET Jiangsu province Suzhou taihu IDC network, CN)

api.share.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:4700:3030::ac43:b6cf (United States)

ASN13335 (CLOUDFLARENET, US)

tb.learning8808.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

100 136.0.141.5 (United States)

ASN18779 (EGIHOSTING, US)

www.gg123456789gg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 103.170.15.53 (Taiwan)

ASN7483 (NETPLUS-AS Hongkong Telecom Ltd., Taiwan Branch Office, TW)

ue3jfw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.61.212.143 (United States)

ASN53587 (AZT, US)

tujzac.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.170.15.113 (Taiwan)

ASN7483 (NETPLUS-AS Hongkong Telecom Ltd., Taiwan Branch Office, TW)

8889357.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 45.61.212.60 (United States)

ASN53587 (AZT, US)

zndymj.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.61.212.188 (United States)

ASN53587 (AZT, US)

zigqnx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 121.14.45.19 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

yd.yuanqitu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.23.245.118 (United States)

ASN395886 (KURUN-AS-, US)

data.wssh188.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 121.14.45.23 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

g.ns-zhy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tp.dsdjclub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 121.14.45.22 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

yd.gxdianhua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 221.231.83.250 (Dongtai, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

s4.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2408:4001:f00::2f (Beijing, China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)

z3.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 47.246.136.160 (United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)

cnzz.mmstat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
100	gg123456789gg.com www.gg123456789gg.com	1 MB
26	learning8808.com tb.learning8808.com	25 KB
20	tnlapp.com tnlapp.com	14 MB
10	dsdjclub.com tp.dsdjclub.com — Cisco Umbrella Rank: 704702	323 KB
10	ue3jfw.com ue3jfw.com — Cisco Umbrella Rank: 836974	3 MB
8	zhgm1jglhk.com klx20.zhgm1jglhk.com	61 KB
6	cnzz.com s4.cnzz.com — Cisco Umbrella Rank: 40603 Failed c.cnzz.com — Cisco Umbrella Rank: 21986 z3.cnzz.com — Cisco Umbrella Rank: 46381	10 KB
6	baidu.com push.zhanzhang.baidu.com — Cisco Umbrella Rank: 62785 hm.baidu.com — Cisco Umbrella Rank: 8656 api.share.baidu.com — Cisco Umbrella Rank: 46750	29 KB
5	ns-zhy.com g.ns-zhy.com	4 KB
5	zndymj.com zndymj.com	3 MB
5	8889357.com 8889357.com	3 MB
4	gxdianhua.com yd.gxdianhua.com — Cisco Umbrella Rank: 660871	8 KB
4	yuanqitu.com yd.yuanqitu.com — Cisco Umbrella Rank: 725036	24 KB
4	zigqnx.com zigqnx.com — Cisco Umbrella Rank: 335117	1 MB
4	tujzac.com tujzac.com	743 KB
4	patpaynter.com 1 redirects patpaynter.com www.patpaynter.com	4 KB
2	mmstat.com cnzz.mmstat.com — Cisco Umbrella Rank: 20574	637 B
1	wssh188.com data.wssh188.com	5 KB
226	18

	Domain	Requested by
100	www.gg123456789gg.com	klx20.zhgm1jglhk.com
26	tb.learning8808.com	klx20.zhgm1jglhk.com
20	tnlapp.com	klx20.zhgm1jglhk.com tb.learning8808.com
10	tp.dsdjclub.com	klx20.zhgm1jglhk.com www.patpaynter.com
10	ue3jfw.com	klx20.zhgm1jglhk.com tb.learning8808.com
8	klx20.zhgm1jglhk.com	www.patpaynter.com klx20.zhgm1jglhk.com
5	g.ns-zhy.com	tb.learning8808.com
5	zndymj.com	klx20.zhgm1jglhk.com tb.learning8808.com
5	8889357.com	klx20.zhgm1jglhk.com tb.learning8808.com
4	yd.gxdianhua.com	yd.yuanqitu.com
4	yd.yuanqitu.com	tb.learning8808.com
4	zigqnx.com	klx20.zhgm1jglhk.com tb.learning8808.com
4	tujzac.com	klx20.zhgm1jglhk.com tb.learning8808.com
4	hm.baidu.com	www.patpaynter.com klx20.zhgm1jglhk.com
3	www.patpaynter.com	www.patpaynter.com
2	cnzz.mmstat.com	klx20.zhgm1jglhk.com
2	z3.cnzz.com	klx20.zhgm1jglhk.com
2	c.cnzz.com	s4.cnzz.com
2	s4.cnzz.com	www.patpaynter.com klx20.zhgm1jglhk.com
1	data.wssh188.com	tb.learning8808.com
1	api.share.baidu.com	www.patpaynter.com
1	push.zhanzhang.baidu.com	www.patpaynter.com
1	patpaynter.com	1 redirects
226	23

This site contains no links.

Subject Issuer	Validity	Valid
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2021-07-01` - `2022-08-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-02-12` - `2023-02-12`	a year	crt.sh
*.learning8808.com E1	`2022-02-19` - `2022-05-20`	3 months	crt.sh
www.gg123456789gg.com R3	`2021-12-25` - `2022-03-25`	3 months	crt.sh
ue3jfw.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-25` - `2022-12-25`	a year	crt.sh
tujzac.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-25` - `2022-12-25`	a year	crt.sh
8889357.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-11` - `2022-12-11`	a year	crt.sh
zndymj.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-11` - `2022-12-11`	a year	crt.sh
zigqnx.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-11` - `2022-12-11`	a year	crt.sh
yd.yuanqitu.com TrustAsia TLS RSA CA	`2022-02-24` - `2023-02-23`	a year	crt.sh
data.wssh188.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-03` - `2023-01-03`	a year	crt.sh
g.ns-zhy.com Encryption Everywhere DV TLS CA - G1	`2022-01-26` - `2023-01-26`	a year	crt.sh
yd.gxdianhua.com TrustAsia TLS RSA CA	`2022-02-25` - `2023-02-24`	a year	crt.sh
*.cnzz.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-01-11` - `2023-02-12`	a year	crt.sh
*.mmstat.com GlobalSign Organization Validation CA - SHA256 - G2	`2021-06-28` - `2022-07-30`	a year	crt.sh
tp.dsdjclub.com Encryption Everywhere DV TLS CA - G1	`2022-01-01` - `2023-01-02`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://www.patpaynter.com/
Frame ID: 30AE6052EF357EBA893A47875BF62F08
Requests: 10 HTTP requests in this frame

Frame: https://klx20.zhgm1jglhk.com/
Frame ID: 8D8FB0F2B155DA55211AE59148A4E8A2
Requests: 105 HTTP requests in this frame

Frame: https://klx20.zhgm1jglhk.com/
Frame ID: 013D06CD0E91DE56C020DA086F4D2B3D
Requests: 111 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

江苏笆拍食品有限公司江苏笆拍食品有限公司

Page URL History Show full URLs

http://patpaynter.com/ HTTP 301
http://www.patpaynter.com/ Page URL

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

CNZZ (Analytics) Expand

Overall confidence: 100%
Detected patterns

//[^./]+\.cnzz\.com/(?:z_stat.php|core)\?

Page Statistics

226
Requests

96 %
HTTPS

15 %
IPv6

18
Domains

23
Subdomains

21
IPs

4
Countries

27607 kB
Transfer

28005 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://patpaynter.com/ HTTP 301
http://www.patpaynter.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

226 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.patpaynter.com/
Redirect Chain

http://patpaynter.com/
http://www.patpaynter.com/

3 KB
1 KB

646ms
170ms

Document
text/html

38.54.164.113
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://www.patpaynter.com/
Protocol: HTTP/1.1
Server: 38.54.164.113 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: 8490e5a5cd9563cff60392302418ce3fcd2c277b1c749f169b348b4b38c10276

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9

Response headers

Server: nginx
Date: Thu, 03 Mar 2022 08:11:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Thu, 03 Mar 2022 08:11:53 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.patpaynter.com/

GET
H/1.1 200
OK common.js Show response
www.patpaynter.com/ 4 KB
2 KB 163ms
163ms Script
application/x-javascript 38.54.164.113
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://www.patpaynter.com/common.js
Requested by: Host: www.patpaynter.com
URL: http://www.patpaynter.com/
Protocol: HTTP/1.1
Server: 38.54.164.113 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: b4972e95543db893a0f079204e0c071a3dd38830f9087b735adad2f376d2ef29

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://www.patpaynter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 08:11:54 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/x-javascript

GET
H/1.1 200
OK tj.js Show response
www.patpaynter.com/ 396 B
552 B 314ms
157ms Script
application/x-javascript 38.54.164.113
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://www.patpaynter.com/tj.js
Requested by: Host: www.patpaynter.com
URL: http://www.patpaynter.com/
Protocol: HTTP/1.1
Server: 38.54.164.113 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: e02c6ae377976ea076855b3fdecf419fa5f5584ce8a7da9b9edc510b9fe912ca

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://www.patpaynter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 08:11:54 GMT
Server: nginx
Connection: keep-alive
Content-Length: 396
Content-Type: application/x-javascript

GET
H/1.1 200
OK push.js Show response
push.zhanzhang.baidu.com/ 281 B
752 B 878ms
300ms Script
text/javascript 112.34.113.148
CMNET-GD Guangdon...

General

Check archive.org

Show headers Download Go to

Full URL: http://push.zhanzhang.baidu.com/push.js
Requested by: Host: www.patpaynter.com
URL: http://www.patpaynter.com/
Protocol: HTTP/1.1
Server: 112.34.113.148 , China, ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN),
Reverse DNS
Software: apache /
Resource Hash: 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://www.patpaynter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 08:11:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
Server: apache
Etag: "4078521116"
Vary: Accept-Encoding
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 227
Expires: Fri, 03 Mar 2023 08:11:59 GMT

GET
H/1.1 200
OK tianbi-common.php Show response
136.0.141.3/ 70 B
536 B 314ms
157ms XHR
text/html 136.0.141.3
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: http://136.0.141.3/tianbi-common.php?val=tianbi1&t=0.39661457627204366?v=0012174983160470276
Requested by: Host: www.patpaynter.com
URL: http://www.patpaynter.com/common.js
Protocol: HTTP/1.1
Server: 136.0.141.3 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: nginx /
Resource Hash: b4222a7fa46c82fcbdc0f490e59144f40e71aa4ddfc452f50a40da1d53dc7b2f

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://www.patpaynter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 08:11:59 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE
Content-Type: text/html;charset=utf-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin

GET
H/1.1 200
OK tianbi-common.php Show response
136.0.141.3/ 70 B
536 B 471ms
157ms XHR
text/html 136.0.141.3
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: http://136.0.141.3/tianbi-common.php?val=tianbi1&t=0.42813110866584747?v=03134841019194665
Requested by: Host: www.patpaynter.com
URL: http://www.patpaynter.com/common.js
Protocol: HTTP/1.1
Server: 136.0.141.3 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: nginx /
Resource Hash: b4222a7fa46c82fcbdc0f490e59144f40e71aa4ddfc452f50a40da1d53dc7b2f

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://www.patpaynter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 08:11:59 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE
Content-Type: text/html;charset=utf-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin

GET z_stat.php
s4.cnzz.com/ 0
0

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 37 KB
14 KB 1314ms
649ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?b612079d928e97fce7171ee79868a9fe

Requested by

Host: www.patpaynter.com
URL: http://www.patpaynter.com/tj.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

67651e716604cbfc0a227caef15b468e239be03075e7fb69aaea8cdb7cdbd30d

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://www.patpaynter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 08:12:00 GMT
Content-Encoding: gzip
Server: apache
Etag: a3dd0de2a1b45d4496cc813caeef4d44
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 13738

GET
H2 200 / Show response
klx20.zhgm1jglhk.com/ Frame 8D8F 36 KB
7 KB 814ms
581ms Document
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klx20.zhgm1jglhk.com/
Requested by: Host: www.patpaynter.com
URL: http://www.patpaynter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3510d2088a921a15d67f6f89d7e3f9a8d329e71403d5734e479a78445f43f51

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: http://www.patpaynter.com/

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7O%2FGqAeVXG25NBCyPisAdHfh7qBpN7gTCB9FPQJxMuge7h2Q1%2FCW3wotxWDV3yxxBykG%2F7Y472xWboCsVgQifFXigTdhdf3oGVg%2FYripKcGB8C%2F0of%2FXwtyzjOBTZz6XIyuZMhB0bmyCoSMjlkO5buk%2BHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e60e792595b9b8c-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
klx20.zhgm1jglhk.com/ Frame 013D 36 KB
7 KB 680ms
604ms Document
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klx20.zhgm1jglhk.com/
Requested by: Host: www.patpaynter.com
URL: http://www.patpaynter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3510d2088a921a15d67f6f89d7e3f9a8d329e71403d5734e479a78445f43f51

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: http://www.patpaynter.com/

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2iLzQyiqHvqYZrRbHBANIHPW%2FsrAXEMiJVSxpNcwqRvubs1OngnTt0pCelBBBnTmUVTclhuDgPgA4ihYr%2F%2Fila4ufxaHP4p6ryTbfLH%2FtZOoKrl6GuxP4k9R8tQOliAPzpsEmJVOTh%2B8tso1j8VEnnRN1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e60e79269609b8c-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK s.gif
api.share.baidu.com/ 0
116 B 1467ms
247ms Image
text/plain 180.101.212.103
CHINANET-JIANGSU-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://api.share.baidu.com/s.gif?l=http://www.patpaynter.com/
Requested by: Host: www.patpaynter.com
URL: http://www.patpaynter.com/
Protocol: HTTP/1.1
Server: 180.101.212.103 , China, ASN134770 (CHINANET-JIANGSU-SUZHOU-TAIHU-IDC CHINANET Jiangsu province Suzhou taihu IDC network, CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://www.patpaynter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 08:12:01 GMT
Content-Length: 0
Content-Type: text/plain; charset=utf-8

GET
H2 200 ate.css
klx20.zhgm1jglhk.com/template/m1938pc/css/ Frame 8D8F 74 KB
5 KB 29ms
28ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klx20.zhgm1jglhk.com/template/m1938pc/css/ate.css
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36218
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 19 Dec 2021 02:38:44 GMT
server: cloudflare
etag: W/"61be9b34-126e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nnj79OPSt8dyYuLNp8twPlJ5u7GVx70qJi0YP%2BqzQqiVPKdn5CTXbbKUGVCHAHywjZdwUF%2FJLZaeeoXzY4Q97RdBcHkr6I1AVOHM%2BRElA3mitxqYzH%2Fxb6Yeq8cRv1TfY4eFWGOUKt2VKtOGud0eYgVuDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 6e60e796193f9b8c-FRA
expires: Thu, 03 Mar 2022 10:08:22 GMT

GET
H2 200 zui.css
klx20.zhgm1jglhk.com/template/m1938pc/css/ Frame 8D8F 84 KB
16 KB 34ms
33ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klx20.zhgm1jglhk.com/template/m1938pc/css/zui.css
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecdaaaecc2e442eb2cd78382fd0d79e6d9f1c2cd99b691a259721de74e037f47

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33639
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 19 Dec 2021 02:38:44 GMT
server: cloudflare
etag: W/"61be9b34-14f36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iml0KWB6omxLJ%2Bm%2FEjyXaSMWqSdLfXKGoWdD%2FHGjoUzZMbGArXNPHpkWt%2Fed%2BLGIFgJDUwy11Yke1XciI6V8DzsrZ9DBgnFhIvWhgmnD5zGjv8wBKMIHUhBeKZG5V37ZGykAEPutTf3WHG5yvzwotOYO1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 6e60e79619409b8c-FRA
expires: Thu, 03 Mar 2022 10:51:20 GMT

GET
H2 200 xx1.js Show response
tb.learning8808.com/oitWTexq8uRCztWB/ Frame 8D8F 2 KB
1 KB 422ms
30ms Script
application/javascript 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx1.js
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 987f2137f8b591976b62f9fa502891f8a39c3e356397e6daf648ec2ca07f3222

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31760
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Mar 2022 06:19:28 GMT
server: cloudflare
etag: W/"621f0c70-9cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eI7B6EOYNGoIYS2qf%2B9F6P%2F9omAP6UHPhMWGq5O%2FlWpkcvwtwnYrekPCTRgvVteNthU4Mmo%2BksFkmxT2pgepxXYqhmVYCYNQT%2BnpUFZkJNs2v2LGXqO9lheTdlST5xUomtTN08eY7tVxppvh6%2FnFv5xs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6e60e7988ebc9c04-FRA
expires: Thu, 03 Mar 2022 11:22:40 GMT

GET
H2 200 dh1.js Show response
tb.learning8808.com/oitWTexq8uRCztWB/ Frame 8D8F 2 KB
813 B 424ms
33ms Script
application/javascript 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tb.learning8808.com/oitWTexq8uRCztWB/dh1.js
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1824978c1e05651e88e9d4ded7b204b6fef723b16a09ca46d49df0944e67f461

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27952
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 28 Feb 2022 10:42:04 GMT
server: cloudflare
etag: W/"621ca6fc-67c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XP6HY939uQNhiD4bkIOw%2BsFWnssN0kk%2F%2BjETrNhwVzTmvM28femPfcHUHkxyPMuSBroaS4CTHJ%2Fj7L%2FYwKFzhNtdJsasDOnHoRx8O5LEbksQNPmQqns7g06nRKzNo4ZWwX7xQamg8266fbZWMSxX6i8m"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6e60e7988ebd9c04-FRA
expires: Thu, 03 Mar 2022 12:26:08 GMT

GET
H2 200 dh.js Show response
tb.learning8808.com/oitWTexq8uRCztWB/ Frame 8D8F 10 KB
1 KB 422ms
31ms Script
application/javascript 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tb.learning8808.com/oitWTexq8uRCztWB/dh.js
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a1cb4b7a1265c00c0f30a10a2a13bda68f73b45b7a74bf057630048f7635419

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30405
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Mar 2022 07:25:47 GMT
server: cloudflare
etag: W/"621f1bfb-2968"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20Q%2BhSpmVYOptd2VfQj5xLPzKTThKR1Z9EndsH%2FhA85JjXUjZl%2FdA%2BxqwOE6%2B4k9cmt7CdIsLWUinZ5TiCtktLayAjkzh70pVHA9RF7PfPN5nuhmkRL%2B1nNZw%2FYFtN4AMvi%2BIgHupLoDhC8X6MQaK9t%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6e60e7988ec09c04-FRA
expires: Thu, 03 Mar 2022 11:45:15 GMT

GET
H2 200 xx2.js Show response
tb.learning8808.com/oitWTexq8uRCztWB/ Frame 8D8F 3 KB
1 KB 420ms
29ms Script
application/javascript 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx2.js
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69fe2ac490282aba84cc32a1fc3b2a7fa8aa6279b47c01a786d577689356b26a

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30405
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Mar 2022 06:19:50 GMT
server: cloudflare
etag: W/"621f0c86-c36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsS%2BvJk80t%2FI7GY7BNtx9B4kVKRtSxfE11KMowZs%2BS5fyWnjw%2BYbn4%2FzZRV103nTBMgh1niy1uyVGCi9v5Lvj1jKQnKQPpKU13%2B%2BGSLzsN0YH3rloOGLqJqR0vR9nO7AV9Kjt%2F3Z2xNDsyDAd7iIORD0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6e60e7988ec29c04-FRA
expires: Thu, 03 Mar 2022 11:45:15 GMT

GET
H2 200 250.js Show response
tb.learning8808.com/oitWTexq8uRCztWB/ Frame 8D8F 1015 B
644 B 421ms
30ms Script
application/javascript 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tb.learning8808.com/oitWTexq8uRCztWB/250.js
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99c230f6dda34920befd8af6152775b9399695744c3bb49940c3b26691578fcc

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31760
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Mar 2022 07:25:47 GMT
server: cloudflare
etag: W/"621f1bfb-3f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7RV0wviFmATIrT3xJE86q8V6hEmyXI77LEtGhfV6JvBJ98aR3JgMMyzF0gb7onqP6aqjR9gzVLXm%2Ft5zDxCOd2foYRRhrgjl07%2FWBdYAgM9hINmwG9S2GyegQXGaGfV0yrZp4Hgq5xwk%2FuCV7BJuOwnH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6e60e7988ec59c04-FRA
expires: Thu, 03 Mar 2022 11:22:40 GMT

GET
H2 200 ea63a3847b4b7cff24da8b05aeb51b41.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 9 KB
9 KB 613ms
300ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/ea63a3847b4b7cff24da8b05aeb51b41.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

2818de9df2e84a4f89cd2a5e4a9b01f900a41abbe42f30ce795f8f512b0aec14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:48 GMT
server: nginx
etag: "621fc5e8-24c7"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9415
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 1930e186e1fbee757fe8d73f901c7125.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 8 KB
8 KB 613ms
301ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/1930e186e1fbee757fe8d73f901c7125.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

ec72edc31a8bc63696e1735bc67738452ec07e8b03e5e3c231914adfcf2d59b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:47 GMT
server: nginx
etag: "621fc5e7-1fa5"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8101
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 be471cee3e14f9776b7780b18b2604bf.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 9 KB
9 KB 614ms
302ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/be471cee3e14f9776b7780b18b2604bf.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

77f94808c4a06864e707d1c5127b7e2a8fe32188835a3b4e69b791d54d87b25b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:47 GMT
server: nginx
etag: "621fc5e7-23bb"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9147
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 ee8bb3389f2c1dd2304cfec9fbeb2179.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 14 KB
15 KB 763ms
451ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/ee8bb3389f2c1dd2304cfec9fbeb2179.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

a2bb285b36f13b7b8db05efb01aca92aaca6f421c41f79c5fda7aa79a42bf6c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:46 GMT
server: nginx
etag: "621fc5e6-3997"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14743
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 b5cfc501f269a23b71ac228d1860be18.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 10 KB
10 KB 764ms
452ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/b5cfc501f269a23b71ac228d1860be18.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

e4c7bb3eff1a893b389887fea57f643a0fe29324cd90d3cd28ef03c9e82b1858

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:45 GMT
server: nginx
etag: "621fc5e5-272d"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10029
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 9f8ac5bce5d6b19051c8675f03b8db5b.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 10 KB
11 KB 763ms
452ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/9f8ac5bce5d6b19051c8675f03b8db5b.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

6bbc3999ad9e1210bd5df9fc4fa82a68a6d8943651a5359fb3374b4863351171

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:45 GMT
server: nginx
etag: "621fc5e5-29fd"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10749
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 ba3144412480259efb44f127121e3642.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 13 KB
13 KB 352ms
346ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/ba3144412480259efb44f127121e3642.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

4f5a4ccfc76ba88ee5137d66be94d473a9d1063a49b90b37aa01c8d1fb83eec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:45 GMT
server: nginx
etag: "621fc5e5-3285"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12933
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 04cd61406226d7aa241625f919f0230f.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 12 KB
12 KB 353ms
346ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/04cd61406226d7aa241625f919f0230f.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

685f869567b7545ec731df077a42e0bda8fbb6191a8490052764160e7990d03b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:45 GMT
server: nginx
etag: "621fc5e5-2e5b"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11867
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 4563dcfbcaef70d1d7e5330573a21c2d.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 10 KB
10 KB 353ms
346ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/4563dcfbcaef70d1d7e5330573a21c2d.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

a2d53d3ef2f1635760e7446235542b945d8f0df2d95b3ab535129b0b32199deb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:44 GMT
server: nginx
etag: "621fc5e4-2655"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9813
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 4a2f5b03c1ab697f5881022d96a7ab60.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 12 KB
12 KB 353ms
346ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/4a2f5b03c1ab697f5881022d96a7ab60.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

14380270398b6ab5a64a3c2ca7e3bd85bceb8f34f61e92147c89e55972f6f4e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:43 GMT
server: nginx
etag: "621fc5e3-2f57"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12119
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 251.js Show response
tb.learning8808.com/oitWTexq8uRCztWB/ Frame 8D8F 1013 B
711 B 434ms
46ms Script
application/javascript 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tb.learning8808.com/oitWTexq8uRCztWB/251.js
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48d9c97e960ea624115f37b50d82d86a168a5a866702656fd70aac7955ace5e4

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30402
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Mar 2022 07:25:47 GMT
server: cloudflare
etag: W/"621f1bfb-3f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j9wAVYdBwkZ4kt6JD%2BLSb6LtzZ%2Fe8Cc2UbuI9%2FaYERnBtSG3EfEWM2ct3sF%2BRkry6afFW7vhbcb%2BGTGMm1kgFEVBHjqif1j5pAttoWDVz91Cnl7Z2YlMbyGIjURvLFdp5yHqMQiCHXqgyorwW3kj%2B0iT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6e60e798af0a9c04-FRA
expires: Thu, 03 Mar 2022 11:45:18 GMT

GET
H2 200 018b747f2a4bd213177d1ad1c3425814.jpg
www.gg123456789gg.com/upload/vod/20220227-1/ Frame 8D8F 11 KB
11 KB 353ms
346ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220227-1/018b747f2a4bd213177d1ad1c3425814.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

6bd538fb6e84fca951672a58265f9d0dfdd16f714b37ca516b8a365cf9421b28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Sat, 26 Feb 2022 16:30:17 GMT
server: nginx
etag: "621a5599-2cb0"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11440
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 15465c391de8726ff720db7ef832e4ed.jpg
www.gg123456789gg.com/upload/vod/20220227-1/ Frame 8D8F 10 KB
10 KB 353ms
347ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220227-1/15465c391de8726ff720db7ef832e4ed.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

34828087dc10669f0fddd44df9e4b7eeacbc9d01c9e42955cae08ed3a238e79f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Sat, 26 Feb 2022 16:30:15 GMT
server: nginx
etag: "621a5597-264f"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9807
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 1c4f84ecaa4076e3a978f72ff7187ea8.jpg
www.gg123456789gg.com/upload/vod/20220227-1/ Frame 8D8F 10 KB
10 KB 353ms
347ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220227-1/1c4f84ecaa4076e3a978f72ff7187ea8.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

2c9a782076cff43d1f21b6793d40feee1292200b0e1b748abf86292e92604764

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Sat, 26 Feb 2022 16:30:13 GMT
server: nginx
etag: "621a5595-266a"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9834
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 6328f4f1162faf2661a603cdb12d271c.jpg
www.gg123456789gg.com/upload/vod/20220227-1/ Frame 8D8F 8 KB
9 KB 353ms
347ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220227-1/6328f4f1162faf2661a603cdb12d271c.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

e68fd3347698d703093244a4201c23c9314d4a4be7cdd1f00736115ca4c30b1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Sat, 26 Feb 2022 16:30:14 GMT
server: nginx
etag: "621a5596-2173"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8563
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 1c95c20c3b94a60d0624d5b084535cac.jpg
www.gg123456789gg.com/upload/vod/20220227-1/ Frame 8D8F 11 KB
11 KB 354ms
347ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220227-1/1c95c20c3b94a60d0624d5b084535cac.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

4f57f813f72ae2287bef8bf7c9c334e8912eea509a73dce143d816994b2cb185

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Sat, 26 Feb 2022 16:30:13 GMT
server: nginx
etag: "621a5595-2a8a"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10890
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 1eda651724d4185f05b2d7cbf4626214.jpg
www.gg123456789gg.com/upload/vod/20220227-1/ Frame 8D8F 9 KB
9 KB 354ms
347ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220227-1/1eda651724d4185f05b2d7cbf4626214.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

1a4d5f449b1c0a4ea0350b7fa99cb17121079bfa1714e805188b463484d2bc71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Sat, 26 Feb 2022 16:30:11 GMT
server: nginx
etag: "621a5593-2359"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9049
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 468be10368781a1556e26e1f74fd0c77.jpg
www.gg123456789gg.com/upload/vod/20220227-1/ Frame 8D8F 8 KB
9 KB 354ms
347ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220227-1/468be10368781a1556e26e1f74fd0c77.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

7743b20de9f21d13b507bc29ae259c25a0be059e77d796ba72e1b3a7e510a100

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Sat, 26 Feb 2022 16:30:08 GMT
server: nginx
etag: "621a5590-2167"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8551
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 6f21a1529ee178040fefd9efc08637cd.jpg
www.gg123456789gg.com/upload/vod/20220226-1/ Frame 8D8F 5 KB
5 KB 354ms
348ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220226-1/6f21a1529ee178040fefd9efc08637cd.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

162eb757b36e448c19ba5475bf1f616fe13b33b0db1f030b9c816182c0710ad1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Sat, 26 Feb 2022 01:30:07 GMT
server: nginx
etag: "6219829f-14b6"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 5302
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 0743417c3d68d8e872198f2a9d1eca30.jpg
www.gg123456789gg.com/upload/vod/20220226-1/ Frame 8D8F 10 KB
10 KB 354ms
348ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220226-1/0743417c3d68d8e872198f2a9d1eca30.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

80a8fa2d4d86821b69dbdea7808a928f21b74fbff18f9074fa788f828b2288a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Sat, 26 Feb 2022 01:30:07 GMT
server: nginx
etag: "6219829f-260a"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9738
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 374ab48726835d75a83e6d83766e1fca.jpg
www.gg123456789gg.com/upload/vod/20220226-1/ Frame 8D8F 10 KB
10 KB 354ms
348ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220226-1/374ab48726835d75a83e6d83766e1fca.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

d5363b8fcdd964b113a00267225a5057093bf50624ef769fc30d4c3cbf6dd433

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Sat, 26 Feb 2022 01:30:08 GMT
server: nginx
etag: "621982a0-2680"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9856
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H3 200 252.js Show response
tb.learning8808.com/oitWTexq8uRCztWB/ Frame 8D8F 1013 B
931 B 76ms
30ms Script
application/javascript 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tb.learning8808.com/oitWTexq8uRCztWB/252.js
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 497c49eb891c9b30be1f4268a1747032241ff5faa3bda79cf268e4f2f4046539

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31757
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Mar 2022 07:25:47 GMT
server: cloudflare
etag: W/"621f1bfb-3f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NyZDFE7MP0oHvUY7gSv6dRo042k5cEscByCjsufHvVL1gxGz32j65sgzcDEnhNhsfv%2FkqGxCoGtuDEfO7E6qagNcNU3ysVUNjs6CoSAjkP928zQAiC0BDT6rfAAFxES7exdeXt5wXSXhF8nlMBveZ2ac"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6e60e79908df918c-FRA
expires: Thu, 03 Mar 2022 11:22:43 GMT

GET
H2 200 98a6ec61df8dca799e46489b342f206f.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 8 KB
8 KB 354ms
348ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/98a6ec61df8dca799e46489b342f206f.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

408cf82d77e42f25d4b635cc4cb4502f3de6699503f61df80346da479023a485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:58 GMT
server: nginx
etag: "621fc5f2-2125"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8485
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 338b1b88a83b69635b77319992538ebb.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 10 KB
11 KB 355ms
348ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/338b1b88a83b69635b77319992538ebb.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

b9c8d72d1f4e1d46ed86f48c19c43a7c56e9977fb495bb27eb0d77fc5869a72f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:57 GMT
server: nginx
etag: "621fc5f1-295c"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10588
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 4061b58417b84be1ea3b0b8612c2469a.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 10 KB
11 KB 355ms
348ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/4061b58417b84be1ea3b0b8612c2469a.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

07f837fc87342ae40c7d1c763f14cf91e041193daabfea0a241e2a74f0f39fc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:57 GMT
server: nginx
etag: "621fc5f1-2979"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10617
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 398e657c5f5e9ac53a6118e15ab36927.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 10 KB
10 KB 355ms
348ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/398e657c5f5e9ac53a6118e15ab36927.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

002d24c6abf2015d2635bb9e51812ba5906284d568e3f15b741eeee49400dbb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:57 GMT
server: nginx
etag: "621fc5f1-27aa"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10154
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 e3591549ae9dc6fbbb5457d874e57d31.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 10 KB
10 KB 355ms
349ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/e3591549ae9dc6fbbb5457d874e57d31.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

d484a55336729e37b21d8e083654895c7f457831117a9b69ffd780c0c033801d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:57 GMT
server: nginx
etag: "621fc5f1-2708"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9992
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 84066e265432a177401434c7d4d6c68d.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 12 KB
13 KB 355ms
349ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/84066e265432a177401434c7d4d6c68d.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

3689e99467f7bc5ca6378b99e4cf45893ad611d2ac5e2f763030d81b595e8b4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:56 GMT
server: nginx
etag: "621fc5f0-3153"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12627
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 cdfca48d2130416c72a2b315fd928f52.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 7 KB
7 KB 355ms
349ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/cdfca48d2130416c72a2b315fd928f52.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

b4276ffae8e95780a5d0d36a3096544b9b1ba58e448f71dcf8568f5e60270ecc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:56 GMT
server: nginx
etag: "621fc5f0-1d1c"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7452
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 99e5ba3383288cd25db27102b28fee7a.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 14 KB
15 KB 355ms
349ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/99e5ba3383288cd25db27102b28fee7a.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

b93d6f671db8d0002d845adc37ccd7a3b46906ff323ae836c7308187d4bb0081

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:54 GMT
server: nginx
etag: "621fc5ee-3978"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14712
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 d9ecf404da3f773eb31aca5bd29c0d45.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 11 KB
11 KB 355ms
349ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/d9ecf404da3f773eb31aca5bd29c0d45.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

48154269d74debd70b5ac1bd8e4cf2376b34eaaf46acecfc47382b53b81944bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:54 GMT
server: nginx
etag: "621fc5ee-2c6e"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11374
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 d1e459866a2b3441b05afc22a12643e9.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 9 KB
9 KB 355ms
349ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/d1e459866a2b3441b05afc22a12643e9.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

358ac7b26cf694cc28386d67ee604bc6e6ad967ad6c9339c134881ed68dc194f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:53 GMT
server: nginx
etag: "621fc5ed-2391"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9105
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H3 200 253.js Show response
tb.learning8808.com/oitWTexq8uRCztWB/ Frame 8D8F 1013 B
936 B 77ms
31ms Script
application/javascript 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tb.learning8808.com/oitWTexq8uRCztWB/253.js
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0708d845c6f401e7444edb72d135f1ed22c2ef23b3be2e732c3d49265da06adb

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31757
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Mar 2022 07:25:47 GMT
server: cloudflare
etag: W/"621f1bfb-3f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hFz8%2FGLr59hUHtKQ%2B1HRlmuzNfLXQAikgoEXzY8TKnDDvtpBstLmXF1pYVqQfADMEJJOh8l8BOFKQ4QIfGhnKMRtKo2ZNL72Bnv0kCgSVBb5bfI5JCkbCIJOC%2BT6bIMM6xQ5FBFmMfi61C9IZ0em8pB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6e60e79908e0918c-FRA
expires: Thu, 03 Mar 2022 11:22:43 GMT

GET
H2 200 a49f3101baaf4f1585af3f3ae5c78c61.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 8 KB
8 KB 355ms
349ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/a49f3101baaf4f1585af3f3ae5c78c61.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

cf2e6bcbbb91f5d53e33e3232e7a7f623861b1af444463accc94a998711b68e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:27 GMT
server: nginx
etag: "621fc5d3-20ab"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8363
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 22911704abaf5fe3cff6b0bb5045edef.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 9 KB
9 KB 356ms
350ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/22911704abaf5fe3cff6b0bb5045edef.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

5349915475432a1fb7e3654fe4204a34160c83464cba25232c1756eb803d310e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:26 GMT
server: nginx
etag: "621fc5d2-23cd"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9165
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 14fd3a162a777b33e7070731ef70342e.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 10 KB
11 KB 356ms
350ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/14fd3a162a777b33e7070731ef70342e.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

35c7159b5d4851e6d7228f5f813b2f7a393f22fc56d3ea6ac50147a988bf45ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:26 GMT
server: nginx
etag: "621fc5d2-2954"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10580
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 3baf93cf8e54472f7815d16a63cb2252.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 9 KB
9 KB 356ms
350ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/3baf93cf8e54472f7815d16a63cb2252.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

04ce452cceeb517dc943056bec210aa1b81385ded72221d0e378724de872f054

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:26 GMT
server: nginx
etag: "621fc5d2-2461"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9313
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 f0b5b374432c5f1ed5854f0e2bd23936.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 12 KB
12 KB 356ms
350ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/f0b5b374432c5f1ed5854f0e2bd23936.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

1e72a4a39a2600ab1eab7c4a7ee519860b6d02d47d76b092809ab1f2260be570

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:26 GMT
server: nginx
etag: "621fc5d2-2e7d"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11901
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 da5a6a9a8945fe30666a1a9ab33268bd.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 11 KB
11 KB 356ms
350ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/da5a6a9a8945fe30666a1a9ab33268bd.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

ed4bd823d3b3819a9a510d8d36a059babf366aa3bc319bc822ecf1d152609cc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:24 GMT
server: nginx
etag: "621fc5d0-2a95"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10901
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 635b7e84822d19563662360adf10f948.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 9 KB
9 KB 356ms
350ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/635b7e84822d19563662360adf10f948.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

16c979054735f846511546676d96e89ca253fd16b20119f020b8c2bb1c47d121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:23 GMT
server: nginx
etag: "621fc5cf-24c1"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9409
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 081d44c9713519996d0f76606144f1a9.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 14 KB
14 KB 356ms
350ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/081d44c9713519996d0f76606144f1a9.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

83d794d71bf8d7f055794090c65433f0fca50f4f50501f81c53397157deffbea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:23 GMT
server: nginx
etag: "621fc5cf-3743"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14147
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 f400baf048c1925fa03967db72b31b7f.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 15 KB
15 KB 356ms
351ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/f400baf048c1925fa03967db72b31b7f.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

3eff7ed01c8983e93d1fa9130a30df54d27df1f61556fce934a1fa9926cc9122

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:23 GMT
server: nginx
etag: "621fc5cf-3c81"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15489
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 14d61f92ef2fdce77fd46d1920a49f86.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 9 KB
9 KB 357ms
351ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/14d61f92ef2fdce77fd46d1920a49f86.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

b7967b2d61846d83a5dc500c9eb7e904c94f0044e19888651396cd0f853bb466

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:22 GMT
server: nginx
etag: "621fc5ce-223a"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8762
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H3 200 254.js Show response
tb.learning8808.com/oitWTexq8uRCztWB/ Frame 8D8F 1014 B
934 B 77ms
31ms Script
application/javascript 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tb.learning8808.com/oitWTexq8uRCztWB/254.js
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0471feaca519c1740ed8d5633e0414f94d1848afabf1aa0cdaa7ad3151ded26

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30404
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Mar 2022 07:25:47 GMT
server: cloudflare
etag: W/"621f1bfb-3f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s4bB1RXQqhCQanJpLoiwj088d41td5xGeSZDJ2iBtE1KAJmY7%2BmkB1SIcddN8XzXRU4usF16KxPHXPeLK2VQdYOp2QmJk8krRm9V3eJDXKMuI3F80PUkF4UAVWd%2FE8hP5Z62M9MfKvGQY2zTT1LVNTYN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6e60e79908e1918c-FRA
expires: Thu, 03 Mar 2022 11:45:16 GMT

GET
H2 200 4cfc2dfa122e8eca701b5c8c388ed1ac.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 14 KB
15 KB 357ms
351ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/4cfc2dfa122e8eca701b5c8c388ed1ac.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

141da6ff07f20ba1dae3b137ffa4e2240c92282425b42593d75ae887863c1a9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Thu, 03 Mar 2022 07:30:28 GMT
server: nginx
etag: "62206e94-39e3"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14819
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 e14d9090823e92160bb9ff9eb02f2cb4.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 12 KB
12 KB 357ms
351ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/e14d9090823e92160bb9ff9eb02f2cb4.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

8a57cb4e5eaf240ac84ebe10388f3a6e411b794f9f16beb91482a5d5507cced1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Thu, 03 Mar 2022 07:30:15 GMT
server: nginx
etag: "62206e87-2e8b"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11915
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 4ddcf4852c94300ba7d98fdbd6c56ecb.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 11 KB
11 KB 357ms
351ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/4ddcf4852c94300ba7d98fdbd6c56ecb.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

38ddb9ef6824c9e44d10365eda55c758628e6784d894156c5cf92c9b8911fb4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Thu, 03 Mar 2022 07:30:15 GMT
server: nginx
etag: "62206e87-2ca6"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11430
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 fbda88cafff5bd9bbe6fd10442365dcd.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 12 KB
12 KB 357ms
351ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/fbda88cafff5bd9bbe6fd10442365dcd.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

9fdf0799d9951ff180d5cf6efa7531a8ad7964418ca6b629df7b2a219241708b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Thu, 03 Mar 2022 07:30:07 GMT
server: nginx
etag: "62206e7f-3069"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12393
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 22b61cfc771fa5f7958558f259591f78.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 14 KB
14 KB 357ms
352ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/22b61cfc771fa5f7958558f259591f78.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

e4f33d56d98a54214716e3903e170ab014f1ef1302ae8ffa27b4f877d1c1b43b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:47 GMT
server: nginx
etag: "621fc5e7-370d"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14093
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 284e9bd54258b16ac20f901a02264740.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 11 KB
11 KB 357ms
352ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/284e9bd54258b16ac20f901a02264740.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

fe6442924d9052e9db966a454172290c50beb894c8a4e47db1bbf2ab9fcf2cf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:46 GMT
server: nginx
etag: "621fc5e6-2d0c"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11532
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 b06a4ab4982de161b435363857523ce1.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 14 KB
14 KB 357ms
352ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/b06a4ab4982de161b435363857523ce1.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

a7140b4e4fa2574239ba8d00d9dae1931712e522f0932dd30fcf8b8e381df4e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:46 GMT
server: nginx
etag: "621fc5e6-376d"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14189
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 b1edb0f591a1b94f48093350280601c2.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 13 KB
13 KB 358ms
352ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/b1edb0f591a1b94f48093350280601c2.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

1a6e208486b4667a6fdb058184c1bdf230e0042c7ce579d614a0dca8c0a46852

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:44 GMT
server: nginx
etag: "621fc5e4-32a7"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12967
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 ff99468a31aba79ea425892bec0f5b71.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 12 KB
12 KB 358ms
352ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/ff99468a31aba79ea425892bec0f5b71.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

78aa39b3ce76afad2c528a380fbe6835f2f3075bdbb41faa31afdd0fa984ba0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:44 GMT
server: nginx
etag: "621fc5e4-2eed"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12013
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 a17202108f9980726a71e2556774bef6.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 8D8F 9 KB
9 KB 358ms
352ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/a17202108f9980726a71e2556774bef6.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

c87baf1a5a8f73165ad1bf8f1396c8ab992e6091474efb11a2b664c5932d25b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:43 GMT
server: nginx
etag: "621fc5e3-234c"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9036
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H3 200 wz.js Show response
tb.learning8808.com/oitWTexq8uRCztWB/ Frame 8D8F 424 B
851 B 77ms
31ms Script
application/javascript 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tb.learning8808.com/oitWTexq8uRCztWB/wz.js
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd3cb172962051a67ac8b86973659cf2bbfa0ff970b0767fa6eb073464f3e08f

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30404
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Mar 2022 07:25:47 GMT
server: cloudflare
etag: W/"621f1bfb-1a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4kWNTZJ9pCkTiGlns51mo0ISL2YHrVlaHUBZnI5iMNZtU3j00H76yNK3XP18n%2B2sZiqP5MkSpn40SInbni7PzRGKTswptD4f0wHFjclq%2FtA2q9g8owGO3DKFIVQDApmjvH6tw%2BFtUlEGkX8%2FWQfMQgR8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6e60e79908e2918c-FRA
expires: Thu, 03 Mar 2022 11:45:16 GMT

GET
H3 200 wz1.js Show response
tb.learning8808.com/oitWTexq8uRCztWB/ Frame 8D8F 441 B
877 B 78ms
33ms Script
application/javascript 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tb.learning8808.com/oitWTexq8uRCztWB/wz1.js
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16061291fde455f895453dfe0d93bd614bec4bd56f9612757e15b60f737d7795

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31754
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Mar 2022 07:25:47 GMT
server: cloudflare
etag: W/"621f1bfb-1b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IpBaSzgmoxSzkEz3aTAMEJ7TV%2BxZBTrUcAUxox58PPI1dyza%2BRNrHMDlw3lkGaUr9k8yfAa5FrVxWeWS6NO1X9lHJdKqBjVCqu4pL2z0YWLA2L9JU%2FxIO6TzuYQ98mZ0ErDC%2FkRNOlMukGfHywuyIQ%2Fz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6e60e79908e3918c-FRA
expires: Thu, 03 Mar 2022 11:22:46 GMT

GET
H3 200 xx3.js Show response
tb.learning8808.com/oitWTexq8uRCztWB/ Frame 8D8F 2 KB
1 KB 79ms
33ms Script
application/javascript 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx3.js
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d47150bf44841c5cf6cdd90fc794f393cb0dfc8060f727c217d1913b8ca2cb7

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31755
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Mar 2022 06:19:55 GMT
server: cloudflare
etag: W/"621f0c8b-7a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sxXMKZ4%2FoFi50l9TOSyuA7HWVKRMcz8jStI6%2BXXYhsedIt5sK8%2BXR7INGV%2B1JNpMCc1c%2BOqL6ng0%2BOlb%2BfLh%2FPWNJZESc66PTVU7N84Gs3oIRoNYsjz1KFGm4gcPUuXey1Qe8Hgj78uPPn2hBMqebWWA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6e60e79908e5918c-FRA
expires: Thu, 03 Mar 2022 11:22:45 GMT

GET
H3 200 foot.js Show response
tb.learning8808.com/oitWTexq8uRCztWB/ Frame 8D8F 1 KB
1 KB 81ms
35ms Script
application/javascript 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tb.learning8808.com/oitWTexq8uRCztWB/foot.js
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8b69a21942a9270c3bb3db017821ef68fc752655d4f25656be3752ffd7fb733

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31755
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 20 Dec 2021 06:07:37 GMT
server: cloudflare
etag: W/"61c01da9-44d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OAYD7dKv3XWRlAvpG3DNfqGjBm%2FQcPoFf45bUoKEGk5lvPFGg3oDxLaBi5PvI6Y5LwsHwXwNTvbiNuZkGD1RuBd88bYZlV2hNhdCKuxsmthq%2BXJpiX8E75nIksL2Ys4OHLJz%2BACpM%2B%2F2mdb5dsJNt270"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6e60e79908e6918c-FRA
expires: Thu, 03 Mar 2022 11:22:45 GMT

GET
H2 200 ate.css
klx20.zhgm1jglhk.com/template/m1938pc/css/ Frame 013D 74 KB
5 KB 28ms
27ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klx20.zhgm1jglhk.com/template/m1938pc/css/ate.css
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36218
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 19 Dec 2021 02:38:44 GMT
server: cloudflare
etag: W/"61be9b34-126e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V6icDmC7aQDwnGxXvLHvQWUi%2F8%2BBEFFJtYJmeQt4rgE8rIPLyI4Ig9Nt2tAaG4HjsFC8kE0u13NSSMkcyOyQ5TOswRrljsbyTIq9ivzJcumW8uuPFkpFcyFW3lKmvl9Q3sOHI6eTc45KSK8T3%2BXZyiVNAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 6e60e79639749b8c-FRA
expires: Thu, 03 Mar 2022 10:08:22 GMT

GET
H2 200 zui.css
klx20.zhgm1jglhk.com/template/m1938pc/css/ Frame 013D 84 KB
16 KB 30ms
28ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klx20.zhgm1jglhk.com/template/m1938pc/css/zui.css
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecdaaaecc2e442eb2cd78382fd0d79e6d9f1c2cd99b691a259721de74e037f47

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33639
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 19 Dec 2021 02:38:44 GMT
server: cloudflare
etag: W/"61be9b34-14f36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AnQlzEvWBp3WMyb%2Bed7x8uYuuDnyxGr5zdf%2F7lytPn493EjarXQsD7RTA7G5AmO66QsDUFYi27%2FhC0bNZZvU0KiGYuLM1dyuj1%2F%2Ba6q7phxb6ALeqmHVZ7drSZXGftLi1mktV4B6dIQ%2FExVpsJsdIIRdUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 6e60e79639769b8c-FRA
expires: Thu, 03 Mar 2022 10:51:20 GMT

GET
H2 200 xx1.js Show response
tb.learning8808.com/oitWTexq8uRCztWB/ Frame 013D 2 KB
1 KB 403ms
28ms Script
application/javascript 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx1.js
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 987f2137f8b591976b62f9fa502891f8a39c3e356397e6daf648ec2ca07f3222

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31760
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Mar 2022 06:19:28 GMT
server: cloudflare
etag: W/"621f0c70-9cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmP9XcuDE82OWjOoaWeQXwpxOSDNYhmkjJHKs1KLYhalV3xifaHWDq1MFYqkgmRhrAGvqYu282FXuFlc49HG6iaUmCmpESfiabe%2FSUfmcyDs%2F61MpGYodeFotmtr2q41ma4sX6Evnr3P%2FFAtcI%2FIWAY9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6e60e7988ec79c04-FRA
expires: Thu, 03 Mar 2022 11:22:40 GMT

GET
H2 200 dh1.js Show response
tb.learning8808.com/oitWTexq8uRCztWB/ Frame 013D 2 KB
1005 B 420ms
45ms Script
application/javascript 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tb.learning8808.com/oitWTexq8uRCztWB/dh1.js
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1824978c1e05651e88e9d4ded7b204b6fef723b16a09ca46d49df0944e67f461

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27952
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 28 Feb 2022 10:42:04 GMT
server: cloudflare
etag: W/"621ca6fc-67c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKZpmXUu3AIcX4KYmu93Oi%2FX%2FPGY4erk2XDCDvJaR0bv0JpnxUcEvkL4yNDlN%2BtFA8QuFLibGVTTD3MsodJtrVovRFmWl%2FuorK1WW0l2respA8FmUynULHBMX%2FYqxaXrtB2LGsi2vfPyoLhVEFdhWKBg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6e60e798af039c04-FRA
expires: Thu, 03 Mar 2022 12:26:08 GMT

GET
H2 200 dh.js Show response
tb.learning8808.com/oitWTexq8uRCztWB/ Frame 013D 10 KB
1 KB 402ms
27ms Script
application/javascript 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tb.learning8808.com/oitWTexq8uRCztWB/dh.js
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a1cb4b7a1265c00c0f30a10a2a13bda68f73b45b7a74bf057630048f7635419

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30405
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Mar 2022 07:25:47 GMT
server: cloudflare
etag: W/"621f1bfb-2968"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MhhPkYEw1AWdRXq2uQ4U%2FfCS8V2qv5udVp7qPry5yaNksYiTpZLdFZWM8G4l4uNW2vgnVV06Khh2Trabmx0Y9oAEVNyccOBYV0i7jK2ypgIzFaExZ9tBEAQcZ48Ym%2BRP5midz8ox9jxeKIVMCYkmQF6m"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6e60e7988eca9c04-FRA
expires: Thu, 03 Mar 2022 11:45:15 GMT

GET
H2 200 xx2.js Show response
tb.learning8808.com/oitWTexq8uRCztWB/ Frame 013D 3 KB
1 KB 420ms
46ms Script
application/javascript 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx2.js
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69fe2ac490282aba84cc32a1fc3b2a7fa8aa6279b47c01a786d577689356b26a

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30405
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Mar 2022 06:19:50 GMT
server: cloudflare
etag: W/"621f0c86-c36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2BUCkfeCjRiyEAL7mxqd6TNneZCy%2BCuStpbATIA5Cj8O5PKSFdhbAH40EaLO8JDPVzDI%2BiRIcIP0OUXZ%2FDHUZMF9EMf294n6yPwgl5qcYJwPKpyqmdSR9YwqcPIc8Rqi3lOrdxVsCMcpuT0FjCzAL9sH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6e60e798af059c04-FRA
expires: Thu, 03 Mar 2022 11:45:15 GMT

GET
H2 200 250.js Show response
tb.learning8808.com/oitWTexq8uRCztWB/ Frame 013D 1015 B
662 B 403ms
28ms Script
application/javascript 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tb.learning8808.com/oitWTexq8uRCztWB/250.js
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99c230f6dda34920befd8af6152775b9399695744c3bb49940c3b26691578fcc

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31760
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Mar 2022 07:25:47 GMT
server: cloudflare
etag: W/"621f1bfb-3f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZetQy%2B7mLUM3Egj%2BZ8m%2FgF6yDN13r5j0Gi3env9HJIHXIQbJIwlf3AqT45lqZpjdrPkuGSolPj9PGyYarwcnp%2Fn%2BTylj316SpJzkEzWUqrBIPaIxK0gw%2BihCg5fk0leTPJVjes6q0MnQU99vDrXfdN0l"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6e60e7988ec99c04-FRA
expires: Thu, 03 Mar 2022 11:22:40 GMT

GET
H2 200 ea63a3847b4b7cff24da8b05aeb51b41.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 9 KB
9 KB 745ms
452ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/ea63a3847b4b7cff24da8b05aeb51b41.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

2818de9df2e84a4f89cd2a5e4a9b01f900a41abbe42f30ce795f8f512b0aec14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:48 GMT
server: nginx
etag: "621fc5e8-24c7"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9415
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 1930e186e1fbee757fe8d73f901c7125.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 8 KB
8 KB 745ms
452ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/1930e186e1fbee757fe8d73f901c7125.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

ec72edc31a8bc63696e1735bc67738452ec07e8b03e5e3c231914adfcf2d59b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:47 GMT
server: nginx
etag: "621fc5e7-1fa5"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8101
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 be471cee3e14f9776b7780b18b2604bf.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 9 KB
9 KB 745ms
453ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/be471cee3e14f9776b7780b18b2604bf.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

77f94808c4a06864e707d1c5127b7e2a8fe32188835a3b4e69b791d54d87b25b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:47 GMT
server: nginx
etag: "621fc5e7-23bb"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9147
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 ee8bb3389f2c1dd2304cfec9fbeb2179.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 14 KB
15 KB 745ms
453ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/ee8bb3389f2c1dd2304cfec9fbeb2179.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

a2bb285b36f13b7b8db05efb01aca92aaca6f421c41f79c5fda7aa79a42bf6c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:46 GMT
server: nginx
etag: "621fc5e6-3997"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14743
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 b5cfc501f269a23b71ac228d1860be18.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 10 KB
10 KB 745ms
453ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/b5cfc501f269a23b71ac228d1860be18.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

e4c7bb3eff1a893b389887fea57f643a0fe29324cd90d3cd28ef03c9e82b1858

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:45 GMT
server: nginx
etag: "621fc5e5-272d"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10029
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 9f8ac5bce5d6b19051c8675f03b8db5b.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 10 KB
11 KB 746ms
453ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/9f8ac5bce5d6b19051c8675f03b8db5b.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

6bbc3999ad9e1210bd5df9fc4fa82a68a6d8943651a5359fb3374b4863351171

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:45 GMT
server: nginx
etag: "621fc5e5-29fd"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10749
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 ba3144412480259efb44f127121e3642.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 13 KB
13 KB 347ms
338ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/ba3144412480259efb44f127121e3642.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

4f5a4ccfc76ba88ee5137d66be94d473a9d1063a49b90b37aa01c8d1fb83eec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:45 GMT
server: nginx
etag: "621fc5e5-3285"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12933
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 04cd61406226d7aa241625f919f0230f.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 12 KB
12 KB 347ms
338ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/04cd61406226d7aa241625f919f0230f.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

685f869567b7545ec731df077a42e0bda8fbb6191a8490052764160e7990d03b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:45 GMT
server: nginx
etag: "621fc5e5-2e5b"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11867
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 4563dcfbcaef70d1d7e5330573a21c2d.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 10 KB
10 KB 348ms
339ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/4563dcfbcaef70d1d7e5330573a21c2d.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

a2d53d3ef2f1635760e7446235542b945d8f0df2d95b3ab535129b0b32199deb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:44 GMT
server: nginx
etag: "621fc5e4-2655"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9813
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 4a2f5b03c1ab697f5881022d96a7ab60.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 12 KB
12 KB 348ms
339ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/4a2f5b03c1ab697f5881022d96a7ab60.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

14380270398b6ab5a64a3c2ca7e3bd85bceb8f34f61e92147c89e55972f6f4e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:43 GMT
server: nginx
etag: "621fc5e3-2f57"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12119
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 251.js Show response
tb.learning8808.com/oitWTexq8uRCztWB/ Frame 013D 1013 B
643 B 418ms
49ms Script
application/javascript 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tb.learning8808.com/oitWTexq8uRCztWB/251.js
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48d9c97e960ea624115f37b50d82d86a168a5a866702656fd70aac7955ace5e4

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30402
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Mar 2022 07:25:47 GMT
server: cloudflare
etag: W/"621f1bfb-3f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pv9vbqo96wD1UAwN4ItaTG%2FFkG638hwi3MgmBNcBEx6RP4AlLAmvlCOS1nnjQbLxRtbDNJ3mXBA7gcAsKHZaR2rMmzA62%2FPtI98DtGk22M7d2swZKY3YWlxzXka359YYKs%2BpYBvbmh%2BWOLdc2YGlelED"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6e60e798af089c04-FRA
expires: Thu, 03 Mar 2022 11:45:18 GMT

GET
H2 200 018b747f2a4bd213177d1ad1c3425814.jpg
www.gg123456789gg.com/upload/vod/20220227-1/ Frame 013D 11 KB
11 KB 348ms
339ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220227-1/018b747f2a4bd213177d1ad1c3425814.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

6bd538fb6e84fca951672a58265f9d0dfdd16f714b37ca516b8a365cf9421b28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Sat, 26 Feb 2022 16:30:17 GMT
server: nginx
etag: "621a5599-2cb0"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11440
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 15465c391de8726ff720db7ef832e4ed.jpg
www.gg123456789gg.com/upload/vod/20220227-1/ Frame 013D 10 KB
10 KB 348ms
339ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220227-1/15465c391de8726ff720db7ef832e4ed.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

34828087dc10669f0fddd44df9e4b7eeacbc9d01c9e42955cae08ed3a238e79f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Sat, 26 Feb 2022 16:30:15 GMT
server: nginx
etag: "621a5597-264f"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9807
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 1c4f84ecaa4076e3a978f72ff7187ea8.jpg
www.gg123456789gg.com/upload/vod/20220227-1/ Frame 013D 10 KB
10 KB 348ms
340ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220227-1/1c4f84ecaa4076e3a978f72ff7187ea8.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

2c9a782076cff43d1f21b6793d40feee1292200b0e1b748abf86292e92604764

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Sat, 26 Feb 2022 16:30:13 GMT
server: nginx
etag: "621a5595-266a"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9834
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 6328f4f1162faf2661a603cdb12d271c.jpg
www.gg123456789gg.com/upload/vod/20220227-1/ Frame 013D 8 KB
9 KB 348ms
340ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220227-1/6328f4f1162faf2661a603cdb12d271c.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

e68fd3347698d703093244a4201c23c9314d4a4be7cdd1f00736115ca4c30b1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Sat, 26 Feb 2022 16:30:14 GMT
server: nginx
etag: "621a5596-2173"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8563
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 1c95c20c3b94a60d0624d5b084535cac.jpg
www.gg123456789gg.com/upload/vod/20220227-1/ Frame 013D 11 KB
11 KB 349ms
340ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220227-1/1c95c20c3b94a60d0624d5b084535cac.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

4f57f813f72ae2287bef8bf7c9c334e8912eea509a73dce143d816994b2cb185

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Sat, 26 Feb 2022 16:30:13 GMT
server: nginx
etag: "621a5595-2a8a"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10890
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 1eda651724d4185f05b2d7cbf4626214.jpg
www.gg123456789gg.com/upload/vod/20220227-1/ Frame 013D 9 KB
9 KB 349ms
340ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220227-1/1eda651724d4185f05b2d7cbf4626214.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

1a4d5f449b1c0a4ea0350b7fa99cb17121079bfa1714e805188b463484d2bc71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Sat, 26 Feb 2022 16:30:11 GMT
server: nginx
etag: "621a5593-2359"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9049
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 468be10368781a1556e26e1f74fd0c77.jpg
www.gg123456789gg.com/upload/vod/20220227-1/ Frame 013D 8 KB
9 KB 349ms
340ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220227-1/468be10368781a1556e26e1f74fd0c77.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

7743b20de9f21d13b507bc29ae259c25a0be059e77d796ba72e1b3a7e510a100

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Sat, 26 Feb 2022 16:30:08 GMT
server: nginx
etag: "621a5590-2167"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8551
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 6f21a1529ee178040fefd9efc08637cd.jpg
www.gg123456789gg.com/upload/vod/20220226-1/ Frame 013D 5 KB
5 KB 349ms
340ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220226-1/6f21a1529ee178040fefd9efc08637cd.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

162eb757b36e448c19ba5475bf1f616fe13b33b0db1f030b9c816182c0710ad1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Sat, 26 Feb 2022 01:30:07 GMT
server: nginx
etag: "6219829f-14b6"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 5302
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 0743417c3d68d8e872198f2a9d1eca30.jpg
www.gg123456789gg.com/upload/vod/20220226-1/ Frame 013D 10 KB
10 KB 349ms
341ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220226-1/0743417c3d68d8e872198f2a9d1eca30.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

80a8fa2d4d86821b69dbdea7808a928f21b74fbff18f9074fa788f828b2288a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Sat, 26 Feb 2022 01:30:07 GMT
server: nginx
etag: "6219829f-260a"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9738
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 374ab48726835d75a83e6d83766e1fca.jpg
www.gg123456789gg.com/upload/vod/20220226-1/ Frame 013D 10 KB
10 KB 349ms
341ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220226-1/374ab48726835d75a83e6d83766e1fca.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

d5363b8fcdd964b113a00267225a5057093bf50624ef769fc30d4c3cbf6dd433

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Sat, 26 Feb 2022 01:30:08 GMT
server: nginx
etag: "621982a0-2680"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9856
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H3 200 252.js Show response
tb.learning8808.com/oitWTexq8uRCztWB/ Frame 013D 1013 B
937 B 81ms
33ms Script
application/javascript 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tb.learning8808.com/oitWTexq8uRCztWB/252.js
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 497c49eb891c9b30be1f4268a1747032241ff5faa3bda79cf268e4f2f4046539

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31757
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Mar 2022 07:25:47 GMT
server: cloudflare
etag: W/"621f1bfb-3f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A9gViupWuzsk0OrpyrTChRU28rSXn5D1z0MOA%2B7Xfikl0AlVzYaBRPN%2FV4%2Bc7f%2FRcV6zwagDv1J5ItBCmv3yXsL7ePAfvDmnptCgxrXz3E96j26FpO6BjNHWFtEbyQV1x9CUvYPQJq0kECGO3nxJPxwt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6e60e79908d9918c-FRA
expires: Thu, 03 Mar 2022 11:22:43 GMT

GET
H2 200 98a6ec61df8dca799e46489b342f206f.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 8 KB
8 KB 349ms
341ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/98a6ec61df8dca799e46489b342f206f.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

408cf82d77e42f25d4b635cc4cb4502f3de6699503f61df80346da479023a485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:58 GMT
server: nginx
etag: "621fc5f2-2125"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8485
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 338b1b88a83b69635b77319992538ebb.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 10 KB
11 KB 350ms
341ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/338b1b88a83b69635b77319992538ebb.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

b9c8d72d1f4e1d46ed86f48c19c43a7c56e9977fb495bb27eb0d77fc5869a72f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:57 GMT
server: nginx
etag: "621fc5f1-295c"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10588
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 4061b58417b84be1ea3b0b8612c2469a.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 10 KB
11 KB 350ms
341ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/4061b58417b84be1ea3b0b8612c2469a.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

07f837fc87342ae40c7d1c763f14cf91e041193daabfea0a241e2a74f0f39fc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:57 GMT
server: nginx
etag: "621fc5f1-2979"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10617
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 398e657c5f5e9ac53a6118e15ab36927.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 10 KB
10 KB 350ms
341ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/398e657c5f5e9ac53a6118e15ab36927.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

002d24c6abf2015d2635bb9e51812ba5906284d568e3f15b741eeee49400dbb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:57 GMT
server: nginx
etag: "621fc5f1-27aa"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10154
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 e3591549ae9dc6fbbb5457d874e57d31.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 10 KB
10 KB 350ms
341ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/e3591549ae9dc6fbbb5457d874e57d31.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

d484a55336729e37b21d8e083654895c7f457831117a9b69ffd780c0c033801d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:57 GMT
server: nginx
etag: "621fc5f1-2708"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9992
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 84066e265432a177401434c7d4d6c68d.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 12 KB
13 KB 350ms
342ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/84066e265432a177401434c7d4d6c68d.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

3689e99467f7bc5ca6378b99e4cf45893ad611d2ac5e2f763030d81b595e8b4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:56 GMT
server: nginx
etag: "621fc5f0-3153"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12627
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 cdfca48d2130416c72a2b315fd928f52.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 7 KB
7 KB 350ms
342ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/cdfca48d2130416c72a2b315fd928f52.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

b4276ffae8e95780a5d0d36a3096544b9b1ba58e448f71dcf8568f5e60270ecc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:56 GMT
server: nginx
etag: "621fc5f0-1d1c"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7452
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 99e5ba3383288cd25db27102b28fee7a.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 14 KB
15 KB 350ms
342ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/99e5ba3383288cd25db27102b28fee7a.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

b93d6f671db8d0002d845adc37ccd7a3b46906ff323ae836c7308187d4bb0081

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:54 GMT
server: nginx
etag: "621fc5ee-3978"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14712
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 d9ecf404da3f773eb31aca5bd29c0d45.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 11 KB
11 KB 351ms
342ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/d9ecf404da3f773eb31aca5bd29c0d45.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

48154269d74debd70b5ac1bd8e4cf2376b34eaaf46acecfc47382b53b81944bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:54 GMT
server: nginx
etag: "621fc5ee-2c6e"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11374
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 d1e459866a2b3441b05afc22a12643e9.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 9 KB
9 KB 351ms
342ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/d1e459866a2b3441b05afc22a12643e9.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

358ac7b26cf694cc28386d67ee604bc6e6ad967ad6c9339c134881ed68dc194f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:53 GMT
server: nginx
etag: "621fc5ed-2391"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9105
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H3 200 253.js Show response
tb.learning8808.com/oitWTexq8uRCztWB/ Frame 013D 1013 B
974 B 78ms
30ms Script
application/javascript 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tb.learning8808.com/oitWTexq8uRCztWB/253.js
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0708d845c6f401e7444edb72d135f1ed22c2ef23b3be2e732c3d49265da06adb

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31757
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Mar 2022 07:25:47 GMT
server: cloudflare
etag: W/"621f1bfb-3f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzDUbLWaKl58Vyb3rGx4mZFS2J8Y4GCJPUv%2BwJqEoPqOmcXMAf8oSRyQ3CYZy2ulaxihT7H2WgkWk%2BHn7BMrplDerowCBQSbCbDAtqOYJk4ukwX8N5S76FytCU%2BECDoCnxiFDuse3wX%2FOF2QkzYfflSI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6e60e79908dd918c-FRA
expires: Thu, 03 Mar 2022 11:22:43 GMT

GET
H2 200 a49f3101baaf4f1585af3f3ae5c78c61.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 8 KB
8 KB 351ms
343ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/a49f3101baaf4f1585af3f3ae5c78c61.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

cf2e6bcbbb91f5d53e33e3232e7a7f623861b1af444463accc94a998711b68e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:27 GMT
server: nginx
etag: "621fc5d3-20ab"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8363
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 22911704abaf5fe3cff6b0bb5045edef.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 9 KB
9 KB 351ms
343ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/22911704abaf5fe3cff6b0bb5045edef.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

5349915475432a1fb7e3654fe4204a34160c83464cba25232c1756eb803d310e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:26 GMT
server: nginx
etag: "621fc5d2-23cd"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9165
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 14fd3a162a777b33e7070731ef70342e.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 10 KB
11 KB 351ms
343ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/14fd3a162a777b33e7070731ef70342e.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

35c7159b5d4851e6d7228f5f813b2f7a393f22fc56d3ea6ac50147a988bf45ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:26 GMT
server: nginx
etag: "621fc5d2-2954"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10580
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 3baf93cf8e54472f7815d16a63cb2252.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 9 KB
9 KB 351ms
343ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/3baf93cf8e54472f7815d16a63cb2252.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

04ce452cceeb517dc943056bec210aa1b81385ded72221d0e378724de872f054

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:26 GMT
server: nginx
etag: "621fc5d2-2461"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9313
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 f0b5b374432c5f1ed5854f0e2bd23936.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 12 KB
12 KB 351ms
343ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/f0b5b374432c5f1ed5854f0e2bd23936.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

1e72a4a39a2600ab1eab7c4a7ee519860b6d02d47d76b092809ab1f2260be570

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:26 GMT
server: nginx
etag: "621fc5d2-2e7d"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11901
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 da5a6a9a8945fe30666a1a9ab33268bd.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 11 KB
11 KB 351ms
343ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/da5a6a9a8945fe30666a1a9ab33268bd.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

ed4bd823d3b3819a9a510d8d36a059babf366aa3bc319bc822ecf1d152609cc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:24 GMT
server: nginx
etag: "621fc5d0-2a95"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10901
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 635b7e84822d19563662360adf10f948.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 9 KB
9 KB 351ms
344ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/635b7e84822d19563662360adf10f948.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

16c979054735f846511546676d96e89ca253fd16b20119f020b8c2bb1c47d121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:23 GMT
server: nginx
etag: "621fc5cf-24c1"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9409
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 081d44c9713519996d0f76606144f1a9.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 14 KB
14 KB 351ms
344ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/081d44c9713519996d0f76606144f1a9.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

83d794d71bf8d7f055794090c65433f0fca50f4f50501f81c53397157deffbea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:23 GMT
server: nginx
etag: "621fc5cf-3743"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14147
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 f400baf048c1925fa03967db72b31b7f.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 15 KB
15 KB 351ms
344ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/f400baf048c1925fa03967db72b31b7f.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

3eff7ed01c8983e93d1fa9130a30df54d27df1f61556fce934a1fa9926cc9122

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:23 GMT
server: nginx
etag: "621fc5cf-3c81"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15489
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 14d61f92ef2fdce77fd46d1920a49f86.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 9 KB
9 KB 351ms
344ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/14d61f92ef2fdce77fd46d1920a49f86.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

b7967b2d61846d83a5dc500c9eb7e904c94f0044e19888651396cd0f853bb466

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:22 GMT
server: nginx
etag: "621fc5ce-223a"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8762
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H3 200 254.js Show response
tb.learning8808.com/oitWTexq8uRCztWB/ Frame 013D 1014 B
935 B 77ms
29ms Script
application/javascript 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tb.learning8808.com/oitWTexq8uRCztWB/254.js
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0471feaca519c1740ed8d5633e0414f94d1848afabf1aa0cdaa7ad3151ded26

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30404
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Mar 2022 07:25:47 GMT
server: cloudflare
etag: W/"621f1bfb-3f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KnUP2UrEvbnV3UB2ShgwRQUzksOk2D736To5Xpk80DKSu0OC1v7IoULyFiCWRKONl8gkvVNDBQIi%2BGsMgG8s1KFKucTwGgw0zxFzVLRwLat8P9X79DcCzA3XjSdjqWsSXtwIfp%2FOOVeNzQZP4BReldkQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6e60e79908db918c-FRA
expires: Thu, 03 Mar 2022 11:45:16 GMT

GET
H2 200 4cfc2dfa122e8eca701b5c8c388ed1ac.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 14 KB
15 KB 352ms
344ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/4cfc2dfa122e8eca701b5c8c388ed1ac.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

141da6ff07f20ba1dae3b137ffa4e2240c92282425b42593d75ae887863c1a9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Thu, 03 Mar 2022 07:30:28 GMT
server: nginx
etag: "62206e94-39e3"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14819
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 e14d9090823e92160bb9ff9eb02f2cb4.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 12 KB
12 KB 352ms
344ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/e14d9090823e92160bb9ff9eb02f2cb4.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

8a57cb4e5eaf240ac84ebe10388f3a6e411b794f9f16beb91482a5d5507cced1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Thu, 03 Mar 2022 07:30:15 GMT
server: nginx
etag: "62206e87-2e8b"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11915
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 4ddcf4852c94300ba7d98fdbd6c56ecb.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 11 KB
11 KB 352ms
345ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/4ddcf4852c94300ba7d98fdbd6c56ecb.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

38ddb9ef6824c9e44d10365eda55c758628e6784d894156c5cf92c9b8911fb4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Thu, 03 Mar 2022 07:30:15 GMT
server: nginx
etag: "62206e87-2ca6"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11430
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 fbda88cafff5bd9bbe6fd10442365dcd.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 12 KB
12 KB 352ms
345ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/fbda88cafff5bd9bbe6fd10442365dcd.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

9fdf0799d9951ff180d5cf6efa7531a8ad7964418ca6b629df7b2a219241708b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Thu, 03 Mar 2022 07:30:07 GMT
server: nginx
etag: "62206e7f-3069"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12393
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 22b61cfc771fa5f7958558f259591f78.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 14 KB
14 KB 352ms
345ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/22b61cfc771fa5f7958558f259591f78.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

e4f33d56d98a54214716e3903e170ab014f1ef1302ae8ffa27b4f877d1c1b43b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:47 GMT
server: nginx
etag: "621fc5e7-370d"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14093
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 284e9bd54258b16ac20f901a02264740.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 11 KB
11 KB 352ms
345ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/284e9bd54258b16ac20f901a02264740.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

fe6442924d9052e9db966a454172290c50beb894c8a4e47db1bbf2ab9fcf2cf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:46 GMT
server: nginx
etag: "621fc5e6-2d0c"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11532
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 b06a4ab4982de161b435363857523ce1.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 14 KB
14 KB 352ms
345ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/b06a4ab4982de161b435363857523ce1.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

a7140b4e4fa2574239ba8d00d9dae1931712e522f0932dd30fcf8b8e381df4e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:46 GMT
server: nginx
etag: "621fc5e6-376d"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14189
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 b1edb0f591a1b94f48093350280601c2.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 13 KB
13 KB 352ms
345ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/b1edb0f591a1b94f48093350280601c2.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

1a6e208486b4667a6fdb058184c1bdf230e0042c7ce579d614a0dca8c0a46852

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:44 GMT
server: nginx
etag: "621fc5e4-32a7"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12967
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 ff99468a31aba79ea425892bec0f5b71.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 12 KB
12 KB 353ms
345ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/ff99468a31aba79ea425892bec0f5b71.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

78aa39b3ce76afad2c528a380fbe6835f2f3075bdbb41faa31afdd0fa984ba0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:44 GMT
server: nginx
etag: "621fc5e4-2eed"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12013
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H2 200 a17202108f9980726a71e2556774bef6.jpg
www.gg123456789gg.com/upload/vod/20220303-1/ Frame 013D 9 KB
9 KB 353ms
346ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com/upload/vod/20220303-1/a17202108f9980726a71e2556774bef6.jpg

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

c87baf1a5a8f73165ad1bf8f1396c8ab992e6091474efb11a2b664c5932d25b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
last-modified: Wed, 02 Mar 2022 19:30:43 GMT
server: nginx
etag: "621fc5e3-234c"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9036
expires: Sat, 02 Apr 2022 08:12:00 GMT

GET
H3 200 wz.js Show response
tb.learning8808.com/oitWTexq8uRCztWB/ Frame 013D 424 B
853 B 101ms
52ms Script
application/javascript 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tb.learning8808.com/oitWTexq8uRCztWB/wz.js
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd3cb172962051a67ac8b86973659cf2bbfa0ff970b0767fa6eb073464f3e08f

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30404
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Mar 2022 07:25:47 GMT
server: cloudflare
etag: W/"621f1bfb-1a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qcd8ibqaDTopNusbZpQdT07NlNSes17AjcaXWgfzVpLBAMXmcik0YOHUQg1NtaMiO6DvxvvSE2VTny4Fasc2Erh4rcL8zNTMWRnZE%2F4kmPxLmMfxfVCG3WbKTHZM7Z%2FORp88Wdwgj%2BQVE2AkK%2Bvngek6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6e60e79908eb918c-FRA
expires: Thu, 03 Mar 2022 11:45:16 GMT

GET
H3 200 wz1.js Show response
tb.learning8808.com/oitWTexq8uRCztWB/ Frame 013D 441 B
872 B 82ms
33ms Script
application/javascript 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tb.learning8808.com/oitWTexq8uRCztWB/wz1.js
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16061291fde455f895453dfe0d93bd614bec4bd56f9612757e15b60f737d7795

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31754
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Mar 2022 07:25:47 GMT
server: cloudflare
etag: W/"621f1bfb-1b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w00QfHIakrmcGlc%2B3SkVrQrGE0vex8nv%2F1yBcXOuqhmE7jozQfAV65IcJmt0bYeaxKTL6t2jLepYotfa0YJ%2FU%2Blza8Vepvg8pVGOFa9r2dreMBZJLY51HPaoHIgFaZqD0jm763ofMPDcLFpL9ROf7g%2BH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6e60e79908e8918c-FRA
expires: Thu, 03 Mar 2022 11:22:46 GMT

GET
H3 200 xx3.js Show response
tb.learning8808.com/oitWTexq8uRCztWB/ Frame 013D 2 KB
1 KB 100ms
52ms Script
application/javascript 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx3.js
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d47150bf44841c5cf6cdd90fc794f393cb0dfc8060f727c217d1913b8ca2cb7

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31755
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Mar 2022 06:19:55 GMT
server: cloudflare
etag: W/"621f0c8b-7a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=97wDR39lUazGDF4qls%2FJmW2r1Pc%2FNKLraBCXYCR3fhe45dwjzZx%2Fa%2B5UgKnenzT4ubrpiJQREccUVhvvCkSYGtWqzlH7mUaYaGBkPDj42S8NqF7PE7p%2FsOzdqv75l1SmdEWaSVDjkLPqvHCjxTUmFvoc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6e60e79908ea918c-FRA
expires: Thu, 03 Mar 2022 11:22:45 GMT

GET
H3 200 foot.js Show response
tb.learning8808.com/oitWTexq8uRCztWB/ Frame 013D 1 KB
1 KB 83ms
34ms Script
application/javascript 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tb.learning8808.com/oitWTexq8uRCztWB/foot.js
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8b69a21942a9270c3bb3db017821ef68fc752655d4f25656be3752ffd7fb733

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31755
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 20 Dec 2021 06:07:37 GMT
server: cloudflare
etag: W/"61c01da9-44d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=heoYvToRp%2FOcaX%2FAMVpQQFcTEY49iurHFaHFvTiwVcJhETPjmDvw%2Fs7xVMZ6KhvkxHi9TP8cENPEByUA1G2CYPYw4W3P7OhlFN4ZU%2BDHiPCVDjrbMkLIzPphUrg8nbkHdyn0VKyYHgkto%2Ftdik%2F91ApQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6e60e79908ec918c-FRA
expires: Thu, 03 Mar 2022 11:22:45 GMT

GET
H2 200 f23f9b3e3a5c4008b73729625309b5f0.gif
ue3jfw.com/ Frame 013D 427 KB
428 KB 3033ms
478ms Image
image/gif 103.170.15.53
NETPLUS-AS Hongko...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ue3jfw.com/f23f9b3e3a5c4008b73729625309b5f0.gif
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.53 , Taiwan, ASN7483 (NETPLUS-AS Hongkong Telecom Ltd., Taiwan Branch Office, TW),
Reverse DNS
Software: nginx /
Resource Hash: b9185aa819386b4eb6e06d570a5c56b80f4e7f18aacf4aeb72778c67525cae83

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 06:17:18 GMT
last-modified: Tue, 01 Mar 2022 15:03:55 GMT
server: nginx
etag: "621e35db-6ad3a"
x-cache: HIT from yd11_02-cdn-g01-la2-43
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 437562

GET
H2 200 f6179578298c42baab12a22137bd98de.gif
ue3jfw.com/ Frame 013D 184 KB
184 KB 3465ms
911ms Image
image/gif 103.170.15.53
NETPLUS-AS Hongko...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ue3jfw.com/f6179578298c42baab12a22137bd98de.gif
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.53 , Taiwan, ASN7483 (NETPLUS-AS Hongkong Telecom Ltd., Taiwan Branch Office, TW),
Reverse DNS
Software: nginx /
Resource Hash: a3baa28288b3e74cc37dd0ab5b38115b7df2a8a2f75c1276e3abefbef699aba7

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 16:47:29 GMT
last-modified: Fri, 11 Feb 2022 09:17:50 GMT
server: nginx
etag: "620629be-2dff7"
x-cache: HIT from yd11_02-cdn-g01-la2-43
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 188407

GET
H2 200 c716155e9e864109bf820c7907e44f49.gif
tujzac.com/ Frame 013D 185 KB
186 KB 1762ms
230ms Image
image/gif 45.61.212.143
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tujzac.com/c716155e9e864109bf820c7907e44f49.gif
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.143 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 2e46c25165aeec9a5ab63d5e33e81cb44052236ecc2ba07824ef92134436e2e9

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 15:36:47 GMT
last-modified: Wed, 02 Mar 2022 06:17:21 GMT
server: nginx
etag: "621f0bf1-2e5a2"
x-cache: HIT from cloud-us4-cdnb-13
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 189858

GET
H/1.1 200
OK 68e25c71a39e46a78d118ec9530a856f.gif
8889357.com/ Frame 013D 631 KB
631 KB 3380ms
177ms Image
image/gif 103.170.15.113
NETPLUS-AS Hongko...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8889357.com/68e25c71a39e46a78d118ec9530a856f.gif
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.113 , Taiwan, ASN7483 (NETPLUS-AS Hongkong Telecom Ltd., Taiwan Branch Office, TW),
Reverse DNS
Software: nginx /
Resource Hash: c6fafe28e6b8f4d93be498c49a8c43d61f3c7ea3f7d4ad43f793b5ba9abaf3e1

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 01:55:50 GMT
Last-Modified: Wed, 19 Jan 2022 14:50:46 GMT
Server: nginx
ETag: "61e82546-9dabe"
X-Cache: HIT from yd11_13-cdn-g01-la2-43
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 645822

GET
H/1.1 200
OK 22a800588787415bb5d01f987066708e.gif
zndymj.com/ Frame 013D 711 KB
711 KB 2780ms
157ms Image
image/gif 45.61.212.60
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zndymj.com/22a800588787415bb5d01f987066708e.gif
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.60 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 224c9e180d3e4582b93e4d6b0685b7dc220cc6dd0c100f5af5464d286ec3d55d

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 14:05:37 GMT
Last-Modified: Thu, 13 Jan 2022 07:20:59 GMT
Server: nginx
ETag: "61dfd2db-b1b98"
X-Cache: HIT from cloud-us1-cdnb-30
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 727960

GET
H/1.1 200
OK faa96a1fedf045bb9145bfdc77510e92.gif
zigqnx.com/ Frame 013D 260 KB
260 KB 1498ms
160ms Image
image/gif 45.61.212.188
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zigqnx.com/faa96a1fedf045bb9145bfdc77510e92.gif
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.188 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3be0b946f8491fbcdfa12502d0ef89cc171ee857ff2cd8adc28460d42abd3a1

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 06:48:04 GMT
Last-Modified: Fri, 25 Feb 2022 09:08:37 GMT
Server: nginx
ETag: "62189c95-40f24"
X-Cache: HIT from cloud-us5-cdnb-28
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 266020

GET
H2 200 f23f9b3e3a5c4008b73729625309b5f0.gif
ue3jfw.com/ Frame 8D8F 427 KB
428 KB 2933ms
396ms Image
image/gif 103.170.15.53
NETPLUS-AS Hongko...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ue3jfw.com/f23f9b3e3a5c4008b73729625309b5f0.gif
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.53 , Taiwan, ASN7483 (NETPLUS-AS Hongkong Telecom Ltd., Taiwan Branch Office, TW),
Reverse DNS
Software: nginx /
Resource Hash: b9185aa819386b4eb6e06d570a5c56b80f4e7f18aacf4aeb72778c67525cae83

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 06:17:18 GMT
last-modified: Tue, 01 Mar 2022 15:03:55 GMT
server: nginx
etag: "621e35db-6ad3a"
x-cache: HIT from yd11_02-cdn-g01-la2-43
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 437562

GET
H2 200 f6179578298c42baab12a22137bd98de.gif
ue3jfw.com/ Frame 8D8F 184 KB
184 KB 3429ms
892ms Image
image/gif 103.170.15.53
NETPLUS-AS Hongko...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ue3jfw.com/f6179578298c42baab12a22137bd98de.gif
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.53 , Taiwan, ASN7483 (NETPLUS-AS Hongkong Telecom Ltd., Taiwan Branch Office, TW),
Reverse DNS
Software: nginx /
Resource Hash: a3baa28288b3e74cc37dd0ab5b38115b7df2a8a2f75c1276e3abefbef699aba7

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 16:47:29 GMT
last-modified: Fri, 11 Feb 2022 09:17:50 GMT
server: nginx
etag: "620629be-2dff7"
x-cache: HIT from yd11_02-cdn-g01-la2-43
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 188407

GET
H2 200 c716155e9e864109bf820c7907e44f49.gif
tujzac.com/ Frame 8D8F 185 KB
186 KB 1676ms
162ms Image
image/gif 45.61.212.143
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tujzac.com/c716155e9e864109bf820c7907e44f49.gif
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.143 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 2e46c25165aeec9a5ab63d5e33e81cb44052236ecc2ba07824ef92134436e2e9

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 15:36:47 GMT
last-modified: Wed, 02 Mar 2022 06:17:21 GMT
server: nginx
etag: "621f0bf1-2e5a2"
x-cache: HIT from cloud-us4-cdnb-13
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 189858

GET
H/1.1 200
OK 68e25c71a39e46a78d118ec9530a856f.gif
8889357.com/ Frame 8D8F 631 KB
631 KB 3371ms
177ms Image
image/gif 103.170.15.113
NETPLUS-AS Hongko...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8889357.com/68e25c71a39e46a78d118ec9530a856f.gif
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.113 , Taiwan, ASN7483 (NETPLUS-AS Hongkong Telecom Ltd., Taiwan Branch Office, TW),
Reverse DNS
Software: nginx /
Resource Hash: c6fafe28e6b8f4d93be498c49a8c43d61f3c7ea3f7d4ad43f793b5ba9abaf3e1

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 01:55:50 GMT
Last-Modified: Wed, 19 Jan 2022 14:50:46 GMT
Server: nginx
ETag: "61e82546-9dabe"
X-Cache: HIT from yd11_13-cdn-g01-la2-43
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 645822

GET
H/1.1 200
OK 22a800588787415bb5d01f987066708e.gif
zndymj.com/ Frame 8D8F 711 KB
711 KB 2781ms
159ms Image
image/gif 45.61.212.60
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zndymj.com/22a800588787415bb5d01f987066708e.gif
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.60 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 224c9e180d3e4582b93e4d6b0685b7dc220cc6dd0c100f5af5464d286ec3d55d

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 14:05:37 GMT
Last-Modified: Thu, 13 Jan 2022 07:20:59 GMT
Server: nginx
ETag: "61dfd2db-b1b98"
X-Cache: HIT from cloud-us1-cdnb-30
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 727960

GET
H/1.1 200
OK faa96a1fedf045bb9145bfdc77510e92.gif
zigqnx.com/ Frame 8D8F 260 KB
260 KB 1493ms
159ms Image
image/gif 45.61.212.188
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zigqnx.com/faa96a1fedf045bb9145bfdc77510e92.gif
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.188 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3be0b946f8491fbcdfa12502d0ef89cc171ee857ff2cd8adc28460d42abd3a1

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 06:48:04 GMT
Last-Modified: Fri, 25 Feb 2022 09:08:37 GMT
Server: nginx
ETag: "62189c95-40f24"
X-Cache: HIT from cloud-us5-cdnb-28
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 266020

GET
H/1.1 200
OK topp.php Show response
yd.yuanqitu.com/DNEW/ Frame 013D 13 KB
6 KB 1815ms
491ms Script
text/html 121.14.45.19
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://yd.yuanqitu.com/DNEW/topp.php?uid=14862
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/dh1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.14.45.19 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: openresty /
Resource Hash: 78da7b0736af56185c39d94b3976d2560bf14cf66f68e0655b3e59a799b84043

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 08:12:02 GMT
Content-Encoding: gzip
Age: 56
Transfer-Encoding: chunked
Connection: keep-alive
Request-Id: 7402f2c182a5c1b7f23b6480e5d92d55
Ctl-Cache-Status: MISS from sc-chengdu1-ca02, MISS from gd-guangzhou13-ca11
Access-Control-Allow-Headers: *
Server: openresty
Ctl-Server-IP: 125.64.6.25:80
Ctl-Server-Code: 200
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: max-age=5
Access-Control-Allow-Credentials: true
ctyun-origin: 238

GET
H2 200 wap_1105_968_3DhmoZWZW8 Show response
data.wssh188.com/ Frame 013D 10 KB
5 KB 1106ms
579ms Script
application/javascript 154.23.245.118
KURUN-AS-

General

Check archive.org

Show headers Download Go to

Full URL

https://data.wssh188.com:4016/wap_1105_968_3DhmoZWZW8

Requested by

Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/dh1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.23.245.118 , United States, ASN395886 (KURUN-AS-, US),

Reverse DNS

Software

nginx /

Resource Hash

0635bbc7f2a7320250f6a93679beafd25bd2a4a91c821d6b03490700ae609abb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000, no-cache

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:11:42 GMT
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 08:54:00 GMT
server: nginx
etag: W/"621f30a8-274a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000, max-age=31536000, no-cache
expires: Thu, 03 Mar 2022 11:20:37 GMT

GET
H/1.1 200
OK topp.php Show response
yd.yuanqitu.com/DNEW/ Frame 8D8F 13 KB
6 KB 1866ms
543ms Script
text/html 121.14.45.19
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://yd.yuanqitu.com/DNEW/topp.php?uid=14862
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/dh1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.14.45.19 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: openresty /
Resource Hash: 78da7b0736af56185c39d94b3976d2560bf14cf66f68e0655b3e59a799b84043

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 08:12:02 GMT
Content-Encoding: gzip
Age: 20
Transfer-Encoding: chunked
Connection: keep-alive
Request-Id: 21921e4227ef53a8a61bab0ccd137981
Ctl-Cache-Status: MISS from sc-chengdu1-ca02, MISS from gd-guangzhou13-ca11
Access-Control-Allow-Headers: *
Server: openresty
Ctl-Server-IP: 125.64.6.25:80
Ctl-Server-Code: 200
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: max-age=5
Access-Control-Allow-Credentials: true
ctyun-origin: 238

GET
H/1.1 200
OK 92eb5ffee6.php Show response
g.ns-zhy.com/ Frame 8D8F 6 B
791 B 2233ms
288ms Script
text/html 121.14.45.23
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ns-zhy.com/92eb5ffee6.php?a=11
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/dh1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.14.45.23 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: openresty / PHP/5.6.40
Resource Hash: ab230e998eacc4e17557e2ab87f210db71e288990cc8a8d9fb9bcc46bdf97ba9

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 08:12:02 GMT
Content-Encoding: gzip
Age: 0
X-Powered-By: PHP/5.6.40
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Connection: keep-alive
Request-Id: 7ccb7b5c31116e0c934b17c8ef59eb0c
Ctl-Cache-Status: MISS from sc-chengdu1-ca02, MISS from gd-guangzhou13-ca06
Pragma: no-cache
Access-Control-Allow-Headers: *
Server: openresty
Ctl-Server-IP: 125.64.6.25:80
Ctl-Server-Code: 200
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: text/html; charset=UTF-8
Via: 1.1 google, [44,zone-sc-chengdu1-cache-02.in.ctcdn.cn], [83,edge-gd-guangzhou13-cache-09.in.ctcdn.cn]
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
X-Fastcgi-Cache: MISS
ctyun-origin: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 408ms
407ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1675697401&si=b612079d928e97fce7171ee79868a9fe&v=1.2.90&lv=1&sn=55921&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.patpaynter.com%2F&tt=%E6%B1%9F%E8%8B%8F%E7%AC%86%E6%8B%8D%E9%A3%9F%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

Requested by

Host: www.patpaynter.com
URL: http://www.patpaynter.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://www.patpaynter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Mar 2022 08:12:01 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK comd.php Show response
yd.gxdianhua.com/DNEW/ Frame 013D 2 KB
2 KB 2285ms
1282ms Fetch
text/html 121.14.45.22
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://yd.gxdianhua.com/DNEW/comd.php?uid=14862&yd=1
Requested by: Host: yd.yuanqitu.com
URL: https://yd.yuanqitu.com/DNEW/topp.php?uid=14862
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.14.45.22 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: openresty /
Resource Hash: f61dbc7757858c86113ab3a7dc632936b7a758e4994847389d40350743db6880

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 08:12:05 GMT
Content-Encoding: gzip
Age: 36
Transfer-Encoding: chunked
Connection: keep-alive
Request-Id: 3589d67ae4d0e57abf5fda49ffc34ee8
Ctl-Cache-Status: MISS from sc-chengdu1-ca04, MISS from gd-guangzhou13-ca09
Pragma: no-cache
Access-Control-Allow-Headers: *
Server: openresty
Ctl-Server-IP: 125.64.6.25:80
Ctl-Server-Code: 200
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: text/html
Access-Control-Allow-Origin: https://klx20.zhgm1jglhk.com
Cache-Control: max-age=5
Access-Control-Allow-Credentials: true
ctyun-origin: 241

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ Frame 013D 37 KB
14 KB 412ms
411ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?eb206e3ad56d4bf4d0e40ef9961b5754

Requested by

Host: www.patpaynter.com
URL: http://www.patpaynter.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

be80084ead2c4594da3857bca999a8a7e5f92842814840532b008231b2c76e42

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 08:12:03 GMT
Content-Encoding: gzip
Server: apache
Etag: 860da2e27b5c5acd7a801e036bb6f7ef
Strict-Transport-Security: max-age=172800
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 13739

GET
H2 200 f23f9b3e3a5c4008b73729625309b5f0.gif
ue3jfw.com/ Frame 013D 427 KB
428 KB 706ms
239ms Image
image/gif 103.170.15.53
NETPLUS-AS Hongko...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ue3jfw.com/f23f9b3e3a5c4008b73729625309b5f0.gif
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.53 , Taiwan, ASN7483 (NETPLUS-AS Hongkong Telecom Ltd., Taiwan Branch Office, TW),
Reverse DNS
Software: nginx /
Resource Hash: b9185aa819386b4eb6e06d570a5c56b80f4e7f18aacf4aeb72778c67525cae83

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 06:17:18 GMT
last-modified: Tue, 01 Mar 2022 15:03:55 GMT
server: nginx
etag: "621e35db-6ad3a"
x-cache: HIT from yd11_02-cdn-g01-la2-43
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 437562

GET
H2 200 f6179578298c42baab12a22137bd98de.gif
ue3jfw.com/ Frame 013D 184 KB
184 KB 1159ms
693ms Image
image/gif 103.170.15.53
NETPLUS-AS Hongko...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ue3jfw.com/f6179578298c42baab12a22137bd98de.gif
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.53 , Taiwan, ASN7483 (NETPLUS-AS Hongkong Telecom Ltd., Taiwan Branch Office, TW),
Reverse DNS
Software: nginx /
Resource Hash: a3baa28288b3e74cc37dd0ab5b38115b7df2a8a2f75c1276e3abefbef699aba7

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 16:47:29 GMT
last-modified: Fri, 11 Feb 2022 09:17:50 GMT
server: nginx
etag: "620629be-2dff7"
x-cache: HIT from yd11_02-cdn-g01-la2-43
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 188407

GET
H2 200 c716155e9e864109bf820c7907e44f49.gif
tujzac.com/ Frame 013D 185 KB
186 KB 354ms
354ms Image
image/gif 45.61.212.143
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tujzac.com/c716155e9e864109bf820c7907e44f49.gif
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.143 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 2e46c25165aeec9a5ab63d5e33e81cb44052236ecc2ba07824ef92134436e2e9

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 15:36:47 GMT
last-modified: Wed, 02 Mar 2022 06:17:21 GMT
server: nginx
etag: "621f0bf1-2e5a2"
x-cache: HIT from cloud-us4-cdnb-13
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 189858

GET
H/1.1 200
OK 68e25c71a39e46a78d118ec9530a856f.gif
8889357.com/ Frame 013D 631 KB
631 KB 1300ms
174ms Image
image/gif 103.170.15.113
NETPLUS-AS Hongko...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8889357.com/68e25c71a39e46a78d118ec9530a856f.gif
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.113 , Taiwan, ASN7483 (NETPLUS-AS Hongkong Telecom Ltd., Taiwan Branch Office, TW),
Reverse DNS
Software: nginx /
Resource Hash: c6fafe28e6b8f4d93be498c49a8c43d61f3c7ea3f7d4ad43f793b5ba9abaf3e1

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 01:55:50 GMT
Last-Modified: Wed, 19 Jan 2022 14:50:46 GMT
Server: nginx
ETag: "61e82546-9dabe"
X-Cache: HIT from yd11_13-cdn-g01-la2-43
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 645822

GET
H/1.1 200
OK 22a800588787415bb5d01f987066708e.gif
zndymj.com/ Frame 013D 711 KB
711 KB 734ms
165ms Image
image/gif 45.61.212.60
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zndymj.com/22a800588787415bb5d01f987066708e.gif
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.60 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 224c9e180d3e4582b93e4d6b0685b7dc220cc6dd0c100f5af5464d286ec3d55d

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 14:05:37 GMT
Last-Modified: Thu, 13 Jan 2022 07:20:59 GMT
Server: nginx
ETag: "61dfd2db-b1b98"
X-Cache: HIT from cloud-us1-cdnb-30
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 727960

GET
H/1.1 200
OK faa96a1fedf045bb9145bfdc77510e92.gif
zigqnx.com/ Frame 013D 260 KB
260 KB 158ms
158ms Image
image/gif 45.61.212.188
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zigqnx.com/faa96a1fedf045bb9145bfdc77510e92.gif
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.188 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3be0b946f8491fbcdfa12502d0ef89cc171ee857ff2cd8adc28460d42abd3a1

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 06:48:04 GMT
Last-Modified: Fri, 25 Feb 2022 09:08:37 GMT
Server: nginx
ETag: "62189c95-40f24"
X-Cache: HIT from cloud-us5-cdnb-28
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 266020

GET
H/1.1 200
OK e22428ccf9.php Show response
g.ns-zhy.com/ Frame 013D 6 B
795 B 484ms
317ms Script
text/html 121.14.45.23
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ns-zhy.com/e22428ccf9.php?a=11&pt=25
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.14.45.23 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: openresty / PHP/5.6.40
Resource Hash: ab230e998eacc4e17557e2ab87f210db71e288990cc8a8d9fb9bcc46bdf97ba9

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 08:12:03 GMT
Content-Encoding: gzip
Age: 0
X-Powered-By: PHP/5.6.40
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Connection: keep-alive
Request-Id: ad84cb4d46bb6823748f9bc3ebe24748
Ctl-Cache-Status: MISS from sc-chengdu1-ca02, MISS from gd-guangzhou13-ca08
Pragma: no-cache
Access-Control-Allow-Headers: *
Server: openresty
Ctl-Server-IP: 125.64.6.25:80
Ctl-Server-Code: 200
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: text/html; charset=UTF-8
Via: 1.1 google, [46,zone-sc-chengdu1-cache-01.in.ctcdn.cn], [113,edge-gd-guangzhou13-cache-09.in.ctcdn.cn]
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
X-Fastcgi-Cache: EXPIRED
ctyun-origin: 44

GET
H/1.1 200
OK xtb.php Show response
yd.yuanqitu.com/DNEW/ Frame 013D 14 KB
6 KB 510ms
510ms Script
text/html 121.14.45.19
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://yd.yuanqitu.com/DNEW/xtb.php?uid=14862&m=60
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.14.45.19 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: openresty /
Resource Hash: 40eed4be7ec313b38f3213519cdf1e9b0730a025872278bc14e613fdbafd2caf

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 08:12:03 GMT
Content-Encoding: gzip
Age: 36
Transfer-Encoding: chunked
Connection: keep-alive
Request-Id: df9a8502d544cf65ca21a76d23606bc5
Ctl-Cache-Status: MISS from sc-chengdu1-ca01, MISS from gd-guangzhou13-ca09
Access-Control-Allow-Headers: *
Server: openresty
Ctl-Server-IP: 125.64.6.25:80
Ctl-Server-Code: 200
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: max-age=5
Access-Control-Allow-Credentials: true
ctyun-origin: 238

GET
H/1.1 200
OK comd.php Show response
yd.gxdianhua.com/DNEW/ Frame 8D8F 2 KB
2 KB 2223ms
1257ms Fetch
text/html 121.14.45.22
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://yd.gxdianhua.com/DNEW/comd.php?uid=14862&yd=1
Requested by: Host: yd.yuanqitu.com
URL: https://yd.yuanqitu.com/DNEW/topp.php?uid=14862
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.14.45.22 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: openresty /
Resource Hash: 58a610a1562fffa877359fb5328ae19b99b15b15dd2023e11cb6685b22c56c97

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 08:12:05 GMT
Content-Encoding: gzip
Age: 21
Transfer-Encoding: chunked
Connection: keep-alive
Request-Id: 8e4c7c22fe4d2c0e9b909e38bf0a6cc4
Ctl-Cache-Status: MISS from sc-chengdu1-ca04, MISS from gd-guangzhou13-ca09
Pragma: no-cache
Access-Control-Allow-Headers: *
Server: openresty
Ctl-Server-IP: 125.64.6.25:80
Ctl-Server-Code: 200
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: text/html
Access-Control-Allow-Origin: https://klx20.zhgm1jglhk.com
Cache-Control: max-age=5
Access-Control-Allow-Credentials: true
ctyun-origin: 246

GET
H2 200 f23f9b3e3a5c4008b73729625309b5f0.gif
ue3jfw.com/ Frame 8D8F 427 KB
428 KB 465ms
169ms Image
image/gif 103.170.15.53
NETPLUS-AS Hongko...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ue3jfw.com/f23f9b3e3a5c4008b73729625309b5f0.gif
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.53 , Taiwan, ASN7483 (NETPLUS-AS Hongkong Telecom Ltd., Taiwan Branch Office, TW),
Reverse DNS
Software: nginx /
Resource Hash: b9185aa819386b4eb6e06d570a5c56b80f4e7f18aacf4aeb72778c67525cae83

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 06:17:18 GMT
last-modified: Tue, 01 Mar 2022 15:03:55 GMT
server: nginx
etag: "621e35db-6ad3a"
x-cache: HIT from yd11_02-cdn-g01-la2-43
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 437562

GET
H2 200 f6179578298c42baab12a22137bd98de.gif
ue3jfw.com/ Frame 8D8F 184 KB
184 KB 1014ms
718ms Image
image/gif 103.170.15.53
NETPLUS-AS Hongko...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ue3jfw.com/f6179578298c42baab12a22137bd98de.gif
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.53 , Taiwan, ASN7483 (NETPLUS-AS Hongkong Telecom Ltd., Taiwan Branch Office, TW),
Reverse DNS
Software: nginx /
Resource Hash: a3baa28288b3e74cc37dd0ab5b38115b7df2a8a2f75c1276e3abefbef699aba7

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 16:47:29 GMT
last-modified: Fri, 11 Feb 2022 09:17:50 GMT
server: nginx
etag: "620629be-2dff7"
x-cache: HIT from yd11_02-cdn-g01-la2-43
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 188407

GET
H2 200 c716155e9e864109bf820c7907e44f49.gif
tujzac.com/ Frame 8D8F 185 KB
186 KB 275ms
274ms Image
image/gif 45.61.212.143
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tujzac.com/c716155e9e864109bf820c7907e44f49.gif
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.143 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 2e46c25165aeec9a5ab63d5e33e81cb44052236ecc2ba07824ef92134436e2e9

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 15:36:47 GMT
last-modified: Wed, 02 Mar 2022 06:17:21 GMT
server: nginx
etag: "621f0bf1-2e5a2"
x-cache: HIT from cloud-us4-cdnb-13
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 189858

GET
H/1.1 200
OK 68e25c71a39e46a78d118ec9530a856f.gif
8889357.com/ Frame 8D8F 631 KB
631 KB 1132ms
174ms Image
image/gif 103.170.15.113
NETPLUS-AS Hongko...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8889357.com/68e25c71a39e46a78d118ec9530a856f.gif
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.113 , Taiwan, ASN7483 (NETPLUS-AS Hongkong Telecom Ltd., Taiwan Branch Office, TW),
Reverse DNS
Software: nginx /
Resource Hash: c6fafe28e6b8f4d93be498c49a8c43d61f3c7ea3f7d4ad43f793b5ba9abaf3e1

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 01:55:50 GMT
Last-Modified: Wed, 19 Jan 2022 14:50:46 GMT
Server: nginx
ETag: "61e82546-9dabe"
X-Cache: HIT from yd11_13-cdn-g01-la2-43
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 645822

GET
H/1.1 200
OK 22a800588787415bb5d01f987066708e.gif
zndymj.com/ Frame 8D8F 711 KB
711 KB 625ms
156ms Image
image/gif 45.61.212.60
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zndymj.com/22a800588787415bb5d01f987066708e.gif
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.60 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 224c9e180d3e4582b93e4d6b0685b7dc220cc6dd0c100f5af5464d286ec3d55d

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 14:05:37 GMT
Last-Modified: Thu, 13 Jan 2022 07:20:59 GMT
Server: nginx
ETag: "61dfd2db-b1b98"
X-Cache: HIT from cloud-us1-cdnb-30
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 727960

GET
H/1.1 200
OK faa96a1fedf045bb9145bfdc77510e92.gif
zigqnx.com/ Frame 8D8F 260 KB
260 KB 159ms
158ms Image
image/gif 45.61.212.188
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zigqnx.com/faa96a1fedf045bb9145bfdc77510e92.gif
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.188 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3be0b946f8491fbcdfa12502d0ef89cc171ee857ff2cd8adc28460d42abd3a1

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 06:48:04 GMT
Last-Modified: Fri, 25 Feb 2022 09:08:37 GMT
Server: nginx
ETag: "62189c95-40f24"
X-Cache: HIT from cloud-us5-cdnb-28
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 266020

GET
H/1.1 200
OK e22428ccf9.php Show response
g.ns-zhy.com/ Frame 8D8F 6 B
795 B 593ms
333ms Script
text/html 121.14.45.23
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ns-zhy.com/e22428ccf9.php?a=11&pt=25
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.14.45.23 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: openresty / PHP/5.6.40
Resource Hash: ab230e998eacc4e17557e2ab87f210db71e288990cc8a8d9fb9bcc46bdf97ba9

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 08:12:03 GMT
Content-Encoding: gzip
Age: 0
X-Powered-By: PHP/5.6.40
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Connection: keep-alive
Request-Id: 189a3b629f12626ca459fb0e021dc1b1
Ctl-Cache-Status: MISS from sc-chengdu1-ca02, MISS from gd-guangzhou13-ca08
Pragma: no-cache
Access-Control-Allow-Headers: *
Server: openresty
Ctl-Server-IP: 125.64.6.25:80
Ctl-Server-Code: 200
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: text/html; charset=UTF-8
Via: 1.1 google, [73,zone-sc-chengdu1-cache-04.in.ctcdn.cn], [110,edge-gd-guangzhou13-cache-08.in.ctcdn.cn]
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
X-Fastcgi-Cache: EXPIRED
ctyun-origin: 72

GET
H/1.1 200
OK xtb.php Show response
yd.yuanqitu.com/DNEW/ Frame 8D8F 14 KB
6 KB 509ms
508ms Script
text/html 121.14.45.19
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://yd.yuanqitu.com/DNEW/xtb.php?uid=14862&m=60
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.14.45.19 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: openresty /
Resource Hash: 40eed4be7ec313b38f3213519cdf1e9b0730a025872278bc14e613fdbafd2caf

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 08:12:03 GMT
Content-Encoding: gzip
Age: 34
Transfer-Encoding: chunked
Connection: keep-alive
Request-Id: 30218e11271dc797ae69105d9fd28da5
Ctl-Cache-Status: MISS from sc-chengdu1-ca01, MISS from gd-guangzhou13-ca09
Access-Control-Allow-Headers: *
Server: openresty
Ctl-Server-IP: 125.64.6.25:80
Ctl-Server-Code: 200
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: max-age=5
Access-Control-Allow-Credentials: true
ctyun-origin: 230

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ Frame 013D 43 B
299 B 413ms
413ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=2041251117&si=eb206e3ad56d4bf4d0e40ef9961b5754&su=http%3A%2F%2Fwww.patpaynter.com%2F&v=1.2.90&lv=1&sn=55924&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fklx20.zhgm1jglhk.com%2F&tt=tianbiav.com%20-%20%E5%85%8D%E8%B4%B9%E7%9F%AD%E8%A7%86%E9%A2%91%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8

Requested by

Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Mar 2022 08:12:04 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK comt.php Show response
yd.gxdianhua.com/DNEW/ Frame 013D 2 KB
2 KB 5002ms
5001ms Fetch
text/html 121.14.45.22
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://yd.gxdianhua.com/DNEW/comt.php?uid=14862&yd=1
Requested by: Host: yd.yuanqitu.com
URL: https://yd.yuanqitu.com/DNEW/xtb.php?uid=14862&m=60
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.14.45.22 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: openresty /
Resource Hash: c08e3845d44b02ea168865b9f08f67304ad0170418289b6867c832b4553556d2

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 08:12:08 GMT
Content-Encoding: gzip
Age: 23
Transfer-Encoding: chunked
Connection: keep-alive
Request-Id: b3e22bd445e30d15f94354fbe8d8f3f0
Ctl-Cache-Status: MISS from sc-chengdu1-ca02, MISS from gd-guangzhou13-ca06
Pragma: no-cache
Access-Control-Allow-Headers: *
Server: openresty
Ctl-Server-IP: 125.64.6.25:80
Ctl-Server-Code: 200
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: text/html
Access-Control-Allow-Origin: https://klx20.zhgm1jglhk.com
Cache-Control: max-age=5
Access-Control-Allow-Credentials: true
ctyun-origin: 246

GET
H2 200 xt12.gif
tnlapp.com/static/images/ Frame 013D 732 KB
734 KB 91ms
30ms Image
image/gif 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tnlapp.com/static/images/xt12.gif
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea0a19f999b329c2bfbf1d2147109c6ddd90ad772d209b86229f0412324b0d47

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 590088
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 749706
last-modified: Mon, 07 Jun 2021 05:47:54 GMT
server: cloudflare
etag: "60bdb30a-b708a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YFc3RcHlZ0cCyG7Gfc%2Flc8AeAeD8Pi4Mo6xJdIK%2BHqqHgK2Gmgzhisnjn8L59kNIogWexdJu06BQyLW68sBSQNB5V5A%2FWP%2BvkqgIuTvylwTdVRH0%2BndxTUJhdmKeEQbgb7ZrLiuOlKHk"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6e60e7adab8f925b-FRA
expires: Sat, 26 Mar 2022 12:17:16 GMT

GET
H2 200 xt10.gif
tnlapp.com/static/images/ Frame 013D 609 KB
610 KB 114ms
54ms Image
image/gif 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tnlapp.com/static/images/xt10.gif
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9dfe27cd3c4cfd68f0deb55a593bcac7f77494883c5dc7dbe6f1301e150ab9d

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 590088
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 623748
last-modified: Mon, 07 Jun 2021 05:47:53 GMT
server: cloudflare
etag: "60bdb309-98484"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OGEwqDDE2SswidU7cA4yJ%2FKiIXD6zIjN09qBTHsAxFs2cLoNY1xx0HXTWuxkisEOgH1203qhf9RZDFXXgzh1U0BqtyyHxA3GA8Lg3%2BqUCgUbEOItxlDgUUXfrWuTuj6sT6c2bkXllzlb"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6e60e7adab92925b-FRA
expires: Sat, 26 Mar 2022 12:17:16 GMT

GET
H2 200 xt1.gif
tnlapp.com/static/images/ Frame 013D 433 KB
434 KB 112ms
53ms Image
image/gif 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tnlapp.com/static/images/xt1.gif
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c01d665a1abb0e10e3ac90119e3674db0363a112da7f8322c12bbafbe0bd88dc

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 590088
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 443705
last-modified: Mon, 07 Jun 2021 05:47:45 GMT
server: cloudflare
etag: "60bdb301-6c539"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ILtGCWKjLHOkmtDfwMy9b%2BmaUUdXk1egRpxyOb4m37fRN5A1%2FeISQqCXU1BsHIILpirFe8E%2BTuxm%2FzKvEEdDLdrNO3jmKM00%2BibPLsK9zGvpu%2Bw%2BOKa2dbTGJo81HQma3i18QFSQxJJ8"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6e60e7adab95925b-FRA
expires: Sat, 26 Mar 2022 12:17:16 GMT

GET
H2 200 xt2.gif
tnlapp.com/static/images/ Frame 013D 368 KB
369 KB 112ms
54ms Image
image/gif 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tnlapp.com/static/images/xt2.gif
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c0afb20158289f63a2b8a9d57502a932cbaabb4b255babeacac3bf0a6534d80

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 590082
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 376694
last-modified: Mon, 07 Jun 2021 05:47:45 GMT
server: cloudflare
etag: "60bdb301-5bf76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DOrqSYNulc92zeYllGJ50jF8APDTfziJhtfDvdDP9pWUu1%2Fn62%2F3T%2FULRF09R3owwdMsTZBE06wovFpgiTqnyt%2FLW4sgpA%2BzJd4BhfAi9Qu3vhkVqT6ITf1GyzkxzFDBFtlvIZGIUGBh"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6e60e7adab96925b-FRA
expires: Sat, 26 Mar 2022 12:17:22 GMT

GET
H2 200 xt3.gif
tnlapp.com/static/images/ Frame 013D 189 KB
189 KB 111ms
53ms Image
image/gif 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tnlapp.com/static/images/xt3.gif
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac04d049696b8e58a9d9ccc2c2e90f480ad925f796df8ddb5a87f10250bc39e

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 590088
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 193237
last-modified: Mon, 07 Jun 2021 05:47:46 GMT
server: cloudflare
etag: "60bdb302-2f2d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zojNnZnHn0rEcyVLA0X5jfNLSaJFwp1bzNWF2iKJxcbOSBLP0KfsT5syAaDjTD2Yzmuz2KC7NQKvV9kFRImOXmRqrwR3%2FGKU1T7lIpCn%2B9Mfdoi7udpnF7SLxH%2BO0fg7Z6sdldc2ujEX"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6e60e7adab97925b-FRA
expires: Sat, 26 Mar 2022 12:17:16 GMT

GET
H3 200 xt4.gif
tnlapp.com/static/images/ Frame 013D 599 KB
600 KB 73ms
41ms Image
image/gif 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tnlapp.com/static/images/xt4.gif
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2552d39b1e507bef8ff2d461a9798bc420e0e157eb57cec603ade1285ff0e65

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 608817
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 613488
last-modified: Mon, 07 Jun 2021 05:47:47 GMT
server: cloudflare
etag: "60bdb303-95c70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69BFaossvjUxSFsiISDEWHG6u6QnHgZPv0JlQtlE5u1wfV9JiW1xbFFsJB8SfVf3eR3CbrQOzyl%2Bstb2xo4CjHMj%2FFLrt0xzvyFvTvmr32x55yp9u5xBOUGPEpQcuI5AV40sJZTpMyD%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6e60e7aecbe2900c-FRA
expires: Sat, 26 Mar 2022 07:05:07 GMT

GET
H3 200 xt6.gif
tnlapp.com/static/images/ Frame 013D 2 MB
2 MB 124ms
93ms Image
image/gif 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tnlapp.com/static/images/xt6.gif
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a6920701b78e0d28ab0d1bc646ccb7a82f93eaf66399a435b55788356d594eb

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 608817
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2168710
last-modified: Mon, 07 Jun 2021 05:47:50 GMT
server: cloudflare
etag: "60bdb306-211786"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7ocafP8krh0985Rw%2F8m33ml1MmXuxzVh9woWM6d%2B8%2Bcy7IzNLdL%2BuwJb6QV6Ylv4SBm90FArT5q%2Bcvka3bAuWABWtnWh5LI0vBZUIgLTA0laoHQEuM9BuM%2B9G%2FL%2FFVf4qvRrQAf3ZcJ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6e60e7aecbe0900c-FRA
expires: Sat, 26 Mar 2022 07:05:07 GMT

GET
H3 200 xt7.gif
tnlapp.com/static/images/ Frame 013D 263 KB
263 KB 361ms
329ms Image
image/gif 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tnlapp.com/static/images/xt7.gif
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59c730a313db642dd842aad1586e7d3a29dabe14be7404a1cd0a0d25138e669c

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 608817
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 269177
last-modified: Mon, 07 Jun 2021 05:47:50 GMT
server: cloudflare
etag: "60bdb306-41b79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o0Drf7G7naJ0za5ABt1ZUAUmDw2i9Xktkt62pVi5ZtkaiYc2GpVLLyhzurFB3Eip%2BuDgJsxsVNwRIE%2FiqqVx9tmMV9LgrzQYokxsa3y7m%2BpRKBMBHgRSg2wp2YLQ0U2s7ET3Y1%2FuB74Q"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6e60e7aecbe3900c-FRA
expires: Sat, 26 Mar 2022 07:05:07 GMT

GET
H3 200 xt11.gif
tnlapp.com/static/images/ Frame 013D 2 MB
2 MB 61ms
29ms Image
image/gif 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tnlapp.com/static/images/xt11.gif
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c64028fba849ecf81cae46173194457736017f36066493ba9241fc6717bb7ab

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38995
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1639812
last-modified: Mon, 07 Jun 2021 05:47:54 GMT
server: cloudflare
etag: "60bdb30a-190584"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KAK7FDPkgij%2B9pIwevgTvnW8j5woMTJbaGpl8f43aDl8DzO2A0VuuiLlZ%2BvhODOePipO0DwjWdNhhde3ZGb%2BaDZ85d2CuAnXKx9anPdSVL8mytoDbS3h0XcFxWeCYZ5Ko%2FZSA1I7B3Pg"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6e60e7aecbde900c-FRA
expires: Fri, 01 Apr 2022 21:22:09 GMT

GET
H3 200 xt9.gif
tnlapp.com/static/images/ Frame 013D 322 KB
322 KB 149ms
118ms Image
image/gif 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tnlapp.com/static/images/xt9.gif
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd96321466d68dddabbc45cf7d72821ab7801de184f638a382b6a6681fba949d

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 608817
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 329331
last-modified: Mon, 07 Jun 2021 05:47:52 GMT
server: cloudflare
etag: "60bdb308-50673"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fT5RnUYyqbqq1ASAAb9GEmwRRDlKmixg84B2SQwkvGIkSOwbCm0yaGEj%2Fc5YyZYT%2FewpM1CLxRJ6PoBQ3r9MVtzpfnof%2Fk8ZDgW6DMDJhCfk8ngd4eGWqesEoByFndxnrs6DoXzTOD39"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6e60e7aecbdf900c-FRA
expires: Sat, 26 Mar 2022 07:05:07 GMT

GET
H2 200 f23f9b3e3a5c4008b73729625309b5f0.gif
ue3jfw.com/ Frame 013D 427 KB
428 KB 624ms
624ms Image
image/gif 103.170.15.53
NETPLUS-AS Hongko...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ue3jfw.com/f23f9b3e3a5c4008b73729625309b5f0.gif
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.53 , Taiwan, ASN7483 (NETPLUS-AS Hongkong Telecom Ltd., Taiwan Branch Office, TW),
Reverse DNS
Software: nginx /
Resource Hash: b9185aa819386b4eb6e06d570a5c56b80f4e7f18aacf4aeb72778c67525cae83

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 06:17:18 GMT
last-modified: Tue, 01 Mar 2022 15:03:55 GMT
server: nginx
etag: "621e35db-6ad3a"
x-cache: HIT from yd11_02-cdn-g01-la2-43
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 437562

GET
H2 200 f6179578298c42baab12a22137bd98de.gif
ue3jfw.com/ Frame 013D 184 KB
184 KB 657ms
657ms Image
image/gif 103.170.15.53
NETPLUS-AS Hongko...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ue3jfw.com/f6179578298c42baab12a22137bd98de.gif
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.53 , Taiwan, ASN7483 (NETPLUS-AS Hongkong Telecom Ltd., Taiwan Branch Office, TW),
Reverse DNS
Software: nginx /
Resource Hash: a3baa28288b3e74cc37dd0ab5b38115b7df2a8a2f75c1276e3abefbef699aba7

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 16:47:29 GMT
last-modified: Fri, 11 Feb 2022 09:17:50 GMT
server: nginx
etag: "620629be-2dff7"
x-cache: HIT from yd11_02-cdn-g01-la2-43
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 188407

GET
H/1.1 200
OK 68e25c71a39e46a78d118ec9530a856f.gif
8889357.com/ Frame 013D 631 KB
631 KB 182ms
181ms Image
image/gif 103.170.15.113
NETPLUS-AS Hongko...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8889357.com/68e25c71a39e46a78d118ec9530a856f.gif
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.113 , Taiwan, ASN7483 (NETPLUS-AS Hongkong Telecom Ltd., Taiwan Branch Office, TW),
Reverse DNS
Software: nginx /
Resource Hash: c6fafe28e6b8f4d93be498c49a8c43d61f3c7ea3f7d4ad43f793b5ba9abaf3e1

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 01:55:50 GMT
Last-Modified: Wed, 19 Jan 2022 14:50:46 GMT
Server: nginx
ETag: "61e82546-9dabe"
X-Cache: HIT from yd11_13-cdn-g01-la2-43
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 645822

GET
H/1.1 200
OK 22a800588787415bb5d01f987066708e.gif
zndymj.com/ Frame 013D 711 KB
711 KB 169ms
168ms Image
image/gif 45.61.212.60
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zndymj.com/22a800588787415bb5d01f987066708e.gif
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.60 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 224c9e180d3e4582b93e4d6b0685b7dc220cc6dd0c100f5af5464d286ec3d55d

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 14:05:37 GMT
Last-Modified: Thu, 13 Jan 2022 07:20:59 GMT
Server: nginx
ETag: "61dfd2db-b1b98"
X-Cache: HIT from cloud-us1-cdnb-30
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 727960

GET
H/1.1 200
OK 54a2bf8c09.php Show response
g.ns-zhy.com/ Frame 013D 6 B
795 B 317ms
317ms Script
text/html 121.14.45.23
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ns-zhy.com/54a2bf8c09.php?a=11
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.14.45.23 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: openresty / PHP/5.6.40
Resource Hash: ab230e998eacc4e17557e2ab87f210db71e288990cc8a8d9fb9bcc46bdf97ba9

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 08:12:04 GMT
Content-Encoding: gzip
Age: 0
X-Powered-By: PHP/5.6.40
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Connection: keep-alive
Request-Id: 76a0f09733bb4d1937fa8d370a2f56f2
Ctl-Cache-Status: MISS from sc-chengdu1-ca04, MISS from gd-guangzhou13-ca08
Pragma: no-cache
Access-Control-Allow-Headers: *
Server: openresty
Ctl-Server-IP: 125.64.6.25:80
Ctl-Server-Code: 200
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: text/html; charset=UTF-8
Via: 1.1 google, [45,zone-sc-chengdu1-cache-04.in.ctcdn.cn], [103,edge-gd-guangzhou13-cache-08.in.ctcdn.cn]
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
X-Fastcgi-Cache: EXPIRED
ctyun-origin: 43

GET
H2 200 z_stat.php Show response
s4.cnzz.com/ Frame 013D 11 KB
4 KB 253ms
252ms Script
application/javascript 221.231.83.250
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.cnzz.com/z_stat.php?id=1279786795
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 221.231.83.250 Dongtai, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Tengine / PHP/5.5.25
Resource Hash: 97ea0dc683e5443b9dd8bfcd447c48e53da61b3ce0f9ca1a7eaf68f8a52f13ed

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 05:47:57 GMT
content-encoding: gzip
age: 8647
x-powered-by: PHP/5.5.25
x-cache: HIT TCP_MEM_HIT dirn:10:1086524572
x-swift-cachetime: 10800
x-swift-savetime: Thu, 03 Mar 2022 05:47:57 GMT
content-length: 4051
last-modified: Thu, 03 Mar 2022 05:47:57 GMT
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1646286477
content-type: application/javascript
via: cache15.l2cn2656[33,33,200-0,M], cache42.l2cn2656[34,0], cache6.cn2570[0,0,200-0,H], cache34.cn2570[0,0]
cache-control: max-age=5400,s-maxage=10800
timing-allow-origin: *
eagleid: dde7533616462951244753024e

GET
H2 200 core.php Show response
c.cnzz.com/ Frame 013D 969 B
910 B 265ms
246ms Script
application/javascript 221.231.83.250
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.cnzz.com/core.php?web_id=1279786795&t=z
Requested by: Host: s4.cnzz.com
URL: https://s4.cnzz.com/z_stat.php?id=1279786795
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 221.231.83.250 Dongtai, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Tengine / PHP/5.5.25
Resource Hash: d48580212cfb631150bdea62cd14d6faff48bb6f7eeb59fb6b924b4c1f913e7f

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 07:59:34 GMT
content-encoding: gzip
age: 750
x-powered-by: PHP/5.5.25
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-cachetime: 900
x-swift-savetime: Thu, 03 Mar 2022 07:59:34 GMT
content-length: 620
last-modified: Thu, 03 Mar 2022 07:59:34 GMT
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1646294374
content-type: application/javascript
via: cache22.l2cn2656[39,38,200-0,M], cache40.l2cn2656[39,0], cache34.cn2570[0,0,200-0,H], cache34.cn2570[0,0]
timing-allow-origin: *
eagleid: dde7533616462951247574429e
expires: Thu, 03 Mar 2022 08:14:34 GMT

GET
H2 200 stat.htm
z3.cnzz.com/ Frame 013D 2 B
123 B 894ms
249ms Image
text/html 2408:4001:f00::2f
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z3.cnzz.com/stat.htm?id=1279786795&r=http%3A%2F%2Fwww.patpaynter.com%2F&lg=en-us&ntime=none&cnzz_eid=none&showp=1600x1200&p=https%3A%2F%2Fklx20.zhgm1jglhk.com%2F&t=tianbiav.com%20-%20%E5%85%8D%E8%B4%B9%E7%9F%AD%E8%A7%86%E9%A2%91%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8&umuuid=17f4ed60a88806-047675b2c4072b-977173c-1d4c00-17f4ed60a8952f&h=1&rnd=774762053
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2408:4001:f00::2f Beijing, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:05 GMT
content-encoding: gzip
server: Tengine
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 9.gif
cnzz.mmstat.com/ Frame 013D 43 B
463 B 456ms
99ms Image
image/gif 47.246.136.160
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cnzz.mmstat.com/9.gif?abc=1&rnd=1126624236
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.136.160 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Mar 2022 08:12:05 GMT
server: nginx
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 video-play.png
klx20.zhgm1jglhk.com/template/m1938pc/images/ Frame 013D 2 KB
2 KB 33ms
32ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://klx20.zhgm1jglhk.com/template/m1938pc/images/video-play.png
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/template/m1938pc/css/zui.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/template/m1938pc/css/zui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 117198
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1567
last-modified: Sun, 19 Dec 2021 02:38:52 GMT
server: cloudflare
etag: "61be9b3c-61f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oAExhuq6SoS0x8krFEAdbVa3vJqcv7u8PrvrfT8yls11SvqaJGfoNoi7ajpyq3hu4mf9Pf37Pav9PHkcEWRRXZCZD%2FPUO9lt9YiPi0MrtfAxHkRWansRxyJyufAMM%2BwTvZDkeYSdroRXDoBBHxVNssdceQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6e60e7b2b9de9213-FRA
expires: Thu, 31 Mar 2022 23:38:46 GMT

GET
H/1.1 200
OK 2935.gif
tp.dsdjclub.com/images/ Frame 8D8F 75 KB
76 KB 2554ms
215ms Image
image/gif 121.14.45.23
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tp.dsdjclub.com/images/2935.gif
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.14.45.23 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: openresty / ASP.NET
Resource Hash: a9a48176690e08b805d98613f43571c069fe2d101924b47699cb536b0ca68f08

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 08:12:07 GMT
Age: 6901
X-Powered-By: ASP.NET
Connection: keep-alive
Request-Id: 315273a308562f71d32820da8b6c01ae
Content-Length: 77069
Ctl-Cache-Status: HIT from sc-chengdu1-ca02, HIT from gd-guangzhou13-ca09
Access-Control-Allow-Headers: *
Last-Modified: Wed, 26 May 2021 17:07:45 GMT
Server: openresty
Etag: "c9efc0a55152d71:0"
Ctl-Server-Code: 304
Access-Control-Allow-Methods: *
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Ctl-Server-IP: 125.64.6.25:80
Accept-Ranges: bytes
ctyun-origin: 262

GET
H/1.1 200
OK 3405.gif
tp.dsdjclub.com/images/ Frame 013D 88 KB
88 KB 2828ms
508ms Image
image/gif 121.14.45.23
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tp.dsdjclub.com/images/3405.gif
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.14.45.23 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: openresty / ASP.NET
Resource Hash: 50e1e4167428213e7175e3078e78da48e15ecfac19e4afc5280f255c856e0138

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 08:12:07 GMT
Age: 8125
X-Powered-By: ASP.NET
Connection: keep-alive
Request-Id: 343fb04309efa0589c6d35f9b00880a4
Content-Length: 89910
Ctl-Cache-Status: HIT from sc-chengdu1-ca01, HIT from gd-guangzhou13-ca11
Access-Control-Allow-Headers: *
Last-Modified: Mon, 17 Jan 2022 18:23:45 GMT
Server: openresty
Etag: "a7edf5dcfbd81:0"
Ctl-Server-Code: 304
Access-Control-Allow-Methods: *
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Ctl-Server-IP: 125.64.6.25:80
Accept-Ranges: bytes
ctyun-origin: 174

GET
H/1.1 200
OK comt.php Show response
yd.gxdianhua.com/DNEW/ Frame 8D8F 2 KB
2 KB 3528ms
3527ms Fetch
text/html 121.14.45.22
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://yd.gxdianhua.com/DNEW/comt.php?uid=14862&yd=1
Requested by: Host: yd.yuanqitu.com
URL: https://yd.yuanqitu.com/DNEW/xtb.php?uid=14862&m=60
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.14.45.22 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: openresty /
Resource Hash: 7fa98149a0d6f4d086a5d7078466a4157bd48108d078308d554a7b8413386f4e

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 08:12:10 GMT
Content-Encoding: gzip
Age: 58
Transfer-Encoding: chunked
Connection: keep-alive
Request-Id: da7950e17351e52d3f352c92de5a2a94
Ctl-Cache-Status: MISS from sc-chengdu1-ca02, MISS from gd-guangzhou13-ca06
Pragma: no-cache
Access-Control-Allow-Headers: *
Server: openresty
Ctl-Server-IP: 125.64.6.25:80
Ctl-Server-Code: 200
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: text/html
Access-Control-Allow-Origin: https://klx20.zhgm1jglhk.com
Cache-Control: max-age=5
Access-Control-Allow-Credentials: true
ctyun-origin: 246

GET
H3 200 xt12.gif
tnlapp.com/static/images/ Frame 8D8F 732 KB
733 KB 77ms
77ms Image
image/gif 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tnlapp.com/static/images/xt12.gif
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/250.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea0a19f999b329c2bfbf1d2147109c6ddd90ad772d209b86229f0412324b0d47

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 608821
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 749706
last-modified: Mon, 07 Jun 2021 05:47:54 GMT
server: cloudflare
etag: "60bdb30a-b708a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eC7bZ4dGKcNrml%2FPgKyNY3g3Az3H7Rs4DCz6ncV09t18easVVC8fma4MtSj%2FPOLb8melBoo0HkSx0NSEDUMMkIOqyKx9mG%2ByHZGLpFBNVjQCIkpbQtY6UkNp3DdgdLZG7cFqQauTZnM%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6e60e7c00b5d900c-FRA
expires: Sat, 26 Mar 2022 07:05:06 GMT

GET
H3 200 xt10.gif
tnlapp.com/static/images/ Frame 8D8F 609 KB
610 KB 35ms
34ms Image
image/gif 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tnlapp.com/static/images/xt10.gif
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/250.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9dfe27cd3c4cfd68f0deb55a593bcac7f77494883c5dc7dbe6f1301e150ab9d

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 608821
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 623748
last-modified: Mon, 07 Jun 2021 05:47:53 GMT
server: cloudflare
etag: "60bdb309-98484"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ckOESwImMde9UkuBx0m%2FLrQTydfH01r4R2yS%2B5EfbWyzTgVUFccZTNHcmKTqlohTY71ZzlrcP8l9tJ%2BsPP%2BPF%2B6sh4%2F%2Fware%2BYEWSXCu9Z2UQssfpw07KNUUbQWYZm1CUZhOfUBEFGfB"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6e60e7c00b62900c-FRA
expires: Sat, 26 Mar 2022 07:05:06 GMT

GET
H3 200 xt1.gif
tnlapp.com/static/images/ Frame 8D8F 433 KB
434 KB 68ms
68ms Image
image/gif 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tnlapp.com/static/images/xt1.gif
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/251.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c01d665a1abb0e10e3ac90119e3674db0363a112da7f8322c12bbafbe0bd88dc

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 608820
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 443705
last-modified: Mon, 07 Jun 2021 05:47:45 GMT
server: cloudflare
etag: "60bdb301-6c539"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7whW3qeAGXpZMKPAZlu4U%2BkMIuLQPsleDOtQWyCmqg6HjBLp%2FpTgCAHggLdIwI5Ge693KDuLoLCqU497zoMGhh5ViOzhN5YjSbx1UQoKa3X17scylNq%2FcisTPtPaUb9avcI9SLEhlZhk"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6e60e7c00b65900c-FRA
expires: Sat, 26 Mar 2022 07:05:07 GMT

GET
H3 200 xt2.gif
tnlapp.com/static/images/ Frame 8D8F 368 KB
368 KB 48ms
47ms Image
image/gif 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tnlapp.com/static/images/xt2.gif
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/251.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c0afb20158289f63a2b8a9d57502a932cbaabb4b255babeacac3bf0a6534d80

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 608820
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 376694
last-modified: Mon, 07 Jun 2021 05:47:45 GMT
server: cloudflare
etag: "60bdb301-5bf76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tw2eLOs3Jr%2FI16d%2BrTPTsvnWmXk5mar6DfHgcWFVyOwgYUWNg8FPK0KfOM0Vn9I%2FCj9Va5izASOfxIUTtcDlgtPGCAmKaf3hgJ%2FhfnIuPeFPZyScPJdBWoQplD6mlQwCY0FedHKKVqsu"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6e60e7c00b66900c-FRA
expires: Sat, 26 Mar 2022 07:05:07 GMT

GET
H3 200 xt3.gif
tnlapp.com/static/images/ Frame 8D8F 189 KB
189 KB 59ms
58ms Image
image/gif 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tnlapp.com/static/images/xt3.gif
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/252.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac04d049696b8e58a9d9ccc2c2e90f480ad925f796df8ddb5a87f10250bc39e

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 608820
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 193237
last-modified: Mon, 07 Jun 2021 05:47:46 GMT
server: cloudflare
etag: "60bdb302-2f2d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sljNimnTHSXr11Ulab2Xir1uhxCsYtVXQ%2FrkFKj2s0Idl7VbDwPTufd51XnlaZJNjApnvUVUS2Ze7yeupZtqeQBRlOUxTbxhTe%2Bkww2ZV07LBW3QnJwN%2BZZI1kAn3QfgKaXKEUS0n85l"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6e60e7c00b67900c-FRA
expires: Sat, 26 Mar 2022 07:05:07 GMT

GET
H3 200 xt4.gif
tnlapp.com/static/images/ Frame 8D8F 599 KB
600 KB 63ms
61ms Image
image/gif 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tnlapp.com/static/images/xt4.gif
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/252.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2552d39b1e507bef8ff2d461a9798bc420e0e157eb57cec603ade1285ff0e65

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 608820
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 613488
last-modified: Mon, 07 Jun 2021 05:47:47 GMT
server: cloudflare
etag: "60bdb303-95c70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RmWL7kOMaIjaD0KNsF0En2hJ5Z%2FxE1MAtD9izcEHOAMU6JO0N7yBQkP7Jgm3DDUQlV2l9HvNQBWyIDI3SGXpd3pVszayV6E4oSfHUYX6urRkYjRKl5O6sEpBYdO2gN4v88QUsi49Fivs"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6e60e7c00b6a900c-FRA
expires: Sat, 26 Mar 2022 07:05:07 GMT

GET
H3 200 xt6.gif
tnlapp.com/static/images/ Frame 8D8F 2 MB
2 MB 160ms
158ms Image
image/gif 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tnlapp.com/static/images/xt6.gif
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/253.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a6920701b78e0d28ab0d1bc646ccb7a82f93eaf66399a435b55788356d594eb

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 608820
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2168710
last-modified: Mon, 07 Jun 2021 05:47:50 GMT
server: cloudflare
etag: "60bdb306-211786"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rozY8WI4zGOix9gHEePguaDll8cDHdu%2FGHlqhJbQyUK05pjOK4xgqWmc9X66lopWqGsjweyMiwoXHYKP%2Ba3WVDbwcAItC93E8Vti%2FGkksO4v7ynHOB45aGVZudUtqB3JzZ8NRaSGt1X6"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6e60e7c00b6c900c-FRA
expires: Sat, 26 Mar 2022 07:05:07 GMT

GET
H3 200 xt7.gif
tnlapp.com/static/images/ Frame 8D8F 263 KB
263 KB 269ms
267ms Image
image/gif 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tnlapp.com/static/images/xt7.gif
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/253.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59c730a313db642dd842aad1586e7d3a29dabe14be7404a1cd0a0d25138e669c

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 608820
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 269177
last-modified: Mon, 07 Jun 2021 05:47:50 GMT
server: cloudflare
etag: "60bdb306-41b79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRIoNJeBtNuU%2FQ0yF1NkhQQ8mF77%2BqJF%2FcJPjd8cbPrSRe4f9Wm18A2lR5ukscNCtPjHMfCFUVaGPZnrpfW3mymFoSbgZWsAfnwSyTxP2%2B9HcqtIynoq6YrHLM1T79S4mXIZ91S0VqIs"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6e60e7c00b6d900c-FRA
expires: Sat, 26 Mar 2022 07:05:07 GMT

GET
H3 200 xt11.gif
tnlapp.com/static/images/ Frame 8D8F 2 MB
2 MB 281ms
280ms Image
image/gif 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tnlapp.com/static/images/xt11.gif
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/254.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c64028fba849ecf81cae46173194457736017f36066493ba9241fc6717bb7ab

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38998
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1639812
last-modified: Mon, 07 Jun 2021 05:47:54 GMT
server: cloudflare
etag: "60bdb30a-190584"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A2TKXg6YxqOvu1LTRP5V3tzYpV5f8nGP9LsCX5wQIUHvLoH9%2BV6wGEQdwUZcRvfWiwCmYfa9SDhu7GjV%2BJEAV3GbMJAOKvhLIjU919zV3co7GHWTJ%2BQyBgH87LSjnRSbMzbexK19msVl"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6e60e7c00b6f900c-FRA
expires: Fri, 01 Apr 2022 21:22:09 GMT

GET
H3 200 xt9.gif
tnlapp.com/static/images/ Frame 8D8F 322 KB
322 KB 382ms
381ms Image
image/gif 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tnlapp.com/static/images/xt9.gif
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/254.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd96321466d68dddabbc45cf7d72821ab7801de184f638a382b6a6681fba949d

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 608820
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 329331
last-modified: Mon, 07 Jun 2021 05:47:52 GMT
server: cloudflare
etag: "60bdb308-50673"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GYKftzm8IiT1EQjJAh1CKNpJYkQCkf%2BEIkHvsRsTS6zgiLMlYsfEyNwq2nronu0DOsgkVIXuVgguP1Vl9UoqwZq7B6vPf%2B9zeMdGoyJwaR24KL5HnPkHA07MzujcyLUrOeb0x2mP%2B8va"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6e60e7c00b70900c-FRA
expires: Sat, 26 Mar 2022 07:05:07 GMT

GET
H/1.1 200
OK 54a2bf8c09.php Show response
g.ns-zhy.com/ Frame 8D8F 6 B
794 B 305ms
305ms Script
text/html 121.14.45.23
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ns-zhy.com/54a2bf8c09.php?a=11
Requested by: Host: tb.learning8808.com
URL: https://tb.learning8808.com/oitWTexq8uRCztWB/xx3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.14.45.23 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: openresty / PHP/5.6.40
Resource Hash: ab230e998eacc4e17557e2ab87f210db71e288990cc8a8d9fb9bcc46bdf97ba9

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 08:12:07 GMT
Content-Encoding: gzip
Age: 0
X-Powered-By: PHP/5.6.40
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Connection: keep-alive
Request-Id: 74a7fe9d05d6de935992c5e186aa0306
Ctl-Cache-Status: MISS from sc-chengdu1-ca04, MISS from gd-guangzhou13-ca08
Pragma: no-cache
Access-Control-Allow-Headers: *
Server: openresty
Ctl-Server-IP: 125.64.6.25:80
Ctl-Server-Code: 200
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: text/html; charset=UTF-8
Via: 1.1 google, [44,zone-sc-chengdu1-cache-02.in.ctcdn.cn], [76,edge-gd-guangzhou13-cache-08.in.ctcdn.cn]
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
X-Fastcgi-Cache: EXPIRED
ctyun-origin: 43

GET
H3 200 video-play.png
klx20.zhgm1jglhk.com/template/m1938pc/images/ Frame 8D8F 2 KB
2 KB 45ms
44ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://klx20.zhgm1jglhk.com/template/m1938pc/images/video-play.png
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/template/m1938pc/css/zui.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/template/m1938pc/css/zui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 117201
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1567
last-modified: Sun, 19 Dec 2021 02:38:52 GMT
server: cloudflare
etag: "61be9b3c-61f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZ0dvmMQFJBBck4aGkS5MEmtF8Yv4pdARkho%2FiBpReNakpi2z9JQTSDpEGZ%2BGOrsfWVOSsbSRhILvNOwG2BKRxbuXVPCn2TnLmgi2%2FDpviu1DZqtCAr2vQyGD0thcW3WHFLWI7Ev1MEjouPSP9kliy%2Fxug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6e60e7c0191f9213-FRA
expires: Thu, 31 Mar 2022 23:38:46 GMT

GET
H2 200 z_stat.php Show response
s4.cnzz.com/ Frame 8D8F 11 KB
4 KB 247ms
245ms Script
application/javascript 221.231.83.250
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.cnzz.com/z_stat.php?id=1279786795
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 221.231.83.250 Dongtai, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Tengine / PHP/5.5.25
Resource Hash: 97ea0dc683e5443b9dd8bfcd447c48e53da61b3ce0f9ca1a7eaf68f8a52f13ed

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 05:47:57 GMT
content-encoding: gzip
age: 8650
x-powered-by: PHP/5.5.25
x-cache: HIT TCP_MEM_HIT dirn:10:1086524572
x-swift-cachetime: 10800
x-swift-savetime: Thu, 03 Mar 2022 05:47:57 GMT
content-length: 4051
last-modified: Thu, 03 Mar 2022 05:47:57 GMT
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1646286477
content-type: application/javascript
via: cache15.l2cn2656[33,33,200-0,M], cache42.l2cn2656[34,0], cache6.cn2570[0,0,200-0,H], cache34.cn2570[1,0]
cache-control: max-age=5400,s-maxage=10800
timing-allow-origin: *
eagleid: dde7533616462951274721247e

GET
H2 200 core.php Show response
c.cnzz.com/ Frame 8D8F 969 B
694 B 248ms
247ms Script
application/javascript 221.231.83.250
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.cnzz.com/core.php?web_id=1279786795&t=z
Requested by: Host: s4.cnzz.com
URL: https://s4.cnzz.com/z_stat.php?id=1279786795
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 221.231.83.250 Dongtai, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Tengine / PHP/5.5.25
Resource Hash: d48580212cfb631150bdea62cd14d6faff48bb6f7eeb59fb6b924b4c1f913e7f

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 07:59:34 GMT
content-encoding: gzip
age: 753
x-powered-by: PHP/5.5.25
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-cachetime: 900
x-swift-savetime: Thu, 03 Mar 2022 07:59:34 GMT
content-length: 620
last-modified: Thu, 03 Mar 2022 07:59:34 GMT
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1646294374
content-type: application/javascript
via: cache22.l2cn2656[39,38,200-0,M], cache40.l2cn2656[39,0], cache34.cn2570[0,0,200-0,H], cache34.cn2570[0,0]
timing-allow-origin: *
eagleid: dde7533616462951277312480e
expires: Thu, 03 Mar 2022 08:14:34 GMT

GET
H2 200 stat.htm
z3.cnzz.com/ Frame 8D8F 2 B
123 B 1480ms
988ms Image
text/html 2408:4001:f00::2f
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z3.cnzz.com/stat.htm?id=1279786795&r=http%3A%2F%2Fwww.patpaynter.com%2F&lg=en-us&ntime=none&cnzz_eid=none&showp=1600x1200&p=https%3A%2F%2Fklx20.zhgm1jglhk.com%2F&t=tianbiav.com%20-%20%E5%85%8D%E8%B4%B9%E7%9F%AD%E8%A7%86%E9%A2%91%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8&umuuid=17f4ed61639787-016dc82646354e-977173c-1d4c00-17f4ed6163adac&h=1&rnd=1684778438
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2408:4001:f00::2f Beijing, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 08:12:08 GMT
content-encoding: gzip
server: Tengine
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 9.gif
cnzz.mmstat.com/ Frame 8D8F 43 B
174 B 96ms
95ms Image
image/gif 47.246.136.160
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cnzz.mmstat.com/9.gif?abc=1&rnd=1214449118
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.136.160 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Mar 2022 08:12:07 GMT
server: nginx
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK close99.png
tp.dsdjclub.com/images/ Frame 8D8F 594 B
1 KB 218ms
218ms Image
image/png 121.14.45.23
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tp.dsdjclub.com/images/close99.png
Requested by: Host: klx20.zhgm1jglhk.com
URL: https://klx20.zhgm1jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.14.45.23 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: openresty / ASP.NET
Resource Hash: 1bb2963c4fa5c227501188ef57b2a7e43913d878acb70e64fb6036a3f154d46b

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 08:12:08 GMT
Age: 78617
X-Powered-By: ASP.NET
Connection: keep-alive
Request-Id: 96d84564bd2f005ccc5911c60f0941b1
Content-Length: 594
Ctl-Cache-Status: HIT from sc-chengdu1-ca04, HIT from gd-guangzhou13-ca07
Last-Modified: Thu, 02 Aug 2018 03:13:29 GMT
Server: openresty
Etag: "f7ab3ac9e2ad41:0"
Ctl-Server-Code: 304
Access-Control-Allow-Methods: *
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Ctl-Server-IP: 125.64.6.25:80
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK close99.png
tp.dsdjclub.com/images/ Frame 013D 594 B
1 KB 225ms
224ms Image
image/png 121.14.45.23
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tp.dsdjclub.com/images/close99.png
Requested by: Host: www.patpaynter.com
URL: http://www.patpaynter.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.14.45.23 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: openresty / ASP.NET
Resource Hash: 1bb2963c4fa5c227501188ef57b2a7e43913d878acb70e64fb6036a3f154d46b

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 08:12:08 GMT
Age: 78617
X-Powered-By: ASP.NET
Connection: keep-alive
Request-Id: b07d0de901f3a3f413ae6bec3bed7432
Content-Length: 594
Ctl-Cache-Status: HIT from sc-chengdu1-ca04, HIT from gd-guangzhou13-ca07
Access-Control-Allow-Headers: *
Last-Modified: Thu, 02 Aug 2018 03:13:29 GMT
Server: openresty
Etag: "f7ab3ac9e2ad41:0"
Access-Control-Allow-Methods: *
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Ctl-Server-IP: 125.64.6.25:80
Accept-Ranges: bytes
Ctl-Server-Code: 304

GET
H/1.1 200
OK 3254.gif
tp.dsdjclub.com/images/ Frame 013D 60 KB
60 KB 217ms
217ms Image
image/gif 121.14.45.23
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tp.dsdjclub.com/images/3254.gif
Requested by: Host: www.patpaynter.com
URL: http://www.patpaynter.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.14.45.23 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: openresty / ASP.NET
Resource Hash: feea1eaa91c362380f6cf80cab7fe63335a89af3d2d55df309c5378124a42a85

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 08:12:10 GMT
Age: 5321
X-Powered-By: ASP.NET
Connection: keep-alive
Request-Id: b173978562d2b7ee354613acb5f37882
Content-Length: 61134
Ctl-Cache-Status: HIT from sc-chengdu1-ca01, HIT from gd-guangzhou13-ca09
Access-Control-Allow-Headers: *
Last-Modified: Fri, 06 Aug 2021 13:36:04 GMT
Server: openresty
Etag: "aa52271c88ad71:0"
Access-Control-Allow-Methods: *
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Ctl-Server-IP: 125.64.6.25:80
Accept-Ranges: bytes
Ctl-Server-Code: 304

GET
H/1.1 200
OK 3254.gif
tp.dsdjclub.com/images/ Frame 013D 60 KB
60 KB 224ms
223ms Image
image/gif 121.14.45.23
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tp.dsdjclub.com/images/3254.gif
Requested by: Host: www.patpaynter.com
URL: http://www.patpaynter.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.14.45.23 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: openresty / ASP.NET
Resource Hash: feea1eaa91c362380f6cf80cab7fe63335a89af3d2d55df309c5378124a42a85

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 08:12:10 GMT
Age: 5321
X-Powered-By: ASP.NET
Connection: keep-alive
Request-Id: d6a57b1fc21ed33ba0b5c8d6cc753e98
Content-Length: 61134
Ctl-Cache-Status: HIT from sc-chengdu1-ca01, HIT from gd-guangzhou13-ca09
Access-Control-Allow-Headers: *
Last-Modified: Fri, 06 Aug 2021 13:36:04 GMT
Server: openresty
Etag: "aa52271c88ad71:0"
Access-Control-Allow-Methods: *
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Ctl-Server-IP: 125.64.6.25:80
Accept-Ranges: bytes
Ctl-Server-Code: 304

GET
H/1.1 200
OK close99.png
tp.dsdjclub.com//images/ Frame 013D 594 B
1 KB 217ms
217ms Image
image/png 121.14.45.23
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tp.dsdjclub.com//images/close99.png
Requested by: Host: www.patpaynter.com
URL: http://www.patpaynter.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.14.45.23 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: openresty / ASP.NET
Resource Hash: 1bb2963c4fa5c227501188ef57b2a7e43913d878acb70e64fb6036a3f154d46b

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 08:12:10 GMT
Age: 78619
X-Powered-By: ASP.NET
Connection: keep-alive
Request-Id: a6b6483c25e3096a901df215461c741f
Content-Length: 594
Ctl-Cache-Status: HIT from sc-chengdu1-ca04, HIT from gd-guangzhou13-ca07
Last-Modified: Thu, 02 Aug 2018 03:13:29 GMT
Server: openresty
Etag: "f7ab3ac9e2ad41:0"
Ctl-Server-Code: 304
Access-Control-Allow-Methods: *
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Ctl-Server-IP: 125.64.6.25:80
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 2977.gif
tp.dsdjclub.com/images/ Frame 8D8F 16 KB
17 KB 217ms
217ms Image
image/gif 121.14.45.23
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tp.dsdjclub.com/images/2977.gif
Requested by: Host: www.patpaynter.com
URL: http://www.patpaynter.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.14.45.23 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: openresty / ASP.NET
Resource Hash: b9f6d9721b008dcbbb867187a36a2a32fd106486d20acb3f00da9c040eb0548b

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 08:12:10 GMT
Age: 70047
X-Powered-By: ASP.NET
Connection: keep-alive
Request-Id: 416efc84369c85a1e334fa49e909f2d2
Content-Length: 16293
Ctl-Cache-Status: HIT from sc-chengdu1-ca02, HIT from gd-guangzhou13-ca12
Access-Control-Allow-Headers: *
Last-Modified: Thu, 03 Jun 2021 15:25:14 GMT
Server: openresty
Etag: "31c775a68c58d71:0"
Ctl-Server-Code: 304
Access-Control-Allow-Methods: *
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Ctl-Server-IP: 125.64.6.25:80
Accept-Ranges: bytes
ctyun-origin: 232

GET
H/1.1 200
OK 2977.gif
tp.dsdjclub.com/images/ Frame 8D8F 16 KB
17 KB 219ms
218ms Image
image/gif 121.14.45.23
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tp.dsdjclub.com/images/2977.gif
Requested by: Host: www.patpaynter.com
URL: http://www.patpaynter.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.14.45.23 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: openresty / ASP.NET
Resource Hash: b9f6d9721b008dcbbb867187a36a2a32fd106486d20acb3f00da9c040eb0548b

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 08:12:10 GMT
Age: 70047
X-Powered-By: ASP.NET
Connection: keep-alive
Request-Id: 721e59af98f0c4626b7c504279ab1b4c
Content-Length: 16293
Ctl-Cache-Status: HIT from sc-chengdu1-ca02, HIT from gd-guangzhou13-ca12
Access-Control-Allow-Headers: *
Last-Modified: Thu, 03 Jun 2021 15:25:14 GMT
Server: openresty
Etag: "31c775a68c58d71:0"
Ctl-Server-Code: 304
Access-Control-Allow-Methods: *
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Ctl-Server-IP: 125.64.6.25:80
Accept-Ranges: bytes
ctyun-origin: 232

GET
H/1.1 200
OK close99.png
tp.dsdjclub.com//images/ Frame 8D8F 594 B
1 KB 216ms
215ms Image
image/png 121.14.45.23
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tp.dsdjclub.com//images/close99.png
Requested by: Host: www.patpaynter.com
URL: http://www.patpaynter.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.14.45.23 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: openresty / ASP.NET
Resource Hash: 1bb2963c4fa5c227501188ef57b2a7e43913d878acb70e64fb6036a3f154d46b

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://klx20.zhgm1jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 08:12:10 GMT
Age: 78619
X-Powered-By: ASP.NET
Connection: keep-alive
Request-Id: 2039cfdd21ea38188db1e38138d1022d
Content-Length: 594
Ctl-Cache-Status: HIT from sc-chengdu1-ca04, HIT from gd-guangzhou13-ca07
Access-Control-Allow-Headers: *
Last-Modified: Thu, 02 Aug 2018 03:13:29 GMT
Server: openresty
Etag: "f7ab3ac9e2ad41:0"
Access-Control-Allow-Methods: *
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Ctl-Server-IP: 125.64.6.25:80
Accept-Ranges: bytes
Ctl-Server-Code: 304

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s4.cnzz.com
URL: https://s4.cnzz.com/z_stat.php?id=1280914991&web_id=1280914991

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.patpaynter.com/	1970-01-20 01:18:15	Name: Cookies_KL Value: 1
.hm.baidu.com/	1970-01-25 20:29:45	Name: HMACCOUNT_BFESS Value: 971555158430CDED
.www.patpaynter.com/	1970-01-20 10:03:51	Name: Hm_lvt_b612079d928e97fce7171ee79868a9fe Value: 1646295121
.www.patpaynter.com/	1969-12-31 23:59:59	Name: Hm_lpvt_b612079d928e97fce7171ee79868a9fe Value: 1646295121
.mmstat.com/	1970-01-20 10:03:51	Name: cna Value: VWanGvTysHMCAVURHJdTezQa
.cnzz.mmstat.com/	1969-12-31 23:59:59	Name: sca Value: ba007832
.cnzz.mmstat.com/	1969-12-31 23:59:59	Name: atpsida Value: 39dd4600ce5cddb7d9bb045b_1646295127_2

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://www.patpaynter.com/tj.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s4.cnzz.com/z_stat.php?id=1280914991&web_id=1280914991, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.patpaynter.com/tj.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s4.cnzz.com/z_stat.php?id=1280914991&web_id=1280914991, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8889357.com
api.share.baidu.com
c.cnzz.com
cnzz.mmstat.com
data.wssh188.com
g.ns-zhy.com
hm.baidu.com
klx20.zhgm1jglhk.com
patpaynter.com
push.zhanzhang.baidu.com
s4.cnzz.com
tb.learning8808.com
tnlapp.com
tp.dsdjclub.com
tujzac.com
ue3jfw.com
www.gg123456789gg.com
www.patpaynter.com
yd.gxdianhua.com
yd.yuanqitu.com
z3.cnzz.com
zigqnx.com
zndymj.com
s4.cnzz.com
103.170.15.113
103.170.15.53
103.235.46.191
112.34.113.148
121.14.45.19
121.14.45.22
121.14.45.23
136.0.141.3
136.0.141.5
154.23.245.118
180.101.212.103
221.231.83.250
2408:4001:f00::2f
2606:4700:3030::ac43:b6cf
2a06:98c1:3121::7
38.54.164.113
45.61.212.143
45.61.212.188
45.61.212.60
47.246.136.160
002d24c6abf2015d2635bb9e51812ba5906284d568e3f15b741eeee49400dbb7
04ce452cceeb517dc943056bec210aa1b81385ded72221d0e378724de872f054
0635bbc7f2a7320250f6a93679beafd25bd2a4a91c821d6b03490700ae609abb
0708d845c6f401e7444edb72d135f1ed22c2ef23b3be2e732c3d49265da06adb
07f837fc87342ae40c7d1c763f14cf91e041193daabfea0a241e2a74f0f39fc5
0c0afb20158289f63a2b8a9d57502a932cbaabb4b255babeacac3bf0a6534d80
141da6ff07f20ba1dae3b137ffa4e2240c92282425b42593d75ae887863c1a9d
14380270398b6ab5a64a3c2ca7e3bd85bceb8f34f61e92147c89e55972f6f4e0
16061291fde455f895453dfe0d93bd614bec4bd56f9612757e15b60f737d7795
162eb757b36e448c19ba5475bf1f616fe13b33b0db1f030b9c816182c0710ad1
16c979054735f846511546676d96e89ca253fd16b20119f020b8c2bb1c47d121
1824978c1e05651e88e9d4ded7b204b6fef723b16a09ca46d49df0944e67f461
1a4d5f449b1c0a4ea0350b7fa99cb17121079bfa1714e805188b463484d2bc71
1a6e208486b4667a6fdb058184c1bdf230e0042c7ce579d614a0dca8c0a46852
1bb2963c4fa5c227501188ef57b2a7e43913d878acb70e64fb6036a3f154d46b
1c64028fba849ecf81cae46173194457736017f36066493ba9241fc6717bb7ab
1e72a4a39a2600ab1eab7c4a7ee519860b6d02d47d76b092809ab1f2260be570
224c9e180d3e4582b93e4d6b0685b7dc220cc6dd0c100f5af5464d286ec3d55d
2818de9df2e84a4f89cd2a5e4a9b01f900a41abbe42f30ce795f8f512b0aec14
2c9a782076cff43d1f21b6793d40feee1292200b0e1b748abf86292e92604764
2e46c25165aeec9a5ab63d5e33e81cb44052236ecc2ba07824ef92134436e2e9
34828087dc10669f0fddd44df9e4b7eeacbc9d01c9e42955cae08ed3a238e79f
358ac7b26cf694cc28386d67ee604bc6e6ad967ad6c9339c134881ed68dc194f
35c7159b5d4851e6d7228f5f813b2f7a393f22fc56d3ea6ac50147a988bf45ed
3689e99467f7bc5ca6378b99e4cf45893ad611d2ac5e2f763030d81b595e8b4d
38ddb9ef6824c9e44d10365eda55c758628e6784d894156c5cf92c9b8911fb4e
3eff7ed01c8983e93d1fa9130a30df54d27df1f61556fce934a1fa9926cc9122
408cf82d77e42f25d4b635cc4cb4502f3de6699503f61df80346da479023a485
40eed4be7ec313b38f3213519cdf1e9b0730a025872278bc14e613fdbafd2caf
48154269d74debd70b5ac1bd8e4cf2376b34eaaf46acecfc47382b53b81944bd
48d9c97e960ea624115f37b50d82d86a168a5a866702656fd70aac7955ace5e4
497c49eb891c9b30be1f4268a1747032241ff5faa3bda79cf268e4f2f4046539
4f57f813f72ae2287bef8bf7c9c334e8912eea509a73dce143d816994b2cb185
4f5a4ccfc76ba88ee5137d66be94d473a9d1063a49b90b37aa01c8d1fb83eec4
50e1e4167428213e7175e3078e78da48e15ecfac19e4afc5280f255c856e0138
5349915475432a1fb7e3654fe4204a34160c83464cba25232c1756eb803d310e
58a610a1562fffa877359fb5328ae19b99b15b15dd2023e11cb6685b22c56c97
59c730a313db642dd842aad1586e7d3a29dabe14be7404a1cd0a0d25138e669c
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
67651e716604cbfc0a227caef15b468e239be03075e7fb69aaea8cdb7cdbd30d
685f869567b7545ec731df077a42e0bda8fbb6191a8490052764160e7990d03b
69fe2ac490282aba84cc32a1fc3b2a7fa8aa6279b47c01a786d577689356b26a
6a1cb4b7a1265c00c0f30a10a2a13bda68f73b45b7a74bf057630048f7635419
6bbc3999ad9e1210bd5df9fc4fa82a68a6d8943651a5359fb3374b4863351171
6bd538fb6e84fca951672a58265f9d0dfdd16f714b37ca516b8a365cf9421b28
7743b20de9f21d13b507bc29ae259c25a0be059e77d796ba72e1b3a7e510a100
77f94808c4a06864e707d1c5127b7e2a8fe32188835a3b4e69b791d54d87b25b
78aa39b3ce76afad2c528a380fbe6835f2f3075bdbb41faa31afdd0fa984ba0a
78da7b0736af56185c39d94b3976d2560bf14cf66f68e0655b3e59a799b84043
7fa98149a0d6f4d086a5d7078466a4157bd48108d078308d554a7b8413386f4e
80a8fa2d4d86821b69dbdea7808a928f21b74fbff18f9074fa788f828b2288a2
83d794d71bf8d7f055794090c65433f0fca50f4f50501f81c53397157deffbea
8490e5a5cd9563cff60392302418ce3fcd2c277b1c749f169b348b4b38c10276
8a57cb4e5eaf240ac84ebe10388f3a6e411b794f9f16beb91482a5d5507cced1
8a6920701b78e0d28ab0d1bc646ccb7a82f93eaf66399a435b55788356d594eb
8d47150bf44841c5cf6cdd90fc794f393cb0dfc8060f727c217d1913b8ca2cb7
97ea0dc683e5443b9dd8bfcd447c48e53da61b3ce0f9ca1a7eaf68f8a52f13ed
987f2137f8b591976b62f9fa502891f8a39c3e356397e6daf648ec2ca07f3222
99c230f6dda34920befd8af6152775b9399695744c3bb49940c3b26691578fcc
9fdf0799d9951ff180d5cf6efa7531a8ad7964418ca6b629df7b2a219241708b
a2552d39b1e507bef8ff2d461a9798bc420e0e157eb57cec603ade1285ff0e65
a2bb285b36f13b7b8db05efb01aca92aaca6f421c41f79c5fda7aa79a42bf6c6
a2d53d3ef2f1635760e7446235542b945d8f0df2d95b3ab535129b0b32199deb
a3baa28288b3e74cc37dd0ab5b38115b7df2a8a2f75c1276e3abefbef699aba7
a7140b4e4fa2574239ba8d00d9dae1931712e522f0932dd30fcf8b8e381df4e2
a9a48176690e08b805d98613f43571c069fe2d101924b47699cb536b0ca68f08
a9dfe27cd3c4cfd68f0deb55a593bcac7f77494883c5dc7dbe6f1301e150ab9d
ab230e998eacc4e17557e2ab87f210db71e288990cc8a8d9fb9bcc46bdf97ba9
b0471feaca519c1740ed8d5633e0414f94d1848afabf1aa0cdaa7ad3151ded26
b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d
b4222a7fa46c82fcbdc0f490e59144f40e71aa4ddfc452f50a40da1d53dc7b2f
b4276ffae8e95780a5d0d36a3096544b9b1ba58e448f71dcf8568f5e60270ecc
b4972e95543db893a0f079204e0c071a3dd38830f9087b735adad2f376d2ef29
b7967b2d61846d83a5dc500c9eb7e904c94f0044e19888651396cd0f853bb466
b9185aa819386b4eb6e06d570a5c56b80f4e7f18aacf4aeb72778c67525cae83
b93d6f671db8d0002d845adc37ccd7a3b46906ff323ae836c7308187d4bb0081
b9c8d72d1f4e1d46ed86f48c19c43a7c56e9977fb495bb27eb0d77fc5869a72f
b9f6d9721b008dcbbb867187a36a2a32fd106486d20acb3f00da9c040eb0548b
bd96321466d68dddabbc45cf7d72821ab7801de184f638a382b6a6681fba949d
be80084ead2c4594da3857bca999a8a7e5f92842814840532b008231b2c76e42
c01d665a1abb0e10e3ac90119e3674db0363a112da7f8322c12bbafbe0bd88dc
c08e3845d44b02ea168865b9f08f67304ad0170418289b6867c832b4553556d2
c3510d2088a921a15d67f6f89d7e3f9a8d329e71403d5734e479a78445f43f51
c6fafe28e6b8f4d93be498c49a8c43d61f3c7ea3f7d4ad43f793b5ba9abaf3e1
c87baf1a5a8f73165ad1bf8f1396c8ab992e6091474efb11a2b664c5932d25b6
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
cd3cb172962051a67ac8b86973659cf2bbfa0ff970b0767fa6eb073464f3e08f
cf2e6bcbbb91f5d53e33e3232e7a7f623861b1af444463accc94a998711b68e4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d484a55336729e37b21d8e083654895c7f457831117a9b69ffd780c0c033801d
d48580212cfb631150bdea62cd14d6faff48bb6f7eeb59fb6b924b4c1f913e7f
d5363b8fcdd964b113a00267225a5057093bf50624ef769fc30d4c3cbf6dd433
d8b69a21942a9270c3bb3db017821ef68fc752655d4f25656be3752ffd7fb733
dac04d049696b8e58a9d9ccc2c2e90f480ad925f796df8ddb5a87f10250bc39e
e02c6ae377976ea076855b3fdecf419fa5f5584ce8a7da9b9edc510b9fe912ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3be0b946f8491fbcdfa12502d0ef89cc171ee857ff2cd8adc28460d42abd3a1
e4c7bb3eff1a893b389887fea57f643a0fe29324cd90d3cd28ef03c9e82b1858
e4f33d56d98a54214716e3903e170ab014f1ef1302ae8ffa27b4f877d1c1b43b
e68fd3347698d703093244a4201c23c9314d4a4be7cdd1f00736115ca4c30b1c
ea0a19f999b329c2bfbf1d2147109c6ddd90ad772d209b86229f0412324b0d47
ec72edc31a8bc63696e1735bc67738452ec07e8b03e5e3c231914adfcf2d59b4
ecdaaaecc2e442eb2cd78382fd0d79e6d9f1c2cd99b691a259721de74e037f47
ed4bd823d3b3819a9a510d8d36a059babf366aa3bc319bc822ecf1d152609cc1
f61dbc7757858c86113ab3a7dc632936b7a758e4994847389d40350743db6880
fe6442924d9052e9db966a454172290c50beb894c8a4e47db1bbf2ab9fcf2cf4
feea1eaa91c362380f6cf80cab7fe63335a89af3d2d55df309c5378124a42a85

www.patpaynter.com Open in urlscan Pro 38.54.164.113 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

226 Requests

96 %HTTPS

15 %IPv6

18 Domains

23 Subdomains

21 IPs

4 Countries

27607 kBTransfer

28005 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

226 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.patpaynter.com Open in urlscan Pro
38.54.164.113 Public Scan

Screenshot
Live screenshot

Full Image

226
Requests

96 %
HTTPS

15 %
IPv6

18
Domains

23
Subdomains

21
IPs

4
Countries

27607 kB
Transfer

28005 kB
Size

7
Cookies

226 HTTP transactions
0 data transactions