klxumibc.gettingshenstate.com Open in urlscan Pro
2606:4700:3030::6815:3001 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://klxumibc.gettingshenstate.com/
Submission: On December 26 via api (December 26th 2024, 1:43:08 am UTC) from US — Scanned from US

Summary HTTP 62 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 62 HTTP transactions. The main IP is 2606:4700:3030::6815:3001, located in United States and belongs to CLOUDFLARENET, US. The main domain is klxumibc.gettingshenstate.com.
TLS certificate: Issued by WE1 on November 14th 2024. Valid for: 3 months.

This is the only time klxumibc.gettingshenstate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 28	2606:4700:303... 2606:4700:3030::6815:3001	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:824::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:817::2008	15169 (GOOGLE) (GOOGLE)
22	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	2600:9000:24f... 2600:9000:24f0:3400:c:7d55:b3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2607:f8b0:400... 2607:f8b0:4006:809::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
2	18.195.235.189 18.195.235.189	16509 (AMAZON-02) (AMAZON-02)
62	9

28 2606:4700:3030::6815:3001 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

klxumibc.gettingshenstate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:824::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f0:3400:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:809::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.235.189 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-235-189.eu-central-1.compute.amazonaws.com

emo75.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	gettingshenstate.com 2 redirects klxumibc.gettingshenstate.com	320 KB
22	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	3 MB
6	gstatic.com fonts.gstatic.com	72 KB
3	matomo.cloud cdn.matomo.cloud — Cisco Umbrella Rank: 17022 emo75.matomo.cloud	41 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	3 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	109 KB
62	7

	Domain	Requested by
28	klxumibc.gettingshenstate.com	2 redirects klxumibc.gettingshenstate.com
22	cdn.jsdelivr.net	klxumibc.gettingshenstate.com
6	fonts.gstatic.com	fonts.googleapis.com
2	emo75.matomo.cloud	cdn.matomo.cloud
2	fonts.googleapis.com	klxumibc.gettingshenstate.com
1	www.google-analytics.com	www.googletagmanager.com
1	cdn.matomo.cloud	klxumibc.gettingshenstate.com
1	www.googletagmanager.com	klxumibc.gettingshenstate.com
62	8

This site contains links to these domains. Also see Links.

Domain
t.me
en.wikipedia.org
www.mrcatdd.com

Subject Issuer	Validity	Valid
gettingshenstate.com WE1	`2024-11-14` - `2025-02-12`	3 months	crt.sh
upload.video.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.google-analytics.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
cdn.matomo.cloud Amazon RSA 2048 M02	`2024-09-25` - `2025-10-23`	a year	crt.sh
*.gstatic.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.matomo.cloud Amazon RSA 2048 M02	`2024-05-21` - `2025-06-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://klxumibc.gettingshenstate.com/
Frame ID: 939CFBD22BBCED62553CA2D70F124974
Requests: 65 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MRCAT - Casino Trực Tuyến Tốt Nhất Tại Việt Nam 2024

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

62
Requests

95 %
HTTPS

88 %
IPv6

7
Domains

8
Subdomains

9
IPs

2
Countries

3766 kB
Transfer

4838 kB
Size

4
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/bar168
Title: Đăng kí tư vấn

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Philippine_Amusement_and_Gaming_Corporation
Title: Philippine Amusement and Gaming Corporation

Search URL Search Domain Scan URL

URL: https://www.mrcatdd.com/
Title: HLV Diego Raul Giustozzi: Futsal Việt Nam đang phát triển rất nhanh

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://klxumibc.gettingshenstate.com/font/fl-icons.woff2?v=3.14.3 HTTP 301
https://klxumibc.gettingshenstate.com/archive/rjzow-19e23399747.html

Request Chain 62

https://klxumibc.gettingshenstate.com/font/fl-icons.ttf?v=3.14.3 HTTP 301
https://klxumibc.gettingshenstate.com/archive/eicbj-90f8499825.html

62 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
klxumibc.gettingshenstate.com/ 80 KB
24 KB 1705ms
1649ms Document
text/html 2606:4700:3030::6815:3001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:3001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a81924a24d744e28ec0b88d407d23590648242809de3fbbba1761e94d7fa9319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache no-cache
cf-cache-status: DYNAMIC
cf-ray: 8f7d60a289568c5d-EWR
content-encoding: zstd
content-type: text/html; charset=utf-8
date: Thu, 26 Dec 2024 01:43:01 GMT
expires: Thu, 26 Dec 2024 01:43:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nIOP1Q5E6pDkKS12icrCYqi%2FYlRh%2F%2BUvR9a089NV%2BChLp07EBLuUOjJ2ld6yJ2fc8%2BSaRYiYC6S5qSsKCcd48BM0A9k7pvFGXjr6vyXSf%2BL%2B%2B2%2FS29LHVfU8ykgxRGaePOuvXujlvdl7CRiVzt9M72GhQdXErdCjz4p71Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H3 200 njxwu3y.script Show response
klxumibc.gettingshenstate.com/js/ 631 B
865 B 959ms
957ms Script
application/javascript 2606:4700:3030::6815:3001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://klxumibc.gettingshenstate.com/js/njxwu3y.script

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:3001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bb27979b1fa940b9b8a6f15e7065e0d41df2d1dcfdaab8e7b3c49586ebfde51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: no-cache, no-cache
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i8Kk6nhhml4%2F%2FJY2MYLqxN6HXcFftzjLxT4yKipuvZDlNHbvbAa8XIB7DI9it6W3MZLPnzfC4DrQbb6tBhRxdbXUGNIiuluxOgQgQtNe8SS03OD5A9%2FPC8NxsgqvDzBFcvAfTDJebQ%2FKI7GoO1T9%2FrBwexajKtKERZscog%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7d60acd9768c5d-EWR
expires: Thu, 26 Dec 2024 01:43:01 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Dec 2024 01:43:02 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare

GET
H3 200 abf.css
klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/css/ 2 KB
1 KB 462ms
458ms Stylesheet
text/css 2606:4700:3030::6815:3001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/css/abf.css

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:3001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

340e3468700806e13e8340ed8e5cebb0408cacc86040d8485373f9c8b6755d69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"655f6da6-911"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BFslbgAX25%2FAihQPLeivCW4bvVz%2F6wr%2BtVX7BOUQ426fGHZ7zfvD0X7%2FK7xVZRDceSz46GZEM0F%2BKaQC%2BPdwXR09Mwxh0wmDEyNTIJrtVc7RE5PBesiMhJKchbngNL6QTdCe1X8MjX3TeYby%2BWidyjd9AQ6YyhVJDxsGOw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7d60ace9778c5d-EWR
expires: Sat, 25 Jan 2025 01:43:02 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Dec 2024 01:43:02 GMT
content-type: text/css
last-modified: Thu, 23 Nov 2023 15:20:06 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 50c.css
klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/css/ 157 KB
29 KB 471ms
467ms Stylesheet
text/css 2606:4700:3030::6815:3001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/css/50c.css

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:3001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b64b23b4a62a17d314b64f2dc76260b4c5bcd10135c092eb59372d998c2ef7ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"655f6da4-2728e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RvyQhrKUNT9t4cqEdh2N1X4oJGTr%2BlItjnr8kbj68YwtmYhqZrcofbQREF0bFY9XaiXDVvltBlOLJWZp0FhsKu9Nm8XCTtrs%2F8HCC07Fi%2B%2BGmXmkTzTdSa8CDYEXKpRjVpxJqFH7DdLhqLn7WkXcPMB3g76172PoguLEEg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7d60ace9788c5d-EWR
expires: Sat, 25 Jan 2025 01:43:02 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Dec 2024 01:43:02 GMT
content-type: text/css
last-modified: Thu, 23 Nov 2023 15:20:04 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 426.css
klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/css/ 4 KB
1 KB 458ms
454ms Stylesheet
text/css 2606:4700:3030::6815:3001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/css/426.css

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:3001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0bd03b20ca696ff18a09ce99664fcb1619fb455d44df6064c786dbf1e9da76c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"655f6da3-e21"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5FnDiJZHE8OtqU4Iccxm%2BZjcdhBtT0iELP9h1kiJbGWfdWvv36GKVoY2YQIoorHNH3A3BlEuW8rIs%2BrvdqJ%2BhARVPlFHHWD5cVIgLNd7R8hvRQV17qVix0g%2BwL8APEubyVT8t7rPlm1tk6Ygo5W8D9loga2rQljv3h4CHw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7d60ace9798c5d-EWR
expires: Sat, 25 Jan 2025 01:43:02 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Dec 2024 01:43:02 GMT
content-type: text/css
last-modified: Thu, 23 Nov 2023 15:20:03 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 71d.css
klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/css/ 7 KB
2 KB 482ms
478ms Stylesheet
text/css 2606:4700:3030::6815:3001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/css/71d.css

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:3001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

704a59d920e39e608437f592af168ce66fd8abcf6b51d87747e63bc18c094d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"655f6da5-1ae1"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ft5lL4sD9sN74uK0GQ1yqsrb8UYIb7QBmtwN5GHNHKA%2BCCQPKpx0HQu%2BNY9I8bgQ6swPF%2B5hedxURy6nhNLG%2FY6dtsroTSzD5Etl%2FYiQV%2FoqiVZmI1pg1cASBKq5RiTPxslzqUQ9IrftLPYKDMiOafRlpt99Iov32v3k2A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7d60ace97a8c5d-EWR
expires: Sat, 25 Jan 2025 01:43:02 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Dec 2024 01:43:02 GMT
content-type: text/css
last-modified: Thu, 23 Nov 2023 15:20:05 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 aee.css
klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/css/ 14 KB
5 KB 456ms
452ms Stylesheet
text/css 2606:4700:3030::6815:3001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/css/aee.css

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:3001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfe22bc72414a2bdada9060ccf9a2e81a9f56236d39f07ab0f0ece67f58b437f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"655f6da8-3767"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zHN1v7ppV4Hfx1S00jPDj2yyq4mbWqFMLOMqa%2FCEQ2N%2Blyhy15FM20%2FqhlDCj5mGhQB8Kxtg1pd5FISnf%2BPiC5keN0o%2FMrKkk%2F59DaXn4%2Fiu83yogWR28tbteuqOwWPl5YNkVEfXSruIWO%2FouO9c7grTq4OnRFVKKQzkvA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7d60ace97b8c5d-EWR
expires: Sat, 25 Jan 2025 01:43:02 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Dec 2024 01:43:02 GMT
content-type: text/css
last-modified: Thu, 23 Nov 2023 15:20:08 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 47280.css
klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/css/ 5 KB
2 KB 454ms
451ms Stylesheet
text/css 2606:4700:3030::6815:3001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/css/47280.css

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:3001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1937047444f67739c45269ac8e6e5a460afe8c39b2ca463432ec7a4f9b9f13f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"655f6da4-13b1"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yZo%2BUkcZfhbTb7GkuvpRe4fDvHwUdJ7zxmBwxLmjvzZ5MgW98tcj%2BlWURtbI89phHdwq0jigOlhd6gyG2x9NdQEf17oCALInaAlSPn8eptr3kHz6Xyl6QAGsmBhIay%2FvBMh01S2whoEW7n20cnccZdpOYJnPuYwmmq7k2A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7d60ace97c8c5d-EWR
expires: Sat, 25 Jan 2025 01:43:02 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Dec 2024 01:43:02 GMT
content-type: text/css
last-modified: Thu, 23 Nov 2023 15:20:04 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 94708.css
klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/css/ 169 KB
38 KB 479ms
476ms Stylesheet
text/css 2606:4700:3030::6815:3001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/css/94708.css

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:3001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bb8930df43888d2e06f13a6991200cafbdb42bcdd3d0bb51702a171540eb37b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"655f6da6-2a41b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nd4cMoUtGzuztP3uqhxAbJ0EqiFIAVkyOhGU9Bq6I917qVYEK1UV8AZC9V5apkrkpLwGJFYuK9gHIcyc%2B7WMYmAldYKOeFEmOMtzW57fISpnU2Vs%2BePy6AQZlfKPTtj4rCL52dhItdJC6wsvFL81MLdg%2FANqBwjpYc29Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7d60ace97d8c5d-EWR
expires: Sat, 25 Jan 2025 01:43:02 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Dec 2024 01:43:02 GMT
content-type: text/css
last-modified: Thu, 23 Nov 2023 15:20:06 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 42ff.css
klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/css/ 1016 B
1014 B 476ms
473ms Stylesheet
text/css 2606:4700:3030::6815:3001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/css/42ff.css

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:3001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db38b1f8dcf8e2e199086bbaecb2415d5a9d8e57e563167c456aeadce644909e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: zstd
cf-cache-status: REVALIDATED
etag: W/"655f6da3-3f8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CDzy3lGdkA5qkDtZxBDF%2FKf7ACOngBg225Raw4y%2F59p%2BHeOcBKEyV9UV3Ut%2BsXy40rAaYuxQd4vwAQBSpl3fPVAuWkAMjbiEaXksKqfT%2Bi4N%2BHPy4yzr%2FpgWV7LScfgyOMTshnzpWNzhB3S%2FTber5F%2FoXoQjsOK%2BOx2SxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7d60ace97e8c5d-EWR
expires: Sat, 25 Jan 2025 01:43:02 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Dec 2024 01:43:02 GMT
content-type: text/css
last-modified: Thu, 23 Nov 2023 15:20:03 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 44ms
23ms Stylesheet
text/css 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2C700%2Cregular&display=swap&ver=3.9

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3e3d7e0bce6022ae66381d04eb4742252d577ba15c5f9cceb49cb14c9eb90b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 26 Dec 2024 01:43:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Dec 2024 01:43:01 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 26 Dec 2024 01:21:46 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 jquery.js Show response
klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/js/ 88 KB
35 KB 472ms
470ms Script
application/javascript 2606:4700:3030::6815:3001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/js/jquery.js

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:3001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e7b3bb73807e4baa6b3741c7f87911532375748ada924909c04b4b9a721cc4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"655f6db3-15e1b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vU3pM0eyoSH1wzwLimhLjLxWQqKrCV1g2BlWpLbZ4XUO%2B8Hbi38Nx2rIkB17XmIs0irVRr1nPZRqDCatw%2BgykUEuMHcBLQ0jIHsMRAZuM%2FfPTpanrxpPiv%2BnYDCBmvg83EWu5GOyb2SMVTgbDfz6mP%2F682PVu91Ik309tg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7d60ace97f8c5d-EWR
expires: Sat, 25 Jan 2025 01:43:02 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Dec 2024 01:43:02 GMT
content-type: application/javascript
last-modified: Thu, 23 Nov 2023 15:20:19 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 328 KB
109 KB 56ms
40ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9537K8XZ6X

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

838cd45304d1966ade88351d7ad820a511fb6eea9438431bb290e2695d80310e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 26 Dec 2024 01:43:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Dec 2024 01:43:02 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 110864
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 202311221642540.png
cdn.jsdelivr.net/gh/goodreput/mct@main/img/ 56 KB
56 KB 68ms
47ms Image
image/png 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/goodreput/mct@main/img/202311221642540.png

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2b49323371591deef0f31ad2446fadcd0418c3c0290d135011690586e6d21c7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

access-control-expose-headers: *
etag: W/"deeb-BbAAnQq4wa/5Kgm4yDLmLzegEBc"
age: 23442
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Thu, 26 Dec 2024 01:43:01 GMT
content-type: image/png
x-served-by: cache-fra-eddf8230126-FRA, cache-lga21960-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 57067
x-jsd-version: main

GET
H3 200 menu.png
klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/img/ 183 B
692 B 471ms
469ms Image
image/png 2606:4700:3030::6815:3001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/img/menu.png

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:3001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ba89f575b25da0d1a5f5f94800441e164ede99efc1ca2f7605bab1c7eb33171

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

cf-cache-status: REVALIDATED
etag: "655f6dab-b7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uOurOhCi803WL1lymZlUfAU%2BUs0csGtYIZsQz52V%2BzCQ0KYMMEEOSoxNF%2FSXXBt2Q0gelLvyl4IzZBHTTZWAXAIQPurtuqIzXrYf4q%2F5dG97Hp7Q5qzwxEDmGl2GUQZyGiSN%2F33e%2B%2F2RtNboijhTkIfdM%2BnajsljaDbI8A%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 25 Jan 2025 01:43:02 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Dec 2024 01:43:02 GMT
content-type: image/png
last-modified: Thu, 23 Nov 2023 15:20:11 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f7d60ace9808c5d-EWR
accept-ranges: bytes
content-length: 183
server: cloudflare

GET
H2 200 202311221720185.jpg
cdn.jsdelivr.net/gh/goodreput/mct@main/img/ 157 KB
157 KB 7ms
6ms Image
image/jpeg 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/goodreput/mct@main/img/202311221720185.jpg

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3323b92cbb791a29e8c82e947f96b008371f1cf7cd431033e1744d7117c975e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

access-control-expose-headers: *
etag: W/"273bf-LXUQWW97fkAPtOid6eDLPtDhpm0"
age: 17528
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Thu, 26 Dec 2024 01:43:01 GMT
content-type: image/jpeg
x-served-by: cache-fra-eddf8230075-FRA, cache-lga21960-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 160703
x-jsd-version: main

GET
H3 200 202311221840822.jpg
cdn.jsdelivr.net/gh/goodreput/mct@main/img/ 188 KB
189 KB 7ms
7ms Image
image/jpeg 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/goodreput/mct@main/img/202311221840822.jpg

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ecd9ca885c0196f7d8f8f55342728daf2e718493d92767d21ac2bce8b6f2aabe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

access-control-expose-headers: *
etag: W/"2f1f0-E0MNo12oPbVYwUd2wMWWKRdmHJU"
age: 37881
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Thu, 26 Dec 2024 01:43:02 GMT
content-type: image/jpeg
x-served-by: cache-fra-etou8220041-FRA, cache-lga21929-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 193008
x-jsd-version: main

GET
H3 200 202311221854843.jpg
cdn.jsdelivr.net/gh/goodreput/mct@main/img/ 165 KB
165 KB 6ms
6ms Image
image/jpeg 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/goodreput/mct@main/img/202311221854843.jpg

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9200967457cb55b6f4a190fdea1b1ed26dc055a10f7057d555e521192e9d39d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

access-control-expose-headers: *
etag: W/"29341-COM6sVIUa7qAYc/caIudNAC1k8c"
age: 17528
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Thu, 26 Dec 2024 01:43:02 GMT
content-type: image/jpeg
x-served-by: cache-fra-etou8220114-FRA, cache-lga21929-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 168769
x-jsd-version: main

GET
H3 200 202311221908217.png
cdn.jsdelivr.net/gh/goodreput/mct@main/img/ 19 KB
19 KB 5ms
4ms Image
image/png 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/goodreput/mct@main/img/202311221908217.png

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0becc11cd2eec0e9497414312e1dbbfab57dbdd6a160285c921308eb0d597113

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

access-control-expose-headers: *
etag: W/"4a7e-7A7D+NKrtpWr2xlzB4zOc7rs8LM"
age: 17528
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Thu, 26 Dec 2024 01:43:02 GMT
content-type: image/png
x-served-by: cache-fra-eddf8230162-FRA, cache-lga21929-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19070
x-jsd-version: main

GET
H3 200 202311221908143.png
cdn.jsdelivr.net/gh/goodreput/mct@main/img/ 18 KB
19 KB 5ms
5ms Image
image/png 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/goodreput/mct@main/img/202311221908143.png

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9b6b5afead5250fc0d834e3503ec367f48c48bc6717db3ee7cd057b0f8507dfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

access-control-expose-headers: *
etag: W/"4904-AcyxjWCrRIu8rkyU+KBEaE05l/s"
age: 17528
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Thu, 26 Dec 2024 01:43:02 GMT
content-type: image/png
x-served-by: cache-fra-eddf8230103-FRA, cache-lga21929-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18692
x-jsd-version: main

GET
H3 200 202311221909838.png
cdn.jsdelivr.net/gh/goodreput/mct@main/img/ 26 KB
27 KB 6ms
5ms Image
image/png 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/goodreput/mct@main/img/202311221909838.png

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1eb0d3016c03ff33edafecf1ef1b210f9b1fd93c2baf54fb5db169a2eea897c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

access-control-expose-headers: *
etag: W/"698e-hccnD1C18m+0bYjpyQTpINGuLVk"
age: 8407
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Thu, 26 Dec 2024 01:43:02 GMT
content-type: image/png
x-served-by: cache-fra-etou8220133-FRA, cache-lga21929-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27022
x-jsd-version: main

GET
H3 200 202311221909315.png
cdn.jsdelivr.net/gh/goodreput/mct@main/img/ 30 KB
30 KB 460ms
460ms Image
image/png 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/goodreput/mct@main/img/202311221909315.png

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

54d7374b4bab45ea1b09d80f59f21ddcee60d673a28330ad3e9ab6f3d15877d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

access-control-expose-headers: *
etag: W/"7624-Oe0RO9YKVYZzCqix4L9OY1LwIaI"
age: 0
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Thu, 26 Dec 2024 01:43:02 GMT
content-type: image/png
x-served-by: cache-fra-etou8220157-FRA, cache-lga21929-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30244
x-jsd-version: main

GET
H3 200 202311221910761.jpg
cdn.jsdelivr.net/gh/goodreput/mct@main/img/ 80 KB
80 KB 7ms
6ms Image
image/jpeg 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/goodreput/mct@main/img/202311221910761.jpg

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e190623c767eb1aad36879ea4e44d365495fd81712acb8f3af34348ffd5d85a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

access-control-expose-headers: *
etag: W/"1409c-blNvqiVjNOm+aZ7p//4uM21enqI"
age: 17529
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Thu, 26 Dec 2024 01:43:02 GMT
content-type: image/jpeg
x-served-by: cache-fra-etou8220092-FRA, cache-lga21929-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 82076
x-jsd-version: main

GET
H3 200 202311221913692.jpg
cdn.jsdelivr.net/gh/goodreput/mct@main/img/ 86 KB
86 KB 7ms
6ms Image
image/jpeg 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/goodreput/mct@main/img/202311221913692.jpg

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

37f0727d5de0e739f4da82162c178eb2cd68f619d3789a55be39a8588c1b8c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

access-control-expose-headers: *
etag: W/"15642-gXx01tvyyJaiCY5f4mZPvc6gjUk"
age: 17529
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Thu, 26 Dec 2024 01:43:02 GMT
content-type: image/jpeg
x-served-by: cache-fra-etou8220139-FRA, cache-lga21929-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 87618
x-jsd-version: main

GET
H3 200 202311221914856.jpg
cdn.jsdelivr.net/gh/goodreput/mct@main/img/ 110 KB
110 KB 7ms
5ms Image
image/jpeg 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/goodreput/mct@main/img/202311221914856.jpg

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c3eb2f397e3187e28a44dcc628ea09db2a7e6cf40ea372e5ff2a5952df7791ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

access-control-expose-headers: *
etag: W/"1b7f2-resX68HcSXYUKRAlVYhmCa4LpMc"
age: 17529
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Thu, 26 Dec 2024 01:43:02 GMT
content-type: image/jpeg
x-served-by: cache-fra-eddf8230044-FRA, cache-lga21929-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 112626
x-jsd-version: main

GET
H3 200 202311222104201.jpeg
cdn.jsdelivr.net/gh/goodreput/mct@main/img/ 54 KB
54 KB 9ms
6ms Image
image/jpeg 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/goodreput/mct@main/img/202311222104201.jpeg

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

57125871ed6dab16f1238e972973f922a44e81e68c3fbe51cae3c4da16be74cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

access-control-expose-headers: *
etag: W/"d622-23CvWv/NxBeWYjXDImSYxWsW1w0"
age: 17528
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Thu, 26 Dec 2024 01:43:02 GMT
content-type: image/jpeg
x-served-by: cache-fra-etou8220146-FRA, cache-lga21929-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 54818
x-jsd-version: main

GET
H3 200 202311222108799.png
cdn.jsdelivr.net/gh/goodreput/mct@main/img/ 1 MB
1 MB 703ms
699ms Image
image/png 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/goodreput/mct@main/img/202311222108799.png

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ac6c0e1fcce59172a6240a3c1e63a09026113de514592fcff693274f25249f9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

access-control-expose-headers: *
etag: W/"15906b-kHH8P7OSXuGptDhgD0eN9yFSSf4"
age: 0
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Thu, 26 Dec 2024 01:43:03 GMT
content-type: image/png
x-served-by: cache-fra-eddf8230133-FRA, cache-lga21929-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1413227
x-jsd-version: main

GET
H3 200 202311222111030.png
cdn.jsdelivr.net/gh/goodreput/mct@main/img/ 50 KB
50 KB 12ms
8ms Image
image/png 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/goodreput/mct@main/img/202311222111030.png

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b07bd0c9ea94340597e32a72ab2b150cda266cc452c59bd0ea23ce21ca593b97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

access-control-expose-headers: *
etag: W/"c79d-NDQtEIj+yF/HiXMDTnMjwf/V4qQ"
age: 17528
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Thu, 26 Dec 2024 01:43:02 GMT
content-type: image/png
x-served-by: cache-fra-etou8220126-FRA, cache-lga21929-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 51101
x-jsd-version: main

GET
H3 200 202311222115065.jpeg
cdn.jsdelivr.net/gh/goodreput/mct@main/img/ 56 KB
56 KB 17ms
13ms Image
image/jpeg 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/goodreput/mct@main/img/202311222115065.jpeg

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

723c0e92a5c8d2a86474f69a2e14fd27bf433ae8ab8450054c3535d917510830

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

access-control-expose-headers: *
etag: W/"e00a-Ka1iJLlVwu8iyifHgDGLCsSMJRk"
age: 17528
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Thu, 26 Dec 2024 01:43:02 GMT
content-type: image/jpeg
x-served-by: cache-fra-etou8220117-FRA, cache-lga21929-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 57354
x-jsd-version: main

GET
H3 200 202311222116098.jpeg
cdn.jsdelivr.net/gh/goodreput/mct@main/img/ 72 KB
72 KB 13ms
9ms Image
image/jpeg 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/goodreput/mct@main/img/202311222116098.jpeg

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

699a264cd35936132dd011da5bfac500ac2193ecb0d88e284466f35d91216f59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

access-control-expose-headers: *
etag: W/"11e22-RLOgvhQDAoJHzTcQSyBeAGp4aDY"
age: 17529
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Thu, 26 Dec 2024 01:43:02 GMT
content-type: image/jpeg
x-served-by: cache-fra-etou8220159-FRA, cache-lga21929-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 73250
x-jsd-version: main

GET
H3 200 202311222116849.jpeg
cdn.jsdelivr.net/gh/goodreput/mct@main/img/ 78 KB
78 KB 14ms
11ms Image
image/jpeg 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/goodreput/mct@main/img/202311222116849.jpeg

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b29ccb9fba9212445df25e47a4eb30513765733f742f13893c58d070f9d6b2da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

access-control-expose-headers: *
etag: W/"1380d-t+ZLvChUy82VJbbiz80gz538gqc"
age: 17529
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Thu, 26 Dec 2024 01:43:02 GMT
content-type: image/jpeg
x-served-by: cache-fra-etou8220114-FRA, cache-lga21929-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 79885
x-jsd-version: main

GET
H3 200 202311222117991.jpeg
cdn.jsdelivr.net/gh/goodreput/mct@main/img/ 54 KB
54 KB 15ms
11ms Image
image/jpeg 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/goodreput/mct@main/img/202311222117991.jpeg

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

398cf14461f64b9197113ea006cbe148de2a85c51e80b513e4052b6ac94082c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

access-control-expose-headers: *
etag: W/"d773-T4uzpsQ1OzqFCNmIEKPTvccg44c"
age: 17529
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Thu, 26 Dec 2024 01:43:02 GMT
content-type: image/jpeg
x-served-by: cache-fra-etou8220112-FRA, cache-lga21929-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 55155
x-jsd-version: main

GET
H3 200 202311222119339.png
cdn.jsdelivr.net/gh/goodreput/mct@main/img/ 423 KB
423 KB 14ms
10ms Image
image/png 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/goodreput/mct@main/img/202311222119339.png

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ae3ca04287516afe4b63e6aca4ca96c891d4e968a648219985343220caadd27b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

access-control-expose-headers: *
etag: W/"69be0-+VW0q/sftYuo9XjWnsZLVzGWVFA"
age: 17529
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Thu, 26 Dec 2024 01:43:02 GMT
content-type: image/png
x-served-by: cache-fra-eddf8230074-FRA, cache-lga21929-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 433120
x-jsd-version: main

GET
H3 200 202311222120903.jpeg
cdn.jsdelivr.net/gh/goodreput/mct@main/img/ 91 KB
92 KB 10ms
7ms Image
image/jpeg 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/goodreput/mct@main/img/202311222120903.jpeg

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9a927f1cc3c555a06066bacb7eeafba771cb24da2403c08dc32e06faafd93127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

access-control-expose-headers: *
etag: W/"16dbc-Zdl0fKM+321jmUepCmlvuSCom3Q"
age: 17529
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Thu, 26 Dec 2024 01:43:02 GMT
content-type: image/jpeg
x-served-by: cache-fra-eddf8230107-FRA, cache-lga21929-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 93628
x-jsd-version: main

GET
H3 200 202311222122081.jpeg
cdn.jsdelivr.net/gh/goodreput/mct@main/img/ 22 KB
22 KB 11ms
8ms Image
image/jpeg 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/goodreput/mct@main/img/202311222122081.jpeg

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

117e2b63199e2b14e0016b4e46c8e7122a828c931d7545b65460e3483573536f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

access-control-expose-headers: *
etag: W/"573d-83YyyuGi3upsPXIwbEdyHyDkr5Y"
age: 17529
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Thu, 26 Dec 2024 01:43:02 GMT
content-type: image/jpeg
x-served-by: cache-fra-eddf8230139-FRA, cache-lga21929-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22333
x-jsd-version: main

GET
H3 200 202311222128359.svg
cdn.jsdelivr.net/gh/goodreput/mct@main/img/ 1 KB
937 B 10ms
7ms Image
image/svg+xml 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/goodreput/mct@main/img/202311222128359.svg

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8f8a8cdae1ecbed94a44a92ed2e1255714d431987f4475585f48013f3e7e47b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"565-KuRb6XNb/FvFGqMFq5f5xeY3cgc"
age: 23443
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Thu, 26 Dec 2024 01:43:02 GMT
content-type: image/svg+xml
x-served-by: cache-fra-etou8220039-FRA, cache-lga21929-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 577
x-jsd-version: main

GET
H3 200 5f3e.js Show response
klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/js/ 13 KB
5 KB 441ms
438ms Script
application/javascript 2606:4700:3030::6815:3001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/js/5f3e.js

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:3001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78d595aa418add6675e08da22e72cfe81f9e0dbc25aecbdda946fb085f62dd28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"655f6dad-321e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UaDDzH9KFPEMH%2FnDAazmsIztGQL1ZCTUa6I2ND66fUN7k35Rce0cxpoz%2BU5Uat%2Fz3zYG%2BhELjWhWgiXcqzTgV0q3c7wJtYxzGTytxF0FyjcWgNgBPvvfckmkWU7785ah0fykhu6ZdikEePq7k4VCNdWGmL%2Bd1NXpMuuLtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7d60b329968c5d-EWR
expires: Sat, 25 Jan 2025 01:43:03 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Dec 2024 01:43:03 GMT
content-type: application/javascript
last-modified: Thu, 23 Nov 2023 15:20:13 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 7199.js Show response
klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/js/ 15 KB
6 KB 460ms
457ms Script
application/javascript 2606:4700:3030::6815:3001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/js/7199.js

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:3001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

966404805d4f7875cb31e1047f6a5fdc1bfd4a0ed99958cfc94a7612b2a1767d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: MISS
etag: W/"655f6dad-3a9b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DXTIOk0GwmMi1JjY5SUqmuoklfPorzFDtddXtTjolv05iZC6OLxIbbKcAGUJ5bdSZOKBn5Q3uDKv0OPQOb8tRUHIwdEvflVZz1vTr6%2B%2B5IXShYSe%2F8DWTAqgMYrd8MgRuAU%2FpsCe3wO4wI3yy83ljRnmGR3XR%2BhXIm0AmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7d60b329978c5d-EWR
expires: Sat, 25 Jan 2025 01:43:03 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Dec 2024 01:43:03 GMT
content-type: application/javascript
last-modified: Thu, 23 Nov 2023 15:20:13 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 e3cd.js Show response
klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/js/ 41 KB
14 KB 471ms
469ms Script
application/javascript 2606:4700:3030::6815:3001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/js/e3cd.js

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:3001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21bb877a4e54e90f3e60b41fbf950d09ceaf5eae88dcfbdcdfc4f415c9669fdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"655f6db0-a5ed"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g%2BSmbd1WeLQMvdByal%2FWMYOYaXRX8stN4OMDhVSIGxju3cn9Q705Q8YpVcRIMJQSQU45o8%2BFtk7ppb%2FwkVt1rzUbblyoDJTDmWsf%2Fq6tbLrgsUt%2BwyLbwJXy0qWvFqdOA4VX1oc8VH1BbKLInXDwy9%2FOwzIVS7NP3SO9ag%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7d60b3299a8c5d-EWR
expires: Sat, 25 Jan 2025 01:43:03 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Dec 2024 01:43:03 GMT
content-type: application/javascript
last-modified: Thu, 23 Nov 2023 15:20:16 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 2934.js Show response
klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/js/ 3 KB
2 KB 448ms
445ms Script
application/javascript 2606:4700:3030::6815:3001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/js/2934.js

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:3001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70adb76480600ae4ce919717372f9a3cdddf674df2a3f3508bd48d6c3143f15a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"655f6dad-c29"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rHC%2B9U3S5nXePRkWRYJc%2F0Pz%2FeY1%2FxQILRM0keckJrB3xgIU9QnU2gJQNF8s3h9nFpU5NeWlfmHCsa%2FoeCLgJUbgpYMAXUUbRgGU7PLpUROHyqf%2BqJS1lXCHjbGHzPKAUvxpiv2UjkfnJwayffRwFEiPE7GNKu%2BOnqC6QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7d60b329988c5d-EWR
expires: Sat, 25 Jan 2025 01:43:03 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Dec 2024 01:43:03 GMT
content-type: application/javascript
last-modified: Thu, 23 Nov 2023 15:20:13 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 instant.js Show response
klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/js/ 5 KB
2 KB 449ms
447ms Script
application/javascript 2606:4700:3030::6815:3001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/js/instant.js

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:3001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56a368f010d9e6405dbb76ae8488cf8003b9cbc7b31d8ffab69ce0fc5b4a20b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: MISS
etag: W/"655f6db3-12dc"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WYhy0LRYFjXIKRNYKmATUFSX1TNx8o9f3pznsFMA8B2VlIPnV50TbSHKlSa63zGmKFUt3lEiW6gY%2FoMIegtgruly1oO2BREMtLi4zDgwBeVlc%2B4C2ujYub9dKN28R3zmLXrlTk6IB1ozbwujUuhmeHitbbLw8Lrzuh7FPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7d60b3299b8c5d-EWR
expires: Sat, 25 Jan 2025 01:43:03 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Dec 2024 01:43:03 GMT
content-type: application/javascript
last-modified: Thu, 23 Nov 2023 15:20:19 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 8068.js Show response
klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/js/ 16 KB
7 KB 448ms
446ms Script
application/javascript 2606:4700:3030::6815:3001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/js/8068.js

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:3001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6224c9a7fe8a2d6aca827df9dee645632a1a059752e4a257d9449e1ad5d532e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"655f6dae-4125"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xAX7au95KMkwIoSnbEv1r0eAKrhuTHcoA5myluxR1kkVufZFEIJ5ajI2rn%2BuEOzBwTyNxOyS%2BEIMwenAXf7rcsjehqbHeDvmkkLWrEEKLp%2F5b6eTstvVm0WQ%2BOLtPQ5htU1oSd%2BtdmQBApgiK%2BSDEYAqobcR4mBMKdoVuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7d60b329998c5d-EWR
expires: Sat, 25 Jan 2025 01:43:03 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Dec 2024 01:43:03 GMT
content-type: application/javascript
last-modified: Thu, 23 Nov 2023 15:20:14 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 f8ff.js Show response
klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/js/ 10 KB
4 KB 475ms
473ms Script
application/javascript 2606:4700:3030::6815:3001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/js/f8ff.js

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:3001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b96d3abb77492d64a38c4d2177b290b206f5168f12c0b28a630946f550051f9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"655f6db1-2806"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AO1zVUWgYrssFRIJNQUoqBkkO7u%2B42%2BprGyEgEFQ24mxt%2FjDcMQnsOTzF5Sxt663%2Fu33j%2FmkWDUSYcQNGXg%2FyC7v%2F5iitchjxTgeNgqlArdjakyoDgMMO9ocCaaBXtBSRNmRmfFUGgnHJfi%2F0NiAk22o26Z3VEZ12W1AGw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7d60b3299c8c5d-EWR
expires: Sat, 25 Jan 2025 01:43:03 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Dec 2024 01:43:03 GMT
content-type: application/javascript
last-modified: Thu, 23 Nov 2023 15:20:17 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 f3d9.js Show response
klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/js/ 8 KB
4 KB 457ms
454ms Script
application/javascript 2606:4700:3030::6815:3001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/js/f3d9.js

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:3001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce2a8be23b8ecd34744873d9c4c9c5c03312ff3cc6c901047303d7a8239e9fa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: MISS
etag: W/"655f6db1-21fc"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yQJbDmqBS1Bg8zJRo0xLg%2BwvbzvBw8v24K0KXHpSfo2iHRPvZGap5EKijNNWghjndvjVnngFsfcD1NX4CCxrzFQnTHP92rwwNe5v1ovQMPQx0RQB37kuVfw2Hf0YhYKiyga7kPsp2c63TwRcr610dQPd02FMfftd%2F12Dug%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7d60b3299d8c5d-EWR
expires: Sat, 25 Jan 2025 01:43:03 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Dec 2024 01:43:03 GMT
content-type: application/javascript
last-modified: Thu, 23 Nov 2023 15:20:17 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 b19b.js Show response
klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/js/ 115 KB
42 KB 454ms
451ms Script
application/javascript 2606:4700:3030::6815:3001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/js/b19b.js

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:3001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df8e8fb35e05e8fb310e53f059cf7219f93333a994fc9b5414348cfb4102a9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"655f6daf-1ca0a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h73cZKCZnfQOs6YzSgZJdIXubzA7BpVEdBOClTz9fwrNZPgjteYg063wThcrvLsMXxendTpBLRTzyCRdr8mDTHSxRPsN6VdljpcnkHrPBz0XJvoawmd9cnBevhW1to%2BocZ9PzdnWp40DM5nFqfxJhoQsCYUa53F5O6wyRw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7d60b3299f8c5d-EWR
expires: Sat, 25 Jan 2025 01:43:03 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Dec 2024 01:43:03 GMT
content-type: application/javascript
last-modified: Thu, 23 Nov 2023 15:20:15 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 9983.js Show response
klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/js/ 3 KB
2 KB 460ms
458ms Script
application/javascript 2606:4700:3030::6815:3001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/js/9983.js

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:3001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f09241590bbd6cabf7743eeb67aa7d8e082147f3033b18c6d6dd779393ed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"655f6daf-df7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V%2FQr3zd%2FDZacJt5b5XFb6mreKVdT3IQhPuH1HVyFO3iBO1kEf9vDZEi6P0BIXat8IX7n2loovcgH%2FX8gtcekryZrsY4%2FBgN5QosaPP7tQea1sRJLpxwVMry1jkqe2vvLJQC27DqGZepYxslMZ3btjJCO9AYs5jt53tgtiw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7d60b329a18c5d-EWR
expires: Sat, 25 Jan 2025 01:43:03 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Dec 2024 01:43:03 GMT
content-type: application/javascript
last-modified: Thu, 23 Nov 2023 15:20:15 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 1b3c.js Show response
klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/js/ 159 KB
52 KB 472ms
470ms Script
application/javascript 2606:4700:3030::6815:3001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/js/1b3c.js

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:3001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4042379818dacdc1bc369c99e44621c8b38231e853a409483ad610b57f8370b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"655f6dac-27a5e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qoOku8myboIuXHNOa6ekL41GqjfFAdxqzi%2B%2Bh4TPnG0o1vDhv3yCINnQqVGbaYCKRk6Jj%2FwmQEeACwEkcum%2BU%2FboYEl7OiYpBfMk7P2S7nIjORB8ZD3eb89YYOAzrW23PucIBG%2FLq2XBTi%2FKhcP1gA2qFSF8auc0YqIpjA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7d60b329a08c5d-EWR
expires: Sat, 25 Jan 2025 01:43:03 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Dec 2024 01:43:03 GMT
content-type: application/javascript
last-modified: Thu, 23 Nov 2023 15:20:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 fa03.js Show response
klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/js/ 4 KB
2 KB 468ms
466ms Script
application/javascript 2606:4700:3030::6815:3001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/js/fa03.js

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:3001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b80dd8958438bc4f32a1cd084d4e404201d6a45e4e0eb89de71d2be2df22fa00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=2592000
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"655f6db2-e6b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=srYdKMHJi9u2gksbvj5YgE%2FemF19TTRLuVmlXvP5WrbBK3Ke6Ue6FSWJRrlukk9ePAktoj9opLY0NSUilOQERFhvBmtcoi7H313%2BzVRF%2Fdlj0F2bPSXUm8OmMbU75IeoHkLkGtiZT63fhle3PG9AwKu7Vb6ttjPE6SG%2Fpw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7d60b3299e8c5d-EWR
expires: Sat, 25 Jan 2025 01:43:03 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Dec 2024 01:43:03 GMT
content-type: application/javascript
last-modified: Thu, 23 Nov 2023 15:20:18 GMT
vary: Accept-Encoding
server: cloudflare

GET
DATA 200
OK truncated Show response
/ 99 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8310c25f96c9c0baef44b5f8953d3d34399f45dad1776a46574ac2cdd4e5c428

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript

GET
H2 200 css2
fonts.googleapis.com/ 35 KB
2 KB 24ms
23ms Stylesheet
text/css 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700;800&display=swap

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/css/42ff.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

61c7a5d0c2a80afafe4c818c8e8747dab5c0853bb39a19aa2ffb1879e8e5e099

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 26 Dec 2024 01:43:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Dec 2024 01:43:02 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 26 Dec 2024 00:40:23 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 matomo.js Show response
cdn.matomo.cloud/emo75.matomo.cloud/ 135 KB
41 KB 548ms
520ms Script
application/javascript 2600:9000:24f0:3400:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.matomo.cloud/emo75.matomo.cloud/matomo.js

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f0:3400:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

af8913dfc6809e356c063d03d09a032b00a97369a85447e06e85b8303bf5cb03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=691200
content-encoding: br
x-amz-version-id: MkS_3IassydVSPRNcbPyAKCM6ZP3IY8S
etag: W/"44f4848388dce20961c1ffb5debaeb75"
via: 1.1 01b6e75b22243ae76d6d282c014927c6.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 5nNKZjrlsMGXaPqTkLB4-GHczzu9kg9OL6RX0qQs-2uZ9DzebnpVVg==
date: Thu, 26 Dec 2024 01:43:04 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 11 Dec 2024 01:49:19 GMT
server: CloudFront
x-amz-cf-pop: JFK50-P3
vary: accept-encoding, Origin

GET
DATA 200
OK truncated Show response
/ 104 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 417c759c3068eab336245e9799fa2d4b2bb2fcf5c6d192514ef6c8b3ad015df2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 1012 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 210d0035c2c20d1c11dfdc40c7a5d3bf852ae44d9073ead223ad3c480df55599

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript

GET
H3 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v32/ 12 KB
12 KB 22ms
8ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2C700%2Cregular&display=swap&ver=3.9

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9462ffde1e6cc0db617644b0919fb03459672da53254f0d869ae6d40c6c178fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://klxumibc.gettingshenstate.com
Referer: https://fonts.googleapis.com/

Response headers

age: 478375
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 20 Dec 2025 12:50:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 12:50:07 GMT
last-modified: Thu, 01 Aug 2024 20:41:26 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12304
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 19ms
5ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2C700%2Cregular&display=swap&ver=3.9

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://klxumibc.gettingshenstate.com
Referer: https://fonts.googleapis.com/

Response headers

age: 47910
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 25 Dec 2025 12:24:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Dec 2024 12:24:32 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 19ms
5ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2C700%2Cregular&display=swap&ver=3.9

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://klxumibc.gettingshenstate.com
Referer: https://fonts.googleapis.com/

Response headers

age: 477276
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 20 Dec 2025 13:08:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 13:08:26 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3

200

rjzow-19e23399747.html
klxumibc.gettingshenstate.com/archive/
Redirect Chain

https://klxumibc.gettingshenstate.com/font/fl-icons.woff2?v=3.14.3
https://klxumibc.gettingshenstate.com/archive/rjzow-19e23399747.html

64 KB
19 KB

510ms
510ms

Font
text/html

2606:4700:3030::6815:3001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://klxumibc.gettingshenstate.com/archive/rjzow-19e23399747.html

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Server

2606:4700:3030::6815:3001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

359d6bfe98e7627bfe133f4ac2f7831764afeb81977b5f21a88903f590811c50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: no-cache, no-cache
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tWdRg%2B0z7MGZZN9OOLq2wpOQGCyw8JuqE%2BtzAmof6JvGZVvf37FzklNzofRPjmFnD5kq3lGV0ydBshrGN5AVC7PpNeVx%2FVJ6pLH6H%2BvRHVrziXnJaA1cBppIDgAFYrgRlKWcn5bYpVsxCHnJ6KKbXuFdabQeEqKel%2BJLnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7d60b859c28c5d-EWR
expires: Thu, 26 Dec 2024 01:43:03 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Dec 2024 01:43:04 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location: https://klxumibc.gettingshenstate.com/archive/rjzow-19e23399747.html
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kz8VHnPm8TEu%2FplmscoXH1RaB0E2S2Iy3SgSuOUpiyHT3T6TkM37Ljin2HAJXHk7HMFViIHp1WwWNsPVPcitAzGJOKRs%2F7TgFKz6zB3dSPSDMbgjzUMdoJ3lf%2B56ifMjyrB3vjHjw8GnoCU2Wa%2B%2BJmSuS0NXMKsD8iruwg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7d60b389a28c5d-EWR
expires: Thu, 26 Dec 2024 01:43:02 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Dec 2024 01:43:03 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H3 200 KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v32/ 6 KB
6 KB 21ms
8ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2C700%2Cregular&display=swap&ver=3.9

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da86283c34030c89397605c7e7e43c3e9a649287087b5afed839332c87be3761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://klxumibc.gettingshenstate.com
Referer: https://fonts.googleapis.com/

Response headers

age: 473942
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 20 Dec 2025 14:04:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 14:04:00 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5708
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v32/ 6 KB
6 KB 20ms
8ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7WxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2C700%2Cregular&display=swap&ver=3.9

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

666d5c2b0e7ef0cc2c46675b88b5867ccb5cc6ec89a52b8da94caa68a6bf8d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://klxumibc.gettingshenstate.com
Referer: https://fonts.googleapis.com/

Response headers

age: 537914
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 19 Dec 2025 20:17:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Dec 2024 20:17:48 GMT
last-modified: Thu, 01 Aug 2024 20:41:25 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5796
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v32/ 12 KB
12 KB 16ms
3ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2C700%2Cregular&display=swap&ver=3.9

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

685dd0a4dbede9c486deb28acfbd6a2337f8d796445757029b828c7221e4ced1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://klxumibc.gettingshenstate.com
Referer: https://fonts.googleapis.com/

Response headers

age: 506183
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 20 Dec 2025 05:06:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 05:06:39 GMT
last-modified: Thu, 01 Aug 2024 20:41:23 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12456
x-xss-protection: 0
server: sffe

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 40ms
18ms Fetch
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-9537K8XZ6X&gtm=45je4cc1v9123526819za200&_p=1735177382898&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=533126474.1735177383&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1735177383&sct=1&seg=0&dl=https%3A%2F%2Fklxumibc.gettingshenstate.com%2F&dt=MRCAT%20-%20Casino%20Tr%E1%BB%B1c%20Tuy%E1%BA%BFn%20T%E1%BB%91t%20Nh%E1%BA%A5t%20T%E1%BA%A1i%20Vi%E1%BB%87t%20Nam%202024&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2894
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9537K8XZ6X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://klxumibc.gettingshenstate.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Dec 2024 01:43:03 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 matomo.php
emo75.matomo.cloud/ 0
184 B 324ms
134ms Ping
text/plain 18.195.235.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://emo75.matomo.cloud/matomo.php?action_name=MRCAT%20-%20Casino%20Tr%E1%BB%B1c%20Tuy%E1%BA%BFn%20T%E1%BB%91t%20Nh%E1%BA%A5t%20T%E1%BA%A1i%20Vi%E1%BB%87t%20Nam%202024&idsite=3&rec=1&r=613794&h=15&m=43&s=3&url=https%3A%2F%2Fklxumibc.gettingshenstate.com%2F&_id=06fa68ef2a0cb4dd&_idn=1&send_image=0&_refts=0&pv_id=hFSXMz&pf_net=56&pf_srv=1648&pf_tfr=263&pf_dm1=1097&uadata=%7B%22formFactors%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200

Requested by

Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/emo75.matomo.cloud/matomo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.195.235.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-195-235-189.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Referer: https://klxumibc.gettingshenstate.com/

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: https://klxumibc.gettingshenstate.com
date: Thu, 26 Dec 2024 01:43:03 GMT
vary: X-Forwarded-Proto,User-Agent
server: Apache
access-control-allow-credentials: true

POST
H2 204 matomo.php
emo75.matomo.cloud/ 0
183 B 126ms
125ms Ping
text/plain 18.195.235.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://emo75.matomo.cloud/matomo.php?action_name=MRCAT%20-%20Casino%20Tr%E1%BB%B1c%20Tuy%E1%BA%BFn%20T%E1%BB%91t%20Nh%E1%BA%A5t%20T%E1%BA%A1i%20Vi%E1%BB%87t%20Nam%202024&idsite=3&rec=1&r=768290&h=15&m=43&s=3&url=https%3A%2F%2Fklxumibc.gettingshenstate.com%2F&_id=06fa68ef2a0cb4dd&_idn=0&send_image=0&_refts=0&pv_id=xY33JN&pf_net=56&pf_srv=1648&pf_tfr=263&pf_dm1=1097&uadata=%7B%22formFactors%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200

Requested by

Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/emo75.matomo.cloud/matomo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.195.235.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-195-235-189.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Referer: https://klxumibc.gettingshenstate.com/

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: https://klxumibc.gettingshenstate.com
date: Thu, 26 Dec 2024 01:43:04 GMT
vary: X-Forwarded-Proto,User-Agent
server: Apache
access-control-allow-credentials: true

GET
H3

200

eicbj-90f8499825.html
klxumibc.gettingshenstate.com/archive/
Redirect Chain

https://klxumibc.gettingshenstate.com/font/fl-icons.ttf?v=3.14.3
https://klxumibc.gettingshenstate.com/archive/eicbj-90f8499825.html

65 KB
19 KB

1033ms
1032ms

Font
text/html

2606:4700:3030::6815:3001
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://klxumibc.gettingshenstate.com/archive/eicbj-90f8499825.html

Requested by

Host: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/

Protocol

Server

2606:4700:3030::6815:3001 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea3c8680015c884d55466a1dd3ad27513a91268dc07062df6daf770f3e034d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://klxumibc.gettingshenstate.com/

Response headers

strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: no-cache, no-cache
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vGS5%2BPoY5ZrvSMXuzv8C5LypRtaAJP%2B8xxQkFVebD3luNV73RAS6nBZszQTE2N2v0N2HAhagXjf2PGuvoNljr59ISgbOAmuaTNziLxATbx9RrzEp%2BIiRWJHD7gybcT0i5QfkDqFIc10lkFk%2BhDdq4Hsc%2BpH6MPL62Wje5g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7d60c33a148c5d-EWR
expires: Thu, 26 Dec 2024 01:43:05 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Dec 2024 01:43:06 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location: https://klxumibc.gettingshenstate.com/archive/eicbj-90f8499825.html
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZbPML0XnryavHKH6LgZZuCU00fMMRkjayekCZaz8CwewslBhOHpgF70QqxAJWCwop7qrCdfHRhMzawSnH2acoOLV0vIjiEac1F2lW4SaXHov%2BlLaM2gnfcB2wC%2B8KmZ69O0yskx6jwKSNNWVobT2fxtU93uHvQpOhuh6yQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7d60bc19ee8c5d-EWR
expires: Thu, 26 Dec 2024 01:43:04 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Dec 2024 01:43:05 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET fl-icons.woff
klxumibc.gettingshenstate.com/font/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: klxumibc.gettingshenstate.com
URL: https://klxumibc.gettingshenstate.com/font/fl-icons.woff?v=3.14.3

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gettingshenstate.com/	1970-01-21 11:35:37	Name: _ga_9537K8XZ6X Value: GS1.1.1735177383.1.0.1735177383.0.0.0
.gettingshenstate.com/	1970-01-21 11:35:37	Name: _ga Value: GA1.1.533126474.1735177383
klxumibc.gettingshenstate.com/	1970-01-21 11:25:32	Name: _pk_id.3.56a7 Value: 06fa68ef2a0cb4dd.1735177383.
klxumibc.gettingshenstate.com/	1970-01-21 01:59:39	Name: _pk_ses.3.56a7 Value: 1

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	error	URL: https://klxumibc.gettingshenstate.com/template/vncasino/hi88.fan/js/1b3c.js Message: Listener added for a 'DOMNodeInserted' mutation event. Support for this event type has been removed, and this event will no longer be fired. See https://chromestatus.com/feature/5083947249172480 for more information.
other	warning	URL: https://klxumibc.gettingshenstate.com/ Message: Failed to decode downloaded font: https://klxumibc.gettingshenstate.com/font/fl-icons.woff2?v=3.14.3
other	warning	URL: https://klxumibc.gettingshenstate.com/ Message: OTS parsing error: invalid sfntVersion: 1014195058
other	warning	URL: https://klxumibc.gettingshenstate.com/ Message: Failed to decode downloaded font: https://klxumibc.gettingshenstate.com/font/fl-icons.woff2?v=3.14.3
other	warning	URL: https://klxumibc.gettingshenstate.com/ Message: OTS parsing error: invalid sfntVersion: 1014195058
other	warning	URL: https://klxumibc.gettingshenstate.com/ Message: Failed to decode downloaded font: https://klxumibc.gettingshenstate.com/font/fl-icons.ttf?v=3.14.3
other	warning	URL: https://klxumibc.gettingshenstate.com/ Message: OTS parsing error: invalid sfntVersion: 1014195058
other	warning	URL: https://klxumibc.gettingshenstate.com/ Message: Failed to decode downloaded font: https://klxumibc.gettingshenstate.com/font/fl-icons.ttf?v=3.14.3
other	warning	URL: https://klxumibc.gettingshenstate.com/ Message: OTS parsing error: invalid sfntVersion: 1014195058

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdn.matomo.cloud
emo75.matomo.cloud
fonts.googleapis.com
fonts.gstatic.com
klxumibc.gettingshenstate.com
www.google-analytics.com
www.googletagmanager.com
klxumibc.gettingshenstate.com
18.195.235.189
2600:9000:24f0:3400:c:7d55:b3c0:93a1
2606:4700:3030::6815:3001
2607:f8b0:4006:809::2003
2607:f8b0:4006:817::2008
2607:f8b0:4006:81f::200e
2607:f8b0:4006:824::200a
2a04:4e42:200::485
0becc11cd2eec0e9497414312e1dbbfab57dbdd6a160285c921308eb0d597113
117e2b63199e2b14e0016b4e46c8e7122a828c931d7545b65460e3483573536f
1ba89f575b25da0d1a5f5f94800441e164ede99efc1ca2f7605bab1c7eb33171
1eb0d3016c03ff33edafecf1ef1b210f9b1fd93c2baf54fb5db169a2eea897c1
210d0035c2c20d1c11dfdc40c7a5d3bf852ae44d9073ead223ad3c480df55599
21bb877a4e54e90f3e60b41fbf950d09ceaf5eae88dcfbdcdfc4f415c9669fdd
2b49323371591deef0f31ad2446fadcd0418c3c0290d135011690586e6d21c7a
3323b92cbb791a29e8c82e947f96b008371f1cf7cd431033e1744d7117c975e7
340e3468700806e13e8340ed8e5cebb0408cacc86040d8485373f9c8b6755d69
359d6bfe98e7627bfe133f4ac2f7831764afeb81977b5f21a88903f590811c50
37f0727d5de0e739f4da82162c178eb2cd68f619d3789a55be39a8588c1b8c4f
398cf14461f64b9197113ea006cbe148de2a85c51e80b513e4052b6ac94082c2
4042379818dacdc1bc369c99e44621c8b38231e853a409483ad610b57f8370b8
417c759c3068eab336245e9799fa2d4b2bb2fcf5c6d192514ef6c8b3ad015df2
4e7b3bb73807e4baa6b3741c7f87911532375748ada924909c04b4b9a721cc4a
54d7374b4bab45ea1b09d80f59f21ddcee60d673a28330ad3e9ab6f3d15877d7
56a368f010d9e6405dbb76ae8488cf8003b9cbc7b31d8ffab69ce0fc5b4a20b9
57125871ed6dab16f1238e972973f922a44e81e68c3fbe51cae3c4da16be74cc
61c7a5d0c2a80afafe4c818c8e8747dab5c0853bb39a19aa2ffb1879e8e5e099
666d5c2b0e7ef0cc2c46675b88b5867ccb5cc6ec89a52b8da94caa68a6bf8d13
685dd0a4dbede9c486deb28acfbd6a2337f8d796445757029b828c7221e4ced1
699a264cd35936132dd011da5bfac500ac2193ecb0d88e284466f35d91216f59
6bb27979b1fa940b9b8a6f15e7065e0d41df2d1dcfdaab8e7b3c49586ebfde51
704a59d920e39e608437f592af168ce66fd8abcf6b51d87747e63bc18c094d3d
70adb76480600ae4ce919717372f9a3cdddf674df2a3f3508bd48d6c3143f15a
723c0e92a5c8d2a86474f69a2e14fd27bf433ae8ab8450054c3535d917510830
78d595aa418add6675e08da22e72cfe81f9e0dbc25aecbdda946fb085f62dd28
8310c25f96c9c0baef44b5f8953d3d34399f45dad1776a46574ac2cdd4e5c428
838cd45304d1966ade88351d7ad820a511fb6eea9438431bb290e2695d80310e
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8f8a8cdae1ecbed94a44a92ed2e1255714d431987f4475585f48013f3e7e47b3
9200967457cb55b6f4a190fdea1b1ed26dc055a10f7057d555e521192e9d39d7
9462ffde1e6cc0db617644b0919fb03459672da53254f0d869ae6d40c6c178fa
966404805d4f7875cb31e1047f6a5fdc1bfd4a0ed99958cfc94a7612b2a1767d
9a927f1cc3c555a06066bacb7eeafba771cb24da2403c08dc32e06faafd93127
9b6b5afead5250fc0d834e3503ec367f48c48bc6717db3ee7cd057b0f8507dfd
9bb8930df43888d2e06f13a6991200cafbdb42bcdd3d0bb51702a171540eb37b
a0bd03b20ca696ff18a09ce99664fcb1619fb455d44df6064c786dbf1e9da76c
a52f09241590bbd6cabf7743eeb67aa7d8e082147f3033b18c6d6dd779393ed6
a81924a24d744e28ec0b88d407d23590648242809de3fbbba1761e94d7fa9319
ac6c0e1fcce59172a6240a3c1e63a09026113de514592fcff693274f25249f9f
ae3ca04287516afe4b63e6aca4ca96c891d4e968a648219985343220caadd27b
af8913dfc6809e356c063d03d09a032b00a97369a85447e06e85b8303bf5cb03
b07bd0c9ea94340597e32a72ab2b150cda266cc452c59bd0ea23ce21ca593b97
b29ccb9fba9212445df25e47a4eb30513765733f742f13893c58d070f9d6b2da
b64b23b4a62a17d314b64f2dc76260b4c5bcd10135c092eb59372d998c2ef7ae
b80dd8958438bc4f32a1cd084d4e404201d6a45e4e0eb89de71d2be2df22fa00
b96d3abb77492d64a38c4d2177b290b206f5168f12c0b28a630946f550051f9c
bfe22bc72414a2bdada9060ccf9a2e81a9f56236d39f07ab0f0ece67f58b437f
c3e3d7e0bce6022ae66381d04eb4742252d577ba15c5f9cceb49cb14c9eb90b1
c3eb2f397e3187e28a44dcc628ea09db2a7e6cf40ea372e5ff2a5952df7791ec
c6224c9a7fe8a2d6aca827df9dee645632a1a059752e4a257d9449e1ad5d532e
ce2a8be23b8ecd34744873d9c4c9c5c03312ff3cc6c901047303d7a8239e9fa7
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
da86283c34030c89397605c7e7e43c3e9a649287087b5afed839332c87be3761
db38b1f8dcf8e2e199086bbaecb2415d5a9d8e57e563167c456aeadce644909e
df8e8fb35e05e8fb310e53f059cf7219f93333a994fc9b5414348cfb4102a9d0
e190623c767eb1aad36879ea4e44d365495fd81712acb8f3af34348ffd5d85a4
e1937047444f67739c45269ac8e6e5a460afe8c39b2ca463432ec7a4f9b9f13f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea3c8680015c884d55466a1dd3ad27513a91268dc07062df6daf770f3e034d47
ecd9ca885c0196f7d8f8f55342728daf2e718493d92767d21ac2bce8b6f2aabe

klxumibc.gettingshenstate.com Open in urlscan Pro 2606:4700:3030::6815:3001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

62 Requests

95 %HTTPS

88 %IPv6

7 Domains

8 Subdomains

9 IPs

2 Countries

3766 kBTransfer

4838 kBSize

4 Cookies

3 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

klxumibc.gettingshenstate.com Open in urlscan Pro
2606:4700:3030::6815:3001 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

95 %
HTTPS

88 %
IPv6

7
Domains

8
Subdomains

9
IPs

2
Countries

3766 kB
Transfer

4838 kB
Size

4
Cookies

62 HTTP transactions
3 data transactions