www.jimshella.com Open in urlscan Pro
166.88.147.42 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://jimshella.com/
Effective URL:
http://www.jimshella.com/index.php
Submission: On December 11 via api (December 11th 2022, 1:51:02 pm UTC) from US — Scanned from US

Summary HTTP 216 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 21 domains to perform 216 HTTP transactions. The main IP is 166.88.147.42, located in United States and belongs to EGIHOSTING, US. The main domain is www.jimshella.com.

This is the only time www.jimshella.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	166.88.147.42 166.88.147.42	18779 (EGIHOSTING) (EGIHOSTING)
2	209.73.159.133 209.73.159.133	18779 (EGIHOSTING) (EGIHOSTING)
6	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
8	2606:4700:303... 2606:4700:3033::ac43:99b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	2606:4700:303... 2606:4700:3035::6815:5699	13335 (CLOUDFLAR...) (CLOUDFLARENET)
100	136.0.141.5 136.0.141.5	18779 (EGIHOSTING) (EGIHOSTING)
4	103.143.19.103 103.143.19.103	134760 (CHINANET-...) (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network)
4 4	64.32.13.142 64.32.13.142	46844 (SHARKTECH) (SHARKTECH)
4	2606:4700:303... 2606:4700:3032::6815:40cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	103.170.15.104 103.170.15.104	7483 (SKYCLOUD-...) (SKYCLOUD-NET Skycloud Computing co.)
6 6	185.239.226.87 185.239.226.87	134835 (SNL-HK St...) (SNL-HK Starry Network Limited)
6	163.181.66.233 163.181.66.233	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
5	2606:4700:303... 2606:4700:3030::6815:12ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	45.61.212.173 45.61.212.173	53587 (AZT) (AZT)
2	20.210.115.126 20.210.115.126	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	45.154.215.92 45.154.215.92	201106 (SPARTANHOST) (SPARTANHOST)
2	2606:4700:303... 2606:4700:3035::ac43:a70b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	103.170.15.74 103.170.15.74	7483 (SKYCLOUD-...) (SKYCLOUD-NET Skycloud Computing co.)
2	220.128.218.220 220.128.218.220	3462 (HINET Dat...) (HINET Data Communication Business Group)
19	2606:4700:303... 2606:4700:3030::ac43:b6cf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	47.75.19.251 47.75.19.251	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
216	19

4 166.88.147.42 (United States) 1 redirects

ASN18779 (EGIHOSTING, US)

jimshella.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.jimshella.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.73.159.133 (United States)

ASN18779 (EGIHOSTING, US)

209.73.159.133	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3033::ac43:99b4 (United States)

ASN13335 (CLOUDFLARENET, US)

klx14.zhgmjglh88k.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2606:4700:3035::6815:5699 (United States)

ASN13335 (CLOUDFLARENET, US)

lb.learning8809.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

100 136.0.141.5 (United States)

ASN18779 (EGIHOSTING, US)

www.gg123456789gg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.143.19.103 (China)

ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ia.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.32.13.142 (Chicago, United States) 4 redirects

ASN46844 (SHARKTECH, US)

kzeii.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3032::6815:40cc (United States)

ASN13335 (CLOUDFLARENET, US)

kvhfff.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.170.15.104 (Taiwan)

ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW)

585227ybn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.239.226.87 (Hong Kong) 6 redirects

ASN134835 (SNL-HK Starry Network Limited, HK)

img.1193555.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.1134555.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 163.181.66.233 (United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

p3.douyinpic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3030::6815:12ae (United States)

ASN13335 (CLOUDFLARENET, US)

sb.learning8808.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tk.learning8808.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.61.212.173 (United States)

ASN53587 (AZT, US)

vcawmm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.210.115.126 (Tokyo, Japan)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

u0082.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.154.215.92 (Seattle, United States) 2 redirects

ASN201106 (SPARTANHOST, GB)

kveii.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::ac43:a70b (United States)

ASN13335 (CLOUDFLARENET, US)

kvkppp.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.170.15.74 (Taiwan)

ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW)

bob5379.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 220.128.218.220 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 220-128-218-220.hinet-ip.hinet.net

taiwtp1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700:3030::ac43:b6cf (United States)

ASN13335 (CLOUDFLARENET, US)

tk.learning8808.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 47.75.19.251 (Central, Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

701.oss-cn-hongkong.aliyuncs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
100	gg123456789gg.com www.gg123456789gg.com	1 MB
30	learning8809.com lb.learning8809.com	25 KB
24	learning8808.com sb.learning8808.com tk.learning8808.com Failed	17 MB
8	zhgmjglh88k.com klx14.zhgmjglh88k.com	60 KB
6	douyinpic.com p3.douyinpic.com — Cisco Umbrella Rank: 26936	6 MB
6	baidu.com hm.baidu.com — Cisco Umbrella Rank: 8637	35 KB
4	1193555.com 4 redirects img.1193555.com	477 B
4	585227ybn.com 585227ybn.com — Cisco Umbrella Rank: 880460	551 KB
4	kvhfff.top kvhfff.top	5 MB
4	kzeii.com 4 redirects kzeii.com — Cisco Umbrella Rank: 487498	529 B
4	51.la js.users.51.la — Cisco Umbrella Rank: 76006 Failed ia.51.la — Cisco Umbrella Rank: 72096	6 KB
4	jimshella.com 1 redirects jimshella.com www.jimshella.com	3 KB
2	kvkppp.top kvkppp.top	58 KB
2	aliyuncs.com 701.oss-cn-hongkong.aliyuncs.com — Cisco Umbrella Rank: 582155 Failed	584 KB
2	taiwtp1.com taiwtp1.com — Cisco Umbrella Rank: 689451 Failed	148 KB
2	bob5379.com bob5379.com Failed	237 KB
2	1134555.com img.1134555.com Failed	237 B
2	kveii.com kveii.com Failed	265 B
2	u0082.com u0082.com Failed	64 KB
2	vcawmm.com vcawmm.com Failed	11 KB
0	178880.vip Failed 178880.vip Failed
216	21

	Domain	Requested by
100	www.gg123456789gg.com	klx14.zhgmjglh88k.com
30	lb.learning8809.com	klx14.zhgmjglh88k.com
22	tk.learning8808.com	lb.learning8809.com klx14.zhgmjglh88k.com
8	klx14.zhgmjglh88k.com	www.jimshella.com klx14.zhgmjglh88k.com
6	p3.douyinpic.com	klx14.zhgmjglh88k.com
6	hm.baidu.com	www.jimshella.com klx14.zhgmjglh88k.com
4	img.1193555.com	4 redirects
4	585227ybn.com	klx14.zhgmjglh88k.com lb.learning8809.com
4	kvhfff.top	klx14.zhgmjglh88k.com
4	kzeii.com	4 redirects
3	www.jimshella.com	www.jimshella.com
2	ia.51.la	klx14.zhgmjglh88k.com
2	kvkppp.top	klx14.zhgmjglh88k.com
2	701.oss-cn-hongkong.aliyuncs.com	lb.learning8809.com klx14.zhgmjglh88k.com
2	taiwtp1.com	lb.learning8809.com klx14.zhgmjglh88k.com
2	bob5379.com	lb.learning8809.com klx14.zhgmjglh88k.com
2	img.1134555.com	lb.learning8809.com
2	kveii.com	lb.learning8809.com
2	u0082.com	lb.learning8809.com klx14.zhgmjglh88k.com
2	vcawmm.com	lb.learning8809.com klx14.zhgmjglh88k.com
2	sb.learning8808.com	lb.learning8809.com
2	js.users.51.la	www.jimshella.com klx14.zhgmjglh88k.com
1	jimshella.com	1 redirects
0	178880.vip Failed	klx14.zhgmjglh88k.com
216	24

This site contains no links.

Subject Issuer	Validity	Valid
baidu.com GlobalSign RSA OV SSL CA 2018	`2022-07-05` - `2023-08-06`	a year	crt.sh
*.zhgmjglh88k.com E1	`2022-10-30` - `2023-01-28`	3 months	crt.sh
*.learning8809.com E1	`2022-10-13` - `2023-01-11`	3 months	crt.sh
www.gg123456789gg.com R3	`2022-10-22` - `2023-01-20`	3 months	crt.sh
*.users.51.la GlobalSign GCC R3 DV TLS CA 2020	`2022-03-29` - `2023-04-30`	a year	crt.sh
585227ybn.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-26` - `2023-10-26`	a year	crt.sh
*.learning8808.com E1	`2022-12-11` - `2023-03-11`	3 months	crt.sh
vcawmm.com Sectigo RSA Domain Validation Secure Server CA	`2022-07-03` - `2023-07-03`	a year	crt.sh
u0082.com Sectigo RSA Domain Validation Secure Server CA	`2022-07-03` - `2023-07-03`	a year	crt.sh
bob5379.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-08`	a year	crt.sh
taiwtp1.com R3	`2022-10-06` - `2023-01-04`	3 months	crt.sh
*.oss-cn-hongkong.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-01-20` - `2023-02-21`	a year	crt.sh
*.51.la GlobalSign GCC R3 DV TLS CA 2020	`2022-04-19` - `2023-05-21`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://www.jimshella.com/index.php
Frame ID: 8204D481221BDA1FAFF1238A90B61923
Requests: 8 HTTP requests in this frame

Frame: https://klx14.zhgmjglh88k.com/
Frame ID: 175CF22F8EB81D689D58915ED7D65FB8
Requests: 108 HTTP requests in this frame

Frame: https://klx14.zhgmjglh88k.com/
Frame ID: 354350EA2B49B699C13C600633E78D93
Requests: 100 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

鹤壁撑推装饰工程有限公司鹤壁撑推装饰工程有限公司

Page URL History Show full URLs

http://jimshella.com/ HTTP 301
http://www.jimshella.com/index.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Page Statistics

216
Requests

86 %
HTTPS

29 %
IPv6

21
Domains

24
Subdomains

19
IPs

5
Countries

30709 kB
Transfer

31085 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://jimshella.com/ HTTP 301
http://www.jimshella.com/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 144

https://kzeii.com/80425b77b9bd0cff2005378bab6643ed.gif HTTP 301
https://kvhfff.top/80425b77b9bd0cff2005378bab6643ed.gif

Request Chain 147

https://img.1193555.com/images/638df30ccaa2bdc0a4c47cf7.gif HTTP 302
https://p3.douyinpic.com/obj/tos-cn-i-dy/ad2d666c37d44b36a34ec71a68548c4a

Request Chain 148

https://kzeii.com/80425b77b9bd0cff2005378bab6643ed.gif HTTP 301
https://kvhfff.top/80425b77b9bd0cff2005378bab6643ed.gif

Request Chain 150

https://img.1193555.com/images/638df30ccaa2bdc0a4c47cf7.gif HTTP 302
https://p3.douyinpic.com/obj/tos-cn-i-dy/ad2d666c37d44b36a34ec71a68548c4a

Request Chain 152

https://kzeii.com/80425b77b9bd0cff2005378bab6643ed.gif HTTP 301
https://kvhfff.top/80425b77b9bd0cff2005378bab6643ed.gif

Request Chain 154

https://img.1193555.com/images/638df30ccaa2bdc0a4c47cf7.gif HTTP 302
https://p3.douyinpic.com/obj/tos-cn-i-dy/ad2d666c37d44b36a34ec71a68548c4a

Request Chain 168

https://kveii.com/f67b410855efed07dc1783436baaa5f7.gif HTTP 301
https://kvkppp.top/f67b410855efed07dc1783436baaa5f7.gif

Request Chain 169

https://img.1134555.com/images/639186453ec05fc4952c55e1.gif HTTP 302
https://p3.douyinpic.com/obj/tos-cn-i-dy/514577c6f48f449fa13d1ac061c06d18

Request Chain 178

https://kveii.com/f67b410855efed07dc1783436baaa5f7.gif HTTP 301
https://kvkppp.top/f67b410855efed07dc1783436baaa5f7.gif

Request Chain 179

https://img.1134555.com/images/639186453ec05fc4952c55e1.gif HTTP 302
https://p3.douyinpic.com/obj/tos-cn-i-dy/514577c6f48f449fa13d1ac061c06d18

Request Chain 204

https://kzeii.com/80425b77b9bd0cff2005378bab6643ed.gif HTTP 301
https://kvhfff.top/80425b77b9bd0cff2005378bab6643ed.gif

Request Chain 206

https://img.1193555.com/images/638df30ccaa2bdc0a4c47cf7.gif HTTP 302
https://p3.douyinpic.com/obj/tos-cn-i-dy/ad2d666c37d44b36a34ec71a68548c4a

216 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request index.php Show response
www.jimshella.com/
Redirect Chain

http://jimshella.com/
http://www.jimshella.com/index.php

2 KB
693 B

240ms
87ms

Document
text/html

166.88.147.42
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: http://www.jimshella.com/index.php
Protocol: HTTP/1.1
Server: 166.88.147.42 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: nginx /
Resource Hash: 04175fb5c6bd228ea43e01e9dd3b4cc9102ba738a4d99e8b5ca59b1c3c3dc644

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 11 Dec 2022 13:49:08 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html
Date: Sun, 11 Dec 2022 13:49:08 GMT
Location: http://www.jimshella.com/index.php
Server: nginx

GET
H/1.1 200
OK common.js Show response
www.jimshella.com/ 4 KB
2 KB 83ms
82ms Script
application/x-javascript 166.88.147.42
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: http://www.jimshella.com/common.js
Requested by: Host: www.jimshella.com
URL: http://www.jimshella.com/index.php
Protocol: HTTP/1.1
Server: 166.88.147.42 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: nginx /
Resource Hash: e8557a5dfa86a99f5bb186107289009db210a147790b8769897579706cdff2d0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.jimshella.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 13:49:09 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript

GET
H/1.1 200
OK tj.js Show response
www.jimshella.com/ 364 B
520 B 152ms
78ms Script
application/x-javascript 166.88.147.42
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: http://www.jimshella.com/tj.js
Requested by: Host: www.jimshella.com
URL: http://www.jimshella.com/index.php
Protocol: HTTP/1.1
Server: 166.88.147.42 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: nginx /
Resource Hash: 6e2c8ed251e3b6d33a4eb6dd045fe274c518eeec8d9466b44cb0921a91ea583b

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.jimshella.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 13:49:09 GMT
Server: nginx
Connection: keep-alive
Content-Length: 364
Content-Type: application/x-javascript

GET
H/1.1 200
OK lubi-common.php Show response
209.73.159.133/ 69 B
535 B 153ms
72ms XHR
text/html 209.73.159.133
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: http://209.73.159.133/lubi-common.php?val=lubi2&t=0.256234111114112?v=05786786891081739
Requested by: Host: www.jimshella.com
URL: http://www.jimshella.com/common.js
Protocol: HTTP/1.1
Server: 209.73.159.133 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: nginx /
Resource Hash: 8aa2da22dedb5ab042730ff210346e241e58ea83a23639430b24fa8db18622b9

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.jimshella.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 13:50:29 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE
Content-Type: text/html;charset=utf-8
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin

GET
H/1.1 200
OK lubi-common.php Show response
209.73.159.133/ 69 B
535 B 151ms
79ms XHR
text/html 209.73.159.133
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: http://209.73.159.133/lubi-common.php?val=lubi2&t=0.09958527086342328?v=03636510149851786
Requested by: Host: www.jimshella.com
URL: http://www.jimshella.com/common.js
Protocol: HTTP/1.1
Server: 209.73.159.133 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: nginx /
Resource Hash: 8aa2da22dedb5ab042730ff210346e241e58ea83a23639430b24fa8db18622b9

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.jimshella.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 13:50:29 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE
Content-Type: text/html;charset=utf-8
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin

GET 21406885.js
js.users.51.la/ 0
0

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 1578ms
323ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?b612079d928e97fce7171ee79868a9fe

Requested by

Host: www.jimshella.com
URL: http://www.jimshella.com/tj.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

377df2ecbae39c09c9f1b3b1c1fcc5ee24d117037c634c3e0b0f08b6ba730438

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.jimshella.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 13:50:30 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: d0da140e0a2592954e9b2de8fcd21fd5
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11259

GET
H2 200 / Show response
klx14.zhgmjglh88k.com/ Frame 175C 44 KB
7 KB 346ms
279ms Document
text/html 2606:4700:3033::ac43:99b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klx14.zhgmjglh88k.com/
Requested by: Host: www.jimshella.com
URL: http://www.jimshella.com/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:99b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5747091c57f26ff3d371214647adc55b8a442485e46ffed057069d8b601c7d67

Request headers

Referer: http://www.jimshella.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 777eb08a9a081a34-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 11 Dec 2022 13:50:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cwch9sLbdL3RMDggnEoI%2Beoe2xOhxrgoMuQtJFVvRU9EXYCl5hunJk%2FJugBX0KEzBxb7rpPuKHpWyZOb1%2BvXF%2BNImYQeIMZw%2BOcbk2D7pEcfTd7DkNQPieHukqyq0EpIScxVGkBeclwS3wBhVFC6sReZdS0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 / Show response
klx14.zhgmjglh88k.com/ Frame 3543 44 KB
6 KB 312ms
310ms Document
text/html 2606:4700:3033::ac43:99b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klx14.zhgmjglh88k.com/
Requested by: Host: www.jimshella.com
URL: http://www.jimshella.com/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:99b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5747091c57f26ff3d371214647adc55b8a442485e46ffed057069d8b601c7d67

Request headers

Referer: http://www.jimshella.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 777eb08a9a091a34-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 11 Dec 2022 13:50:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGhbij7T%2Bve9RNF6qiq14%2BY1VJtAHgJf8w950mn6E5%2F10u98CNDGCfA7Iqri9EDRorjJkMvCb4Cf%2BqTKTZWqbxA4Bb%2BUrH%2Bl7UtD6hOAjG7katxAllpHGWSAXbNSyJQp31zGAoP0SrvGDy7TaF3CwGvv5rU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 ate.css
klx14.zhgmjglh88k.com/template/m1938pc/css/ Frame 175C 74 KB
5 KB 329ms
152ms Stylesheet
text/css 2606:4700:3033::ac43:99b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klx14.zhgmjglh88k.com/template/m1938pc/css/ate.css
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:99b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 19 Dec 2021 02:38:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"61be9b34-126e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sw4Xp6ICr3jrTVl%2FxBhEvnrbfv%2BNncNvUP9xC1FDzSgMGN3kCRf%2BrO57kzrnkaXhGbcHnhL22qkS9AtL%2FuZE8ctEMRRLlf%2BxumvpSXeLHuEL1NP6qFwUsvru7uEUNMj7Gx6OCRqlDJFhiJ0Yuguvr6HoFRM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 777eb08e0efe1a34-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 12 Dec 2022 01:50:30 GMT

GET
H2 200 zui.css
klx14.zhgmjglh88k.com/template/m1938pc/css/ Frame 175C 84 KB
16 KB 334ms
158ms Stylesheet
text/css 2606:4700:3033::ac43:99b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klx14.zhgmjglh88k.com/template/m1938pc/css/zui.css
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:99b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b9fe18cd6b61db8204b6200d359f5aaaba482641a9e0e787cbe8e04c59f585a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 26 Mar 2022 14:12:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"623f1f38-14f3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vn2X4AZrbrcUVK7HxVa%2BhKaNeQtN8U95xDcDoUk7MX6EPfXVLdEgy7OI2taie%2FnBvutG8SoO72RNOqfYUHgPtcRHt5Fjy3d2RyvrPBLliiKw%2Fv6Lfx19lBVhoR7UhJ2xFzPT0ubtCqBVX0EkvoZQk49klgk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 777eb08e0f001a34-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 12 Dec 2022 01:50:30 GMT

GET
H2 200 xx1.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 175C 2 KB
1 KB 301ms
0ms Script
application/javascript 2606:4700:3035::6815:5699
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5699 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d4e320f6ad0f360a7301d8b2b0e04fd2a3d3e76403ad389c79dd2d179764688

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 09:06:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13396
etag: W/"638f05ff-752"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9S4lVnnz%2BOGU9tm51QFLW8wpbmMxQqkozcid2Na8eOrm%2Fd3ej0HdURmSFLamHi8rcU8sZzRA07yFE7TX18ICaASTygObcF89wMUCPI7VzllBvDfraBD2wlmfuQf8cfQTeJJxeR%2Bv%2B8bb3eKxbf%2BjH76"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 777eb08eae7e8cae-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 11 Dec 2022 22:07:14 GMT

GET
H2 200 dh1.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 175C 2 KB
672 B 298ms
0ms Script
application/javascript 2606:4700:3035::6815:5699
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/dh1.js
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5699 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3442accca34618dbc2de8a274eb3a9b99e53fae4ecba7f0956e0c6f1527b837b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Oct 2022 08:45:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13396
etag: W/"633d4437-972"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPy8FZFmDKoDyDGYCkgKaI6apvmpFsKaSerx50281%2Bgd4snMYP1N%2FtlJFUvzimyG9L7Vpeqe055X8z1FGQwrwY0O1MqKsC6v18IuDqxmoYMnbH5R5ad40c4yuhfcqF1HtAfEhesCu1gRJf43Hm6y5we6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 777eb08eae808cae-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 11 Dec 2022 22:07:14 GMT

GET
H2 200 dh.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 175C 6 KB
986 B 311ms
0ms Script
application/javascript 2606:4700:3035::6815:5699
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/dh.js
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5699 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce09e142aa35b61e878ec3f11231663342934b06b6615f5b3a1840868cf5828e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 02 Dec 2022 18:04:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 33696
etag: W/"638a3e35-19db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aH6L03RDO9s%2F%2B5ws1Rn7kDnhr09BRR%2FISuDmTdvPZly%2F475tBgphbigjae0DR6RPxI2kMXWPBblxldaxC6w7z3f%2FQyc9IiFNbpoumEb2KtThx%2BDB7dFGxEo62oWgwrklMbrXzIVPI%2Fo2Y0kh2xMXC94u"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 777eb08eae828cae-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 11 Dec 2022 16:28:54 GMT

GET
H2 200 xx2.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 175C 1 KB
653 B 450ms
138ms Script
application/javascript 2606:4700:3035::6815:5699
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5699 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a2faf511f109124170caa32b1d239f2b052d77c729288cc56a213d171c52b64

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 06 Dec 2022 09:06:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"638f0604-482"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VKhJfdYG3M2qaDOThMi0nUuYIw9d%2Fd76srlig2PvYqjQ06YhBrWmBkOpktej%2F6CbtkkC9uvjecsfd%2FhPIaT7DRm8Azh2s0I2kbqLulR1a9xqDd3HR9MPzCEt8Hqqq9uxnYQnYJL89R30uiZn4AaAh%2F5m"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 777eb08eae838cae-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 12 Dec 2022 01:50:30 GMT

GET
H2 200 xtb.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 175C 4 KB
1 KB 412ms
109ms Script
application/javascript 2606:4700:3035::6815:5699
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xtb.js
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5699 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdfb2de5f6f91daedd33297cec6933443c83c8fdaab3dd95a5a2000bdaf4ee86

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 08 Dec 2022 09:27:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6391adeb-f4f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=elU7p38C4iHW4J6ioSjUwMhMvJkkHcpV%2Bh6ghL5RnOxdItq4AYmSvZjTrF%2B6kGIMyLz7OA1ZD%2BxZuY5KEeURMC6V7g4aVARCV7O%2BnYrsoaMYe2CKHMggaoez7NO2i4nNWFRPKILnGyPZOFHw7r2AHOSA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 777eb08eae848cae-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 12 Dec 2022 01:50:30 GMT

GET
H2 200 250.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 175C 1 KB
691 B 287ms
0ms Script
application/javascript 2606:4700:3035::6815:5699
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/250.js
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5699 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc784915465b7915f274420a524f74751ed2eeb44b286b9773c8052016e2c267

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 02 Dec 2022 18:04:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 18902
etag: W/"638a3e35-405"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wq2y4MV7lKlbTfikhEXAeNq4Omi4WzVzYzytiTODeHcXB%2BZy1HDc6qEgA%2FDXOdA9AP1O%2BstwsrLqhJ1yKkLq1%2B3dewf8scgaW%2BgUIIXlx4H3X4nTiE1DPM9qhh4OfOH%2FszwSuu3MmiS6EZ7onpWUHFK%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 777eb08eae858cae-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 11 Dec 2022 20:35:28 GMT

GET
H2 200 48fb1b54a9bbd67d3d8970f446d03042.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 13 KB
13 KB 590ms
73ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/48fb1b54a9bbd67d3d8970f446d03042.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

45d84033ec3422ec7b090c251f810b567f497b3fa5548c4344820e5b0a67d680

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:05 GMT
server: nginx
etag: "6395950d-326e"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12910
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 cc3fdff9b93a492541caba37d298ef12.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 6 KB
6 KB 663ms
147ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/cc3fdff9b93a492541caba37d298ef12.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

8b8658e2c506db441848435c08f2c834cf70c3edb1fde80e3d3e62d9c4932402

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:05 GMT
server: nginx
etag: "6395950d-17fd"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6141
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 3b66e74cda301acbc50861fd50ff6573.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 13 KB
13 KB 678ms
161ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/3b66e74cda301acbc50861fd50ff6573.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

a9fc4f222f397cf8b9b5fd24d7be3de9ea64e1952bfc53bd46c30d81f1889c0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:05 GMT
server: nginx
etag: "6395950d-3243"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12867
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 f6bc14997c4db0b43a542017ccfd8ba1.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 14 KB
14 KB 731ms
215ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/f6bc14997c4db0b43a542017ccfd8ba1.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

852eb38ab2bc82f7ec323e9f4e2880636ecff95ba25f901d6a42360b570a82c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:05 GMT
server: nginx
etag: "6395950d-3872"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14450
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 be34c01e1114dda0586a64b003fac199.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 10 KB
10 KB 733ms
217ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/be34c01e1114dda0586a64b003fac199.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

26096de7e679e8be59dabd4290f5b0587afd5457984f41818b54a64fa1c25969

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:04 GMT
server: nginx
etag: "6395950c-2683"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9859
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 bbe06d1deb4c4b0ca8ee97c92a672ce3.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 10 KB
11 KB 736ms
221ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/bbe06d1deb4c4b0ca8ee97c92a672ce3.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

42e8d36fb30655599571c960e1315ace728f21a3da7bd50183063d2659471859

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:04 GMT
server: nginx
etag: "6395950c-2931"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10545
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 607db663aab2a1309487b46e24af6ef7.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 14 KB
14 KB 196ms
186ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/607db663aab2a1309487b46e24af6ef7.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

d0e0c99b75ac4215fc4a11276ce779711b880f4776ea9fce53f3427abe422f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:04 GMT
server: nginx
etag: "6395950c-361e"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13854
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 fe11e9b16220c15987dfd4a8af7d49bc.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 13 KB
13 KB 197ms
188ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/fe11e9b16220c15987dfd4a8af7d49bc.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

3547fd92b42ab4ed227bc18d691a65f4c6fe6f7cd4bf33c5d771698ca08df471

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:04 GMT
server: nginx
etag: "6395950c-34f4"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13556
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 e91d0a7c033f5e7b7161afb28dd33d4b.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 14 KB
14 KB 202ms
193ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/e91d0a7c033f5e7b7161afb28dd33d4b.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

c40e7c053c50bdd57d7dcede7e5049f67195f5c4e569073e718a327c54dda333

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:04 GMT
server: nginx
etag: "6395950c-3801"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14337
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 afcc39752e83bfadcd9e90ca16c4e12b.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 13 KB
13 KB 204ms
195ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/afcc39752e83bfadcd9e90ca16c4e12b.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

58b6b48cce0b67dc9d56e9caf98b63d7ce07158fe9f25c9d1a8bbc237ccb6af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:03 GMT
server: nginx
etag: "6395950b-3259"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12889
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H3 200 251.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 175C 1 KB
834 B 159ms
137ms Script
application/javascript 2606:4700:3035::6815:5699
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/251.js
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5699 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79bf2ea3fe68d6c2fb3725346611944a113f0f183b67e1db67f45639df6d63f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 02 Dec 2022 18:04:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 41648
etag: W/"638a3e35-401"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4mj19dfYIH8xKVrYYMOocx4L74bXoH4mt0C59DoUBBw8Qxz9GGLRAYJ75jGk9u6RDpvj77pWMKfKEKenss9AUHOP0uapy%2F2MZZc4MzLUhkp4eqMIMg46x00TkeZ9Rk0PbpD9g6MtpDZidvNuk8hEXUhN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 777eb08f8d708c7e-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 11 Dec 2022 14:16:22 GMT

GET
H2 200 31c35dc8679c9c07252bd842248d2851.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 18 KB
18 KB 205ms
197ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/31c35dc8679c9c07252bd842248d2851.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

dd35300aa551a9b7ac4c3a748dc75b6c26c725a16aed34414adfeee9d8703348

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:10 GMT
server: nginx
etag: "63959512-466f"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18031
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 6d07e75aed729df12df08a874a4f197f.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 18 KB
18 KB 206ms
198ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/6d07e75aed729df12df08a874a4f197f.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

c4f43b7341f0bcca2a7e009e93c970140b9e3bd8585856e8a82627a0ec8cd423

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:09 GMT
server: nginx
etag: "63959511-46d5"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18133
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 bc8d2e337f7db0b176fcb01dd0b7b115.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 8 KB
8 KB 207ms
199ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/bc8d2e337f7db0b176fcb01dd0b7b115.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

3732b63e0c4536a7319342e8b4f88c06e8eab5d08dbb995d0b9a1f65dbfd487b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:09 GMT
server: nginx
etag: "63959511-1f7e"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8062
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 23ebc0402356b98f279b351b2d9d343d.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 7 KB
7 KB 208ms
199ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/23ebc0402356b98f279b351b2d9d343d.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

cf449169a76ce2d0701a05c05e2b4eeedd2260191a0e4afda511978bd9fdac99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:09 GMT
server: nginx
etag: "63959511-1bdb"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7131
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 f2c051815100ec60d5179b71b13297e4.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 9 KB
9 KB 209ms
200ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/f2c051815100ec60d5179b71b13297e4.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

41dcfcb7e81e8f7217408cc728f389f5e6356d47c4455cff68e774597c008cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:09 GMT
server: nginx
etag: "63959511-2225"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8741
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 460ba84da0330f1b5300bd9dac1fe38a.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 9 KB
9 KB 209ms
201ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/460ba84da0330f1b5300bd9dac1fe38a.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

3648fcc8b72fd9e290c9eb7337bff687ead4e2e1ca682e4dfc54d06d7211233b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:09 GMT
server: nginx
etag: "63959511-22f6"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8950
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 27e60f4240e3bbf92a568cf1b39f87da.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 9 KB
9 KB 210ms
201ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/27e60f4240e3bbf92a568cf1b39f87da.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

2fde54ef46ec943a5192856e8172ee97e622e174664fc35e73c303a92b35fe7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:08 GMT
server: nginx
etag: "63959510-22d5"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8917
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 70e596aec7dba0fde0498c1896a58cb5.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 9 KB
9 KB 210ms
202ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/70e596aec7dba0fde0498c1896a58cb5.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

14ebb4f3440e36c34181e159003eb7856c751989b354429b6bee7f2e4e4f7689

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:08 GMT
server: nginx
etag: "63959510-24c4"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9412
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 489fee5ed8b04dd3f9f48de8e682eea2.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 9 KB
10 KB 211ms
202ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/489fee5ed8b04dd3f9f48de8e682eea2.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

63b0dd5e9390517f2d764dfe1f40ad60da877770263870c844f6b80cbbbc8186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:08 GMT
server: nginx
etag: "63959510-254d"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9549
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 b986f379d36b380733e2d38e5288d6c4.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 12 KB
12 KB 211ms
203ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/b986f379d36b380733e2d38e5288d6c4.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

61ce547f1cde11ac967bdf53baa7dfd0cad762b399f2d8a39ca72496aa4b4d1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:08 GMT
server: nginx
etag: "63959510-2e14"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11796
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H3 200 252.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 175C 973 B
822 B 131ms
110ms Script
application/javascript 2606:4700:3035::6815:5699
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/252.js
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5699 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1308118139c5a6ee361785472b2be0a1136d79f71ccab16b7f463f65cf2aa769

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 18 Nov 2022 03:28:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 41648
etag: W/"6376fbe6-3cd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUijP7c%2B2DwznzW3iqlPvVAitzqZQ%2B29820Mpf7UgZHx91HU0aHdEuU1qK9NqZD8MEDWFVA%2FsNJTbTzMxC6L3wPtU44U7sic%2FFoflh3OqxxJ5uZnWag6DO5JlzUF1mLG7a4lyqmmINVI2mBaodUsePwb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 777eb08f8d728c7e-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 11 Dec 2022 14:16:22 GMT

GET
H2 200 a8c113d2f30363a03dce2e47f3da0ba7.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 11 KB
11 KB 212ms
204ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/a8c113d2f30363a03dce2e47f3da0ba7.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

4b8dce9166eb1173bcdc21832036e5aeb48d3ef007ea24f182adc2511c4855c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 02:30:07 GMT
server: nginx
etag: "639540af-2abb"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10939
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 4b403250bc19a4a27ab52606033fcf3e.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 12 KB
13 KB 213ms
204ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/4b403250bc19a4a27ab52606033fcf3e.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

99b519340a4ecf9d55fd3059ebec1066bfddec57e72f7d121a24e4ab7bd468c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 02:30:07 GMT
server: nginx
etag: "639540af-31b8"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12728
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 946ddcec1fb989d47c7649df11754884.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 11 KB
11 KB 213ms
205ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/946ddcec1fb989d47c7649df11754884.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

1e1f6e83aa7f6f4cfbf4eeda0310f5e633136dafbaac5bea17b9dcbc70a9c272

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 02:30:06 GMT
server: nginx
etag: "639540ae-2c52"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11346
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 7b7e926c09be3a1898695951dc04b2b4.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 11 KB
11 KB 214ms
205ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/7b7e926c09be3a1898695951dc04b2b4.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

1e7a84758ba9f9d265ed5f408fa2d978ecbc754ac09613e96addf13da3b91e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 02:30:06 GMT
server: nginx
etag: "639540ae-2c14"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11284
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 225cb549e815a31488e88d821dc3de6f.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 11 KB
11 KB 214ms
206ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/225cb549e815a31488e88d821dc3de6f.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

5604d1f1cb49908df6895860cd972e3125c00fd42a023e7ddbda050726f6c592

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 02:30:06 GMT
server: nginx
etag: "639540ae-2c68"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11368
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 097c9756d666b0abd9dbaf75f63799ab.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 11 KB
12 KB 215ms
206ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/097c9756d666b0abd9dbaf75f63799ab.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

c75432ef6553397d43707b9a1de5acc84ad70871ae1af2bc6309f7aa8d315dc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 02:30:06 GMT
server: nginx
etag: "639540ae-2df7"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11767
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 9bbbc1e8fdc7c3390808ba6f668b62f6.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 11 KB
12 KB 395ms
387ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/9bbbc1e8fdc7c3390808ba6f668b62f6.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

b260b43c9735e20c48498649e4a0c3c353d55d39b3c1648d990c14774afb4586

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 02:30:05 GMT
server: nginx
etag: "639540ad-2d71"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11633
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 fddc9aa6930678bd8ad6de6e6fc4cdc3.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 11 KB
11 KB 395ms
387ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/fddc9aa6930678bd8ad6de6e6fc4cdc3.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

99b5c580c671e71cd95df9b9eccb22782706b2ce5ac255fc1566cdc18798faa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 02:30:05 GMT
server: nginx
etag: "639540ad-2a6d"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10861
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 20b62693a5904daed3b0dea2ebcd95f7.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 14 KB
15 KB 396ms
387ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/20b62693a5904daed3b0dea2ebcd95f7.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

b1b4e88052704527f126e5c5a2624bbeaec69a3761c83aa420365c64ab48c3e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 02:30:05 GMT
server: nginx
etag: "639540ad-39ba"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14778
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 844ff719e098a72dceb46fe5b8327879.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 10 KB
10 KB 396ms
388ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/844ff719e098a72dceb46fe5b8327879.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

e26bde04b5854abcfdc4d274cea7025074837cdb82bcc87dd0e77c0c8a5e67c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 02:30:05 GMT
server: nginx
etag: "639540ad-28f4"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10484
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H3 200 253.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 175C 1 KB
833 B 155ms
134ms Script
application/javascript 2606:4700:3035::6815:5699
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/253.js
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5699 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b5c904ef5811220bcf42cfea7e394ab5b2e7c78b978774efccc7deb2ba5febc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Nov 2022 07:02:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 41648
etag: W/"6379d10c-421"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCMZq2tzWvqLtllAg7DAgKhjczBHVcsUIfToEQl7e8xayBDCcWbmyoaUFTRqmJpBbexLW44pdvNpHbt8nZJm6VyHhrLEPTD1IOEJki3LLHTmh1CilwtWOZFyJaLcwlvtSOkHmic0BZ0fbPnZO4%2BKM6FV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 777eb08f8d6d8c7e-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 11 Dec 2022 14:16:22 GMT

GET
H2 200 89d08a400a06f6e2e41ed9dc0cfd52d3.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 8 KB
9 KB 397ms
388ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/89d08a400a06f6e2e41ed9dc0cfd52d3.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

15e1e408f6fa3fc51fca18bfaf49430e9d400eaa0597d6ac749c206521280e85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:11 GMT
server: nginx
etag: "63959513-21d3"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8659
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 0c951046873fbf6c2a6c88ff8335d8d7.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 11 KB
11 KB 397ms
389ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/0c951046873fbf6c2a6c88ff8335d8d7.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

745f629ed4edc73378f4c7eb2d8cc205b32206d545e7e3568c873f7de9dba9dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:11 GMT
server: nginx
etag: "63959513-2a33"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10803
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 4501b7c35e70d749b2cbb3e17e0a9367.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 9 KB
9 KB 397ms
389ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/4501b7c35e70d749b2cbb3e17e0a9367.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

11487e254e251d6e076f182cdfd459547425db242256a61e855c509330cab352

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:11 GMT
server: nginx
etag: "63959513-2225"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8741
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 73020ef6c40f41563a164c3af8e743a9.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 15 KB
15 KB 398ms
389ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/73020ef6c40f41563a164c3af8e743a9.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

a80288b7878b7dc270ca0126330939ee7429ff75ec9d6cf82f5e6e52d2ea9694

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:11 GMT
server: nginx
etag: "63959513-3a28"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14888
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 c3078c9c0cd763d34d7dc02252d4efb4.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 19 KB
19 KB 398ms
390ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/c3078c9c0cd763d34d7dc02252d4efb4.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

d50dd127af29572aa9720129f686699380d9c9f5fbec76825e9883efc83489f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:10 GMT
server: nginx
etag: "63959512-4a38"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 19000
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 9b50852965c4692e88e83319b0774813.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 17 KB
17 KB 399ms
390ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/9b50852965c4692e88e83319b0774813.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

3a96a779e3988f36dd9027cbd20f7ee482cd8452f4d4314d7df5a3dde3a9229c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:10 GMT
server: nginx
etag: "63959512-42e6"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 17126
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 1d06641be22559d1582b2af480098487.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 175C 13 KB
13 KB 399ms
391ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/1d06641be22559d1582b2af480098487.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

fd0da0caa449d5f09b77a48f8eacc692fd62e0c5311c84975e592ee84cc7d102

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:10 GMT
server: nginx
etag: "63959512-33bc"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13244
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 6e55b5aa846b3145bd03648878fabf40.jpg
www.gg123456789gg.com//upload/vod/20221210-1/ Frame 175C 10 KB
11 KB 399ms
391ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221210-1/6e55b5aa846b3145bd03648878fabf40.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

943c39ed555b9aaf89c96d595b852458ae13cda8fa6a2b345f83202918f69205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 10 Dec 2022 07:30:14 GMT
server: nginx
etag: "63943586-2949"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10569
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 226f8023907f00d65a09915892492fb4.jpg
www.gg123456789gg.com//upload/vod/20221210-1/ Frame 175C 10 KB
10 KB 400ms
392ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221210-1/226f8023907f00d65a09915892492fb4.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

1b80fa0672efee3f0b38d6dc3059463a44da056f4ea8c771155de75d12476fca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 10 Dec 2022 07:30:14 GMT
server: nginx
etag: "63943586-26f4"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9972
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 cc6be26cc7ffd2ad7007fb79387ee493.jpg
www.gg123456789gg.com//upload/vod/20221210-1/ Frame 175C 9 KB
10 KB 401ms
393ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221210-1/cc6be26cc7ffd2ad7007fb79387ee493.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

f13a6a82767d52a14dc1249f7bc42458b90de17faad1250bb84de08854d821ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 10 Dec 2022 07:30:14 GMT
server: nginx
etag: "63943586-253c"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9532
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H3 200 254.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 175C 974 B
827 B 75ms
56ms Script
application/javascript 2606:4700:3035::6815:5699
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/254.js
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5699 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79b70dd58b4295aeda1d68082ad1e0badb5c8d187f591fe139f80a7682540d9a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 03 Dec 2022 16:17:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 27472
etag: W/"638b7691-3ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cMnIDA%2FazveVqp3US0YzPNrFsnTVUrS8v1uJ%2Fpzw3mGnfShX6Ig9gUq%2FeW7zRsdEkIT1zEGRQ3QUKT%2Bk4wivktdeuYMVnwsyvGIZ5pklSEk60bTD0umKnzoNIfEbnf98xXNDIF5INeK6Jf7e83r9heVD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 777eb08f8d598c7e-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 11 Dec 2022 18:12:38 GMT

GET
H2 200 e56ad8f73213ecf90a37e976ee04fdb6.jpg
www.gg123456789gg.com//upload/vod/20221202-1/ Frame 175C 12 KB
12 KB 401ms
393ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221202-1/e56ad8f73213ecf90a37e976ee04fdb6.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

1e836f129ab861fb7e1688c45374b1336d11af9ff3f3121e41f78d7a24c3f398

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 02 Dec 2022 01:30:02 GMT
server: nginx
etag: "6389551a-2f1f"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12063
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 51c4873e0809d56be0fce8d3f67c389a.jpg
www.gg123456789gg.com//upload/vod/20220531-1/ Frame 175C 12 KB
13 KB 402ms
394ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220531-1/51c4873e0809d56be0fce8d3f67c389a.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

385ace7701f1372da6741105a4657a1c7987ce3a5a699f472dc86b5dcc0dcd03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 30 May 2022 22:30:19 GMT
server: nginx
etag: "6295457b-3154"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12628
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 d7aae5cd95abf917a164034caf87219d.jpg
www.gg123456789gg.com//upload/vod/20220531-1/ Frame 175C 14 KB
14 KB 402ms
394ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220531-1/d7aae5cd95abf917a164034caf87219d.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

b016d08b5926768cbb1dd91adc16a0f0302bd1d3b1fcbfbe4dd30f66cfe0a9eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 30 May 2022 22:30:19 GMT
server: nginx
etag: "6295457b-3741"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14145
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 bbedf0d044382a6f05172a4e45bc5752.jpg
www.gg123456789gg.com//upload/vod/20220531-1/ Frame 175C 15 KB
15 KB 422ms
414ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220531-1/bbedf0d044382a6f05172a4e45bc5752.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

4638e1b3d37bcc0f7541ffd91879dc9f6bd069cdd76675562b6038a020925af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 30 May 2022 22:30:20 GMT
server: nginx
etag: "6295457c-3bfd"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15357
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 25b53882b68945b6ea9430cd4295982c.jpg
www.gg123456789gg.com//upload/vod/20220516-1/ Frame 175C 32 KB
32 KB 423ms
415ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220516-1/25b53882b68945b6ea9430cd4295982c.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

a9189a3a524e8d0369e25ee5fe11e37f9730f4bf1860f33d082959ebece8a9aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 16 May 2022 04:30:15 GMT
server: nginx
etag: "6281d357-800a"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 32778
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 775ea27fcc79d57b47c0daa2231eeddf.jpg
www.gg123456789gg.com//upload/vod/20220516-1/ Frame 175C 33 KB
33 KB 423ms
415ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220516-1/775ea27fcc79d57b47c0daa2231eeddf.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

e7388077486f760cc4b1ac6a8d84e7ba716cc74ffccd8b58bdce081a11994348

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 16 May 2022 04:30:15 GMT
server: nginx
etag: "6281d357-8362"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 33634
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 2c88d74092f9c5084b88232d74335828.jpg
www.gg123456789gg.com//upload/vod/20220516-1/ Frame 175C 23 KB
23 KB 424ms
416ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220516-1/2c88d74092f9c5084b88232d74335828.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

95add14ccb4e022cf7194a6b5da42ab3e38bf171796f45a6d68733c6465dece9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 16 May 2022 04:30:15 GMT
server: nginx
etag: "6281d357-5ba6"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 23462
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 3e6a21934a0acf4dc40c6faaa80e31e4.jpg
www.gg123456789gg.com//upload/vod/20220515-1/ Frame 175C 12 KB
12 KB 424ms
416ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220515-1/3e6a21934a0acf4dc40c6faaa80e31e4.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

d653222e02b0dfb70d11368109bcb69e8d2a1ec0c0d7831d947375b772df96c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 15 May 2022 04:30:18 GMT
server: nginx
etag: "628081da-3041"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12353
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 b4849c7ed812f3e4b1e6d9ca08467f8c.jpg
www.gg123456789gg.com//upload/vod/20220515-1/ Frame 175C 18 KB
18 KB 424ms
417ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220515-1/b4849c7ed812f3e4b1e6d9ca08467f8c.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

35742e874e60b23deec883cd5179e7c350f334fde1f07e5f9f2c1a1a7f2f18f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 15 May 2022 04:30:18 GMT
server: nginx
etag: "628081da-46c7"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18119
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 10d13a7170bdc910487afba5201cbbb3.jpg
www.gg123456789gg.com//upload/vod/20220515-1/ Frame 175C 75 KB
75 KB 425ms
417ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220515-1/10d13a7170bdc910487afba5201cbbb3.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

c10afccbf2eb99bc0f8f0b121ceaa6393f99ee707ec81d7b00d7ff7cb499c0c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 15 May 2022 04:30:19 GMT
server: nginx
etag: "628081db-12a73"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76403
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H3 200 wz.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 175C 428 B
758 B 127ms
109ms Script
application/javascript 2606:4700:3035::6815:5699
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/wz.js
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5699 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 474d7a6baca6a2ad09282edaa3c8dbbb74cda5d46062abdfc4c4c6d35d7c34ba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 02 Dec 2022 18:04:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 41648
etag: W/"638a3e35-1ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9N6OzRDP8OzyjesiJeuvorJ8JV0UB15misua%2FukNituiCCQEa4wSVCtR%2BLB6kOCdLZ%2FBrI9Nqb2utcMgxTYD%2FXrYDwxugJEs05djvqAZ18hBocFy8%2B0MhJvgpc5FbRZEXCb%2FzjC46%2BgnrYTMtxrM9vIn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 777eb08f8d568c7e-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 11 Dec 2022 14:16:22 GMT

GET
H3 200 wz1.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 175C 445 B
801 B 73ms
55ms Script
application/javascript 2606:4700:3035::6815:5699
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/wz1.js
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5699 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bee2126898d8046588a39436dcef69d981f7b29686326fd0edd0603604fd693e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 02 Dec 2022 18:04:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 41648
etag: W/"638a3e35-1bd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NttkS07CpI7LI68%2FlLDHhSQtpfHxj71cp2pCeY4D5hSviQymeUUtqABeiej6UPRiJe%2Fud5dWIzHSqQxCCK6odaadKwmfnBOTg8ptMC29Nh84a8FfDa3M0B10Iq8ciJnXPhJpuE3HNUf62kfzuM0aLMnC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 777eb08f8d558c7e-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 11 Dec 2022 14:16:22 GMT

GET
H3 200 zylm.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 175C 951 B
825 B 85ms
66ms Script
application/javascript 2606:4700:3035::6815:5699
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/zylm.js
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5699 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5565f81db170d81799ef3af49c3de085a90ea310c3854387330f78dc25585f81

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Jun 2022 05:41:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 41648
etag: W/"62a9711e-3b7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P4OIXBx3PMOEJcnKTf3FwnBUJGAXNpuwvBezjrJ0Nz9yhWZ739IkjsVnDjQ3VT77mrw88eL0CAM82Sg57rxoUqyVWJfJ9e1lCTvR6vIYxZsjODX8A0saRgRPRuvxMhihMSo2N37L8i31vV%2BCTGItgR6I"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 777eb08f8d5e8c7e-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 11 Dec 2022 14:16:22 GMT

GET
H3 200 xx3.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 175C 1 KB
845 B 94ms
76ms Script
application/javascript 2606:4700:3035::6815:5699
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5699 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a2faf511f109124170caa32b1d239f2b052d77c729288cc56a213d171c52b64

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 09:06:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 27472
etag: W/"638f0607-482"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XqFl255bTYUqDPEzKdg1NCpjrzKX%2B5rZdXcCAAIyafvyTnJCpPIZhU2A3ni2sBHHRxEmLM2rFMF%2FXF0GcuNCIySY2fLiKCyPF39DuW4qUQTKxZs2GHLpgcmk0LQTwywjhu4cb3T8JVPmOHGUDrk3Colf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 777eb08f8d588c7e-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 11 Dec 2022 18:12:38 GMT

GET
H3 200 foot.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 175C 1 KB
1010 B 159ms
140ms Script
application/javascript 2606:4700:3035::6815:5699
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/foot.js
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5699 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02ffc05b43e07d8552bbfda7a37a41f98c09756bf98a1a179df2192ef0b2a71b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Mar 2022 07:12:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 41648
etag: W/"623976e8-445"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l813xaUhmbJftX%2BW2p1rgfqEuSyM99EHWBsQbljwC6Y105cVDZ9QYxAQ2Fiuk9sestbQnfmqGO48x%2BvMfDVNI3%2BSiKqywi%2BDDBIt1LbSwh9UBYpgO%2BiisGQPAdr3wRbtWtYD65%2FKMTuhbEJ2oxg86NET"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 777eb08f8d5b8c7e-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 11 Dec 2022 14:16:22 GMT

GET
H/1.1 200
OK 21278765.js Show response
js.users.51.la/ Frame 175C 5 KB
3 KB 1007ms
305ms Script
application/javascript 103.143.19.103
CHINANET-HEBEI-SH...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/21278765.js
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 103.143.19.103 , China, ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: 6223ea653b3ccdc2d5f9567a16a7225332905919ea00edde3fecc09aa0ba5461

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 13:50:30 GMT
Content-Encoding: gzip
Server: CloudWAF
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=360000
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 ate.css
klx14.zhgmjglh88k.com/template/m1938pc/css/ Frame 3543 74 KB
5 KB 300ms
144ms Stylesheet
text/css 2606:4700:3033::ac43:99b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klx14.zhgmjglh88k.com/template/m1938pc/css/ate.css
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:99b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 19 Dec 2021 02:38:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"61be9b34-126e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j60W37rYgiq3Kd09r3nUclzqsMvduOrpN7aTlyLp60Ol9qAYl%2B775kVy1m%2FRyj0L3PhGfImXdM9j1O86571JtKYNBaloKLm8%2BzQlqtdXFGo7kX48IirSU0paqQiTdDYJNA4%2BuOxA0DP796pJ%2FzeVEa9dwmw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 777eb08e0f011a34-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 12 Dec 2022 01:50:30 GMT

GET
H2 200 zui.css
klx14.zhgmjglh88k.com/template/m1938pc/css/ Frame 3543 84 KB
16 KB 316ms
161ms Stylesheet
text/css 2606:4700:3033::ac43:99b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klx14.zhgmjglh88k.com/template/m1938pc/css/zui.css
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:99b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b9fe18cd6b61db8204b6200d359f5aaaba482641a9e0e787cbe8e04c59f585a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 26 Mar 2022 14:12:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"623f1f38-14f3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QsC2UcObMYX7qMvDss%2F7%2BHwHUOvawcY6cuZ4in0qSfRLHya3WpRCo8YixlNkzpUZo02pKwKl7TAIqkRMnvnzTmzyImJGn5yT%2BMu3ra5bjo5TyeGttw4vRJjlg96AUCHB6zU25bZpoUDxM8VejxeU6I8Drbc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 777eb08e0f021a34-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 12 Dec 2022 01:50:30 GMT

GET
H2 200 xx1.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 3543 2 KB
949 B 349ms
0ms Script
application/javascript 2606:4700:3035::6815:5699
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5699 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d4e320f6ad0f360a7301d8b2b0e04fd2a3d3e76403ad389c79dd2d179764688

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 09:06:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13396
etag: W/"638f05ff-752"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BcN6lvzv04uYYOc38%2BVflg6%2Bk7MQwcK1fXIs00I8vhmv2hhoI26xJPbT9EAtq%2BOeDQ0qTLRo4uN5lvmLK%2BZ%2BbJYcgGupWrk2ndXRnXwO4OfRVyqg%2B9w%2FoPm%2BVhMG1PIDeFLuFfIF722%2B5YK86tUCRjr6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 777eb08f0f108cae-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 11 Dec 2022 22:07:14 GMT

GET
H2 200 dh1.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 3543 2 KB
643 B 342ms
2ms Script
application/javascript 2606:4700:3035::6815:5699
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/dh1.js
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5699 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3442accca34618dbc2de8a274eb3a9b99e53fae4ecba7f0956e0c6f1527b837b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Oct 2022 08:45:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13396
etag: W/"633d4437-972"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2Bkgm7WwglNF%2Bz1%2BXtRqR12Lhw24OBEMZqe61%2FuYb2VQNHZP4sFfN4edLzR8AK0lTNZdFysQ4bqOtRvOJB804MS7aFV8oyWlqblOiYlTr90iQ8Aneb6JjaQ7EDD%2FSYmUEyCAQUWtuFcKVmDdyEarNy%2FF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 777eb08f0f118cae-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 11 Dec 2022 22:07:14 GMT

GET
H2 200 dh.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 3543 6 KB
940 B 336ms
0ms Script
application/javascript 2606:4700:3035::6815:5699
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/dh.js
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5699 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce09e142aa35b61e878ec3f11231663342934b06b6615f5b3a1840868cf5828e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 02 Dec 2022 18:04:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 33696
etag: W/"638a3e35-19db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eT4TZINe%2BZIfjYOaR0KFGXxtQlOh8EJUjK4fk0RqUDG2GjuXyRQhIOLb1atwttnEPLB%2FgcmYzw6W8RPg%2Fit7omjtt6NowEd6dl58tpyXxDVG%2B0X3yIAh%2BC09UNnrvcCdReFd1EuiHC8lgl97Ms0PEhqF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 777eb08f0f128cae-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 11 Dec 2022 16:28:54 GMT

GET
H2 200 xx2.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 3543 1 KB
623 B 440ms
94ms Script
application/javascript 2606:4700:3035::6815:5699
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5699 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a2faf511f109124170caa32b1d239f2b052d77c729288cc56a213d171c52b64

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 06 Dec 2022 09:06:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"638f0604-482"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hp%2BP%2Bbr1QWLoXq%2Fiv4Snr9XPhgGOFmxwnN5P%2BN12SVSKvr2z31GXwQ6lRFJwchG%2FI3SVPyhmKRDu01Vo%2BjC66X6ardSEL3%2BhLPQV0gj8RDi9cqd8fdSMseiebUsT5PXZXwUEJ8AinYYdGzRi9dmMqv39"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 777eb08f0f138cae-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 12 Dec 2022 01:50:30 GMT

GET
H2 200 xtb.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 3543 4 KB
1 KB 458ms
113ms Script
application/javascript 2606:4700:3035::6815:5699
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xtb.js
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5699 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdfb2de5f6f91daedd33297cec6933443c83c8fdaab3dd95a5a2000bdaf4ee86

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 08 Dec 2022 09:27:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6391adeb-f4f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GE%2BwAqu1j6FT3e9YaZ4ZTcBvC%2BZ%2BxCvbQI6Bw6OO9Fhum%2BBevGb9TIKTveeXDu79SYtqbq%2Bp6H39NCwjljVW7wiP1gn63Ice5fnqknkfHRt6JluaEZIyQdEXWq5bNu4QLnIKqamJM7cYxnTxplqFABHD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 777eb08f0f148cae-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 12 Dec 2022 01:50:30 GMT

GET
H2 200 250.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 3543 1 KB
624 B 335ms
0ms Script
application/javascript 2606:4700:3035::6815:5699
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/250.js
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5699 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc784915465b7915f274420a524f74751ed2eeb44b286b9773c8052016e2c267

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 02 Dec 2022 18:04:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 18902
etag: W/"638a3e35-405"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zz3wNthLlSKTx0w5Ct456UHoPCAcV50ghP8tuJc2OapCglvhJkod2LGDV1R%2Fjh3pFAGISIuCjcqgdAtwW4NUUVj%2BGyvR%2BXaE2djcmNJivxboo%2F4IGZTAmD3Pd2wflkiFXnnTA4lW8olxR%2Bp%2BvOQIYlTv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 777eb08f0f158cae-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 11 Dec 2022 20:35:28 GMT

GET
H2 200 48fb1b54a9bbd67d3d8970f446d03042.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 13 KB
13 KB 727ms
222ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/48fb1b54a9bbd67d3d8970f446d03042.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

45d84033ec3422ec7b090c251f810b567f497b3fa5548c4344820e5b0a67d680

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:05 GMT
server: nginx
etag: "6395950d-326e"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12910
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 cc3fdff9b93a492541caba37d298ef12.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 6 KB
6 KB 728ms
224ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/cc3fdff9b93a492541caba37d298ef12.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

8b8658e2c506db441848435c08f2c834cf70c3edb1fde80e3d3e62d9c4932402

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:05 GMT
server: nginx
etag: "6395950d-17fd"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6141
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 3b66e74cda301acbc50861fd50ff6573.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 13 KB
13 KB 730ms
225ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/3b66e74cda301acbc50861fd50ff6573.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

a9fc4f222f397cf8b9b5fd24d7be3de9ea64e1952bfc53bd46c30d81f1889c0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:05 GMT
server: nginx
etag: "6395950d-3243"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12867
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 f6bc14997c4db0b43a542017ccfd8ba1.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 14 KB
14 KB 734ms
230ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/f6bc14997c4db0b43a542017ccfd8ba1.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

852eb38ab2bc82f7ec323e9f4e2880636ecff95ba25f901d6a42360b570a82c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:05 GMT
server: nginx
etag: "6395950d-3872"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14450
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 be34c01e1114dda0586a64b003fac199.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 10 KB
10 KB 740ms
236ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/be34c01e1114dda0586a64b003fac199.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

26096de7e679e8be59dabd4290f5b0587afd5457984f41818b54a64fa1c25969

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:04 GMT
server: nginx
etag: "6395950c-2683"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9859
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 bbe06d1deb4c4b0ca8ee97c92a672ce3.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 10 KB
11 KB 740ms
237ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/bbe06d1deb4c4b0ca8ee97c92a672ce3.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

42e8d36fb30655599571c960e1315ace728f21a3da7bd50183063d2659471859

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:04 GMT
server: nginx
etag: "6395950c-2931"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10545
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 607db663aab2a1309487b46e24af6ef7.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 14 KB
14 KB 509ms
396ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/607db663aab2a1309487b46e24af6ef7.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

d0e0c99b75ac4215fc4a11276ce779711b880f4776ea9fce53f3427abe422f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:04 GMT
server: nginx
etag: "6395950c-361e"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13854
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 fe11e9b16220c15987dfd4a8af7d49bc.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 13 KB
13 KB 521ms
408ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/fe11e9b16220c15987dfd4a8af7d49bc.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

3547fd92b42ab4ed227bc18d691a65f4c6fe6f7cd4bf33c5d771698ca08df471

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:04 GMT
server: nginx
etag: "6395950c-34f4"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13556
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 e91d0a7c033f5e7b7161afb28dd33d4b.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 14 KB
14 KB 522ms
409ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/e91d0a7c033f5e7b7161afb28dd33d4b.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

c40e7c053c50bdd57d7dcede7e5049f67195f5c4e569073e718a327c54dda333

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:04 GMT
server: nginx
etag: "6395950c-3801"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14337
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 afcc39752e83bfadcd9e90ca16c4e12b.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 13 KB
13 KB 525ms
412ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/afcc39752e83bfadcd9e90ca16c4e12b.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

58b6b48cce0b67dc9d56e9caf98b63d7ce07158fe9f25c9d1a8bbc237ccb6af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:03 GMT
server: nginx
etag: "6395950b-3259"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12889
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H3 200 251.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 3543 1 KB
844 B 144ms
127ms Script
application/javascript 2606:4700:3035::6815:5699
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/251.js
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5699 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79bf2ea3fe68d6c2fb3725346611944a113f0f183b67e1db67f45639df6d63f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 02 Dec 2022 18:04:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 41648
etag: W/"638a3e35-401"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=56zbsK6RqZCtk33BEXVxLuQTnsGgCQ8w1is4tD11FRD8LrWw1RksfBy%2Bv48%2BImX3HSXvAgD0tkHCsDChgOmtm3JsmMmwcmbgG%2B%2FJy%2Bh6MqWiKwJD1OHNCrRKGKY5VCADNK%2FLOV%2B2owEmLSnwXrIkvtCZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 777eb08f8d578c7e-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 11 Dec 2022 14:16:22 GMT

GET
H2 200 31c35dc8679c9c07252bd842248d2851.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 18 KB
18 KB 530ms
417ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/31c35dc8679c9c07252bd842248d2851.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

dd35300aa551a9b7ac4c3a748dc75b6c26c725a16aed34414adfeee9d8703348

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:10 GMT
server: nginx
etag: "63959512-466f"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18031
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 6d07e75aed729df12df08a874a4f197f.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 18 KB
18 KB 540ms
427ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/6d07e75aed729df12df08a874a4f197f.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

c4f43b7341f0bcca2a7e009e93c970140b9e3bd8585856e8a82627a0ec8cd423

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:09 GMT
server: nginx
etag: "63959511-46d5"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18133
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 bc8d2e337f7db0b176fcb01dd0b7b115.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 8 KB
8 KB 592ms
479ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/bc8d2e337f7db0b176fcb01dd0b7b115.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

3732b63e0c4536a7319342e8b4f88c06e8eab5d08dbb995d0b9a1f65dbfd487b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:09 GMT
server: nginx
etag: "63959511-1f7e"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8062
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 23ebc0402356b98f279b351b2d9d343d.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 7 KB
7 KB 604ms
492ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/23ebc0402356b98f279b351b2d9d343d.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

cf449169a76ce2d0701a05c05e2b4eeedd2260191a0e4afda511978bd9fdac99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:09 GMT
server: nginx
etag: "63959511-1bdb"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7131
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 f2c051815100ec60d5179b71b13297e4.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 9 KB
9 KB 606ms
493ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/f2c051815100ec60d5179b71b13297e4.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

41dcfcb7e81e8f7217408cc728f389f5e6356d47c4455cff68e774597c008cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:09 GMT
server: nginx
etag: "63959511-2225"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8741
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 460ba84da0330f1b5300bd9dac1fe38a.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 9 KB
9 KB 606ms
494ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/460ba84da0330f1b5300bd9dac1fe38a.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

3648fcc8b72fd9e290c9eb7337bff687ead4e2e1ca682e4dfc54d06d7211233b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:09 GMT
server: nginx
etag: "63959511-22f6"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8950
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 27e60f4240e3bbf92a568cf1b39f87da.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 9 KB
9 KB 607ms
495ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/27e60f4240e3bbf92a568cf1b39f87da.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

2fde54ef46ec943a5192856e8172ee97e622e174664fc35e73c303a92b35fe7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:08 GMT
server: nginx
etag: "63959510-22d5"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8917
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 70e596aec7dba0fde0498c1896a58cb5.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 9 KB
9 KB 608ms
495ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/70e596aec7dba0fde0498c1896a58cb5.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

14ebb4f3440e36c34181e159003eb7856c751989b354429b6bee7f2e4e4f7689

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:08 GMT
server: nginx
etag: "63959510-24c4"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9412
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 489fee5ed8b04dd3f9f48de8e682eea2.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 9 KB
10 KB 609ms
496ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/489fee5ed8b04dd3f9f48de8e682eea2.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

63b0dd5e9390517f2d764dfe1f40ad60da877770263870c844f6b80cbbbc8186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:08 GMT
server: nginx
etag: "63959510-254d"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9549
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 b986f379d36b380733e2d38e5288d6c4.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 12 KB
12 KB 609ms
497ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/b986f379d36b380733e2d38e5288d6c4.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

61ce547f1cde11ac967bdf53baa7dfd0cad762b399f2d8a39ca72496aa4b4d1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:08 GMT
server: nginx
etag: "63959510-2e14"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11796
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H3 200 252.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 3543 973 B
821 B 162ms
144ms Script
application/javascript 2606:4700:3035::6815:5699
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/252.js
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5699 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1308118139c5a6ee361785472b2be0a1136d79f71ccab16b7f463f65cf2aa769

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 18 Nov 2022 03:28:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 41648
etag: W/"6376fbe6-3cd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uxZJ3VREC2fORBvC2GmqexaMKE%2B50cVHe8TYVo5cwige1khqx%2F5kPmYO17iVRXHmWTWNbBDpD83U9rKs7Oomkf7p4lvUQ3Dca9%2BrNmlqSxmxsGSrED3IZrphFXaz5iGKXRxpipSUEDn7BU1WQ4EEsHev"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 777eb08f8d628c7e-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 11 Dec 2022 14:16:22 GMT

GET
H2 200 a8c113d2f30363a03dce2e47f3da0ba7.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 11 KB
11 KB 610ms
498ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/a8c113d2f30363a03dce2e47f3da0ba7.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

4b8dce9166eb1173bcdc21832036e5aeb48d3ef007ea24f182adc2511c4855c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 02:30:07 GMT
server: nginx
etag: "639540af-2abb"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10939
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 4b403250bc19a4a27ab52606033fcf3e.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 12 KB
13 KB 611ms
499ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/4b403250bc19a4a27ab52606033fcf3e.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

99b519340a4ecf9d55fd3059ebec1066bfddec57e72f7d121a24e4ab7bd468c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 02:30:07 GMT
server: nginx
etag: "639540af-31b8"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12728
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 946ddcec1fb989d47c7649df11754884.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 11 KB
11 KB 612ms
499ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/946ddcec1fb989d47c7649df11754884.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

1e1f6e83aa7f6f4cfbf4eeda0310f5e633136dafbaac5bea17b9dcbc70a9c272

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 02:30:06 GMT
server: nginx
etag: "639540ae-2c52"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11346
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 7b7e926c09be3a1898695951dc04b2b4.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 11 KB
11 KB 612ms
500ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/7b7e926c09be3a1898695951dc04b2b4.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

1e7a84758ba9f9d265ed5f408fa2d978ecbc754ac09613e96addf13da3b91e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 02:30:06 GMT
server: nginx
etag: "639540ae-2c14"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11284
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 225cb549e815a31488e88d821dc3de6f.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 11 KB
11 KB 613ms
501ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/225cb549e815a31488e88d821dc3de6f.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

5604d1f1cb49908df6895860cd972e3125c00fd42a023e7ddbda050726f6c592

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 02:30:06 GMT
server: nginx
etag: "639540ae-2c68"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11368
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 097c9756d666b0abd9dbaf75f63799ab.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 11 KB
12 KB 614ms
501ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/097c9756d666b0abd9dbaf75f63799ab.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

c75432ef6553397d43707b9a1de5acc84ad70871ae1af2bc6309f7aa8d315dc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 02:30:06 GMT
server: nginx
etag: "639540ae-2df7"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11767
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 9bbbc1e8fdc7c3390808ba6f668b62f6.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 11 KB
12 KB 614ms
502ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/9bbbc1e8fdc7c3390808ba6f668b62f6.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

b260b43c9735e20c48498649e4a0c3c353d55d39b3c1648d990c14774afb4586

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 02:30:05 GMT
server: nginx
etag: "639540ad-2d71"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11633
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 fddc9aa6930678bd8ad6de6e6fc4cdc3.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 11 KB
11 KB 615ms
503ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/fddc9aa6930678bd8ad6de6e6fc4cdc3.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

99b5c580c671e71cd95df9b9eccb22782706b2ce5ac255fc1566cdc18798faa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 02:30:05 GMT
server: nginx
etag: "639540ad-2a6d"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10861
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 20b62693a5904daed3b0dea2ebcd95f7.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 14 KB
15 KB 616ms
504ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/20b62693a5904daed3b0dea2ebcd95f7.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

b1b4e88052704527f126e5c5a2624bbeaec69a3761c83aa420365c64ab48c3e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 02:30:05 GMT
server: nginx
etag: "639540ad-39ba"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14778
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 844ff719e098a72dceb46fe5b8327879.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 10 KB
10 KB 617ms
504ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/844ff719e098a72dceb46fe5b8327879.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

e26bde04b5854abcfdc4d274cea7025074837cdb82bcc87dd0e77c0c8a5e67c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 02:30:05 GMT
server: nginx
etag: "639540ad-28f4"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10484
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H3 200 253.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 3543 1 KB
843 B 127ms
109ms Script
application/javascript 2606:4700:3035::6815:5699
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/253.js
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5699 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b5c904ef5811220bcf42cfea7e394ab5b2e7c78b978774efccc7deb2ba5febc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Nov 2022 07:02:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 41648
etag: W/"6379d10c-421"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pMv%2FS36YgPByWUJXoZl0rg7nLZt6004FeyEUHLC1Dbpg%2Fc6CmReXKDB48%2BXVXg8LiTdcTT%2BrhkK%2Fyvyhj2gPJWLaOEXPuVbZaTvSmWI3e3Xm%2FMNrY11b2zvWo478oGhON7MHFy1Om%2BhUNirHKMYZuP4D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 777eb08f8d608c7e-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 11 Dec 2022 14:16:22 GMT

GET
H2 200 89d08a400a06f6e2e41ed9dc0cfd52d3.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 8 KB
9 KB 617ms
505ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/89d08a400a06f6e2e41ed9dc0cfd52d3.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

15e1e408f6fa3fc51fca18bfaf49430e9d400eaa0597d6ac749c206521280e85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:11 GMT
server: nginx
etag: "63959513-21d3"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8659
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 0c951046873fbf6c2a6c88ff8335d8d7.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 11 KB
11 KB 618ms
506ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/0c951046873fbf6c2a6c88ff8335d8d7.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

745f629ed4edc73378f4c7eb2d8cc205b32206d545e7e3568c873f7de9dba9dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:11 GMT
server: nginx
etag: "63959513-2a33"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10803
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 4501b7c35e70d749b2cbb3e17e0a9367.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 9 KB
9 KB 629ms
517ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/4501b7c35e70d749b2cbb3e17e0a9367.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

11487e254e251d6e076f182cdfd459547425db242256a61e855c509330cab352

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:11 GMT
server: nginx
etag: "63959513-2225"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8741
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 73020ef6c40f41563a164c3af8e743a9.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 15 KB
15 KB 631ms
518ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/73020ef6c40f41563a164c3af8e743a9.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

a80288b7878b7dc270ca0126330939ee7429ff75ec9d6cf82f5e6e52d2ea9694

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:11 GMT
server: nginx
etag: "63959513-3a28"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14888
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 c3078c9c0cd763d34d7dc02252d4efb4.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 19 KB
19 KB 631ms
519ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/c3078c9c0cd763d34d7dc02252d4efb4.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

d50dd127af29572aa9720129f686699380d9c9f5fbec76825e9883efc83489f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:10 GMT
server: nginx
etag: "63959512-4a38"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 19000
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 9b50852965c4692e88e83319b0774813.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 17 KB
17 KB 632ms
520ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/9b50852965c4692e88e83319b0774813.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

3a96a779e3988f36dd9027cbd20f7ee482cd8452f4d4314d7df5a3dde3a9229c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:10 GMT
server: nginx
etag: "63959512-42e6"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 17126
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 1d06641be22559d1582b2af480098487.jpg
www.gg123456789gg.com//upload/vod/20221211-1/ Frame 3543 13 KB
13 KB 633ms
521ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221211-1/1d06641be22559d1582b2af480098487.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

fd0da0caa449d5f09b77a48f8eacc692fd62e0c5311c84975e592ee84cc7d102

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 11 Dec 2022 08:30:10 GMT
server: nginx
etag: "63959512-33bc"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13244
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 6e55b5aa846b3145bd03648878fabf40.jpg
www.gg123456789gg.com//upload/vod/20221210-1/ Frame 3543 10 KB
11 KB 634ms
522ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221210-1/6e55b5aa846b3145bd03648878fabf40.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

943c39ed555b9aaf89c96d595b852458ae13cda8fa6a2b345f83202918f69205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 10 Dec 2022 07:30:14 GMT
server: nginx
etag: "63943586-2949"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10569
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 226f8023907f00d65a09915892492fb4.jpg
www.gg123456789gg.com//upload/vod/20221210-1/ Frame 3543 10 KB
10 KB 634ms
522ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221210-1/226f8023907f00d65a09915892492fb4.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

1b80fa0672efee3f0b38d6dc3059463a44da056f4ea8c771155de75d12476fca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 10 Dec 2022 07:30:14 GMT
server: nginx
etag: "63943586-26f4"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9972
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 cc6be26cc7ffd2ad7007fb79387ee493.jpg
www.gg123456789gg.com//upload/vod/20221210-1/ Frame 3543 9 KB
10 KB 635ms
523ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221210-1/cc6be26cc7ffd2ad7007fb79387ee493.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

f13a6a82767d52a14dc1249f7bc42458b90de17faad1250bb84de08854d821ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 10 Dec 2022 07:30:14 GMT
server: nginx
etag: "63943586-253c"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9532
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H3 200 254.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 3543 974 B
831 B 95ms
77ms Script
application/javascript 2606:4700:3035::6815:5699
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/254.js
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5699 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79b70dd58b4295aeda1d68082ad1e0badb5c8d187f591fe139f80a7682540d9a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 03 Dec 2022 16:17:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 27472
etag: W/"638b7691-3ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2BBj%2B2yMhEWsIjldA%2BylBE7%2BjS5DQYEklqhwv1iCm1mrKD1PPNELV6zywUMhjr3HyYpsoQIkS%2BoO4eWdruXza64U3xK5HRoIjgu0o8r%2F7HfcMof9e0L1TpXcS6%2FclzvK9EDcLDgQWZIXH6L4OsNUvvXx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 777eb08f8d618c7e-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 11 Dec 2022 18:12:38 GMT

GET
H2 200 e56ad8f73213ecf90a37e976ee04fdb6.jpg
www.gg123456789gg.com//upload/vod/20221202-1/ Frame 3543 12 KB
12 KB 636ms
524ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20221202-1/e56ad8f73213ecf90a37e976ee04fdb6.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

1e836f129ab861fb7e1688c45374b1336d11af9ff3f3121e41f78d7a24c3f398

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 02 Dec 2022 01:30:02 GMT
server: nginx
etag: "6389551a-2f1f"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12063
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 51c4873e0809d56be0fce8d3f67c389a.jpg
www.gg123456789gg.com//upload/vod/20220531-1/ Frame 3543 12 KB
13 KB 637ms
525ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220531-1/51c4873e0809d56be0fce8d3f67c389a.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

385ace7701f1372da6741105a4657a1c7987ce3a5a699f472dc86b5dcc0dcd03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 30 May 2022 22:30:19 GMT
server: nginx
etag: "6295457b-3154"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12628
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 d7aae5cd95abf917a164034caf87219d.jpg
www.gg123456789gg.com//upload/vod/20220531-1/ Frame 3543 14 KB
14 KB 637ms
525ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220531-1/d7aae5cd95abf917a164034caf87219d.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

b016d08b5926768cbb1dd91adc16a0f0302bd1d3b1fcbfbe4dd30f66cfe0a9eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 30 May 2022 22:30:19 GMT
server: nginx
etag: "6295457b-3741"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14145
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 bbedf0d044382a6f05172a4e45bc5752.jpg
www.gg123456789gg.com//upload/vod/20220531-1/ Frame 3543 15 KB
15 KB 638ms
526ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220531-1/bbedf0d044382a6f05172a4e45bc5752.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

4638e1b3d37bcc0f7541ffd91879dc9f6bd069cdd76675562b6038a020925af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 30 May 2022 22:30:20 GMT
server: nginx
etag: "6295457c-3bfd"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15357
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 25b53882b68945b6ea9430cd4295982c.jpg
www.gg123456789gg.com//upload/vod/20220516-1/ Frame 3543 32 KB
32 KB 638ms
526ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220516-1/25b53882b68945b6ea9430cd4295982c.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

a9189a3a524e8d0369e25ee5fe11e37f9730f4bf1860f33d082959ebece8a9aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 16 May 2022 04:30:15 GMT
server: nginx
etag: "6281d357-800a"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 32778
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 775ea27fcc79d57b47c0daa2231eeddf.jpg
www.gg123456789gg.com//upload/vod/20220516-1/ Frame 3543 33 KB
33 KB 639ms
527ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220516-1/775ea27fcc79d57b47c0daa2231eeddf.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

e7388077486f760cc4b1ac6a8d84e7ba716cc74ffccd8b58bdce081a11994348

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 16 May 2022 04:30:15 GMT
server: nginx
etag: "6281d357-8362"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 33634
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 2c88d74092f9c5084b88232d74335828.jpg
www.gg123456789gg.com//upload/vod/20220516-1/ Frame 3543 23 KB
23 KB 837ms
725ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220516-1/2c88d74092f9c5084b88232d74335828.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

95add14ccb4e022cf7194a6b5da42ab3e38bf171796f45a6d68733c6465dece9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 16 May 2022 04:30:15 GMT
server: nginx
etag: "6281d357-5ba6"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 23462
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 3e6a21934a0acf4dc40c6faaa80e31e4.jpg
www.gg123456789gg.com//upload/vod/20220515-1/ Frame 3543 12 KB
12 KB 841ms
729ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220515-1/3e6a21934a0acf4dc40c6faaa80e31e4.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

d653222e02b0dfb70d11368109bcb69e8d2a1ec0c0d7831d947375b772df96c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 15 May 2022 04:30:18 GMT
server: nginx
etag: "628081da-3041"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12353
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 b4849c7ed812f3e4b1e6d9ca08467f8c.jpg
www.gg123456789gg.com//upload/vod/20220515-1/ Frame 3543 18 KB
18 KB 843ms
732ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220515-1/b4849c7ed812f3e4b1e6d9ca08467f8c.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

35742e874e60b23deec883cd5179e7c350f334fde1f07e5f9f2c1a1a7f2f18f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 15 May 2022 04:30:18 GMT
server: nginx
etag: "628081da-46c7"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18119
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H2 200 10d13a7170bdc910487afba5201cbbb3.jpg
www.gg123456789gg.com//upload/vod/20220515-1/ Frame 3543 75 KB
75 KB 846ms
734ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220515-1/10d13a7170bdc910487afba5201cbbb3.jpg

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

c10afccbf2eb99bc0f8f0b121ceaa6393f99ee707ec81d7b00d7ff7cb499c0c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 15 May 2022 04:30:19 GMT
server: nginx
etag: "628081db-12a73"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76403
expires: Tue, 10 Jan 2023 13:50:30 GMT

GET
H3 200 wz.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 3543 428 B
754 B 79ms
60ms Script
application/javascript 2606:4700:3035::6815:5699
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/wz.js
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5699 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 474d7a6baca6a2ad09282edaa3c8dbbb74cda5d46062abdfc4c4c6d35d7c34ba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 02 Dec 2022 18:04:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 41648
etag: W/"638a3e35-1ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HxU3CT0%2Fep6gwbFEPzzpTKxpx22fN43oh5fSvf3iEyG1FUVKL3tO7QYsz6ZFI3AvhZKwJHGQbp8YMylNlVOu0ssmxlHnYN9d3l4yNb5%2F%2FCh2MFmCU1CUxz4m5ZV87OY9IARkOVChZ48gXs1o5fIcDBHY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 777eb08f8d668c7e-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 11 Dec 2022 14:16:22 GMT

GET
H3 200 wz1.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 3543 445 B
781 B 91ms
72ms Script
application/javascript 2606:4700:3035::6815:5699
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/wz1.js
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5699 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bee2126898d8046588a39436dcef69d981f7b29686326fd0edd0603604fd693e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 02 Dec 2022 18:04:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 41648
etag: W/"638a3e35-1bd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yoUoTva%2FTHEYMQxd8zEp%2FEDJ%2Bm9%2BcpwOkGtg494z1ScmHxVhg6ETRzGp4snJ54YPgfbKMucG7Zo%2BnY7ARK9UUwhQi%2FtxGbpFhMZj7QETRaB8%2ByI5PieaS7Nj708IF%2F%2BUsUuO%2BO2W%2BnCNa7I1hh6st2%2Fc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 777eb08f8d6b8c7e-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 11 Dec 2022 14:16:22 GMT

GET
H3 200 zylm.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 3543 951 B
836 B 161ms
142ms Script
application/javascript 2606:4700:3035::6815:5699
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/zylm.js
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5699 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5565f81db170d81799ef3af49c3de085a90ea310c3854387330f78dc25585f81

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Jun 2022 05:41:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 41648
etag: W/"62a9711e-3b7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2BP8h3yy%2BnvXMu0Tf8bX96adJ24cr42mbvNqzHzql1p0w6I7fUhmHacQa%2FUnfry%2F1aZd7Ly1RLMTBKpP%2FcWk4O%2F5wD6dKGUyLnTYbarN2hH5k2Vk6UjDGWQhL4q5T7BgYB5AVww8Aj%2FGbTbSHjwVvrku"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 777eb08f8d6a8c7e-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 11 Dec 2022 14:16:22 GMT

GET
H3 200 xx3.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 3543 1 KB
843 B 146ms
127ms Script
application/javascript 2606:4700:3035::6815:5699
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5699 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a2faf511f109124170caa32b1d239f2b052d77c729288cc56a213d171c52b64

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 09:06:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 27472
etag: W/"638f0607-482"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7K5Npm7BhcX9YuFFq3xx9lDcBpkFT9t7FQOxAEsqr3kYG9goNrSJFGZRso6FHLmoOCr%2FfDkVguUlsEFfKz0X5Rtq2xLNGwMe9EhqG5%2FEr6Vpb8XmfNFRLnFDU1xBjcWsO4fGhKTBt4goEwgepIAp7i3N"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 777eb08f8d698c7e-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 11 Dec 2022 18:12:38 GMT

GET
H3 200 foot.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 3543 1 KB
1012 B 149ms
130ms Script
application/javascript 2606:4700:3035::6815:5699
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/foot.js
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5699 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02ffc05b43e07d8552bbfda7a37a41f98c09756bf98a1a179df2192ef0b2a71b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Mar 2022 07:12:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 41648
etag: W/"623976e8-445"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FjyMJUbesYAXDuSAS2Z3IeWMwJ9ez%2FlbrIX3%2BNBBKfEdMexqBx9GqZDhu%2FzpN8SV%2BBP7o7HRyxlurjjLeemzby3bhUM%2FP91gpUYB1fh61AK3rL8ViHXBNXo3eb2KwxaRF7SownE05x5V4WnQeTeR9kOJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 777eb08f8d678c7e-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 11 Dec 2022 14:16:22 GMT

GET
H/1.1 200
OK 21278765.js Show response
js.users.51.la/ Frame 3543 5 KB
3 KB 1331ms
326ms Script
application/javascript 103.143.19.103
CHINANET-HEBEI-SH...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/21278765.js
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 103.143.19.103 , China, ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: 6223ea653b3ccdc2d5f9567a16a7225332905919ea00edde3fecc09aa0ba5461

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 13:50:31 GMT
Content-Encoding: gzip
Server: CloudWAF
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=360000
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2

200

80425b77b9bd0cff2005378bab6643ed.gif
kvhfff.top/ Frame 3543
Redirect Chain

https://kzeii.com/80425b77b9bd0cff2005378bab6643ed.gif
https://kvhfff.top/80425b77b9bd0cff2005378bab6643ed.gif

1 MB
1 MB

103ms
64ms

Image
image/gif

2606:4700:3032::6815:40cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kvhfff.top/80425b77b9bd0cff2005378bab6643ed.gif
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H2
Server: 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be2b36a7353b79c2578b4ac0704ae20bb8441147fc2810b88e01dd156a52d66b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 152351
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1217913
last-modified: Mon, 10 Oct 2022 13:23:30 GMT
server: cloudflare
etag: "63441cd2-129579"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PirQ%2FbDql2%2FBYoKtiQ5NdTwjIVJ0p%2B5vV3tD2U9SgFDYLSk4Xf6YcePaG8aqKE%2BPDiAjxBIJ90e21eH0uypMTXoO%2FDIQvaygXPCp52autn4rcqk08j8ymkT6RxXxQO%2BnVH%2B76PJmjc1F"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 777eb0993a128cb9-EWR
expires: Sun, 08 Jan 2023 19:31:20 GMT

Redirect headers

location: https://kvhfff.top/80425b77b9bd0cff2005378bab6643ed.gif
date: Sun, 11 Dec 2022 13:50:31 GMT
strict-transport-security: max-age=31536000
server: nginx
content-length: 162
content-type: text/html

GET
H/1.1 200
OK 1825aadc7435489f87c5b35903b8d679.gif
585227ybn.com/ Frame 3543 137 KB
138 KB 2616ms
380ms Image
image/gif 103.170.15.104
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://585227ybn.com/1825aadc7435489f87c5b35903b8d679.gif
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.104 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: 3be630a28e559a5dd07a2e9e3bf8280a8e20dda60eda7dce947fad9716e2eba8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 22 Nov 2022 06:45:13 GMT
Last-Modified: Thu, 17 Nov 2022 13:33:08 GMT
Server: nginx
ETag: "63763814-225a8"
X-Cache: HIT from yd11_13-cdn-g01-la2-34
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 140712

GET index.gif
178880.vip/ Frame 3543 0
0

GET
H2

200

ad2d666c37d44b36a34ec71a68548c4a
p3.douyinpic.com/obj/tos-cn-i-dy/ Frame 3543
Redirect Chain

https://img.1193555.com/images/638df30ccaa2bdc0a4c47cf7.gif
https://p3.douyinpic.com/obj/tos-cn-i-dy/ad2d666c37d44b36a34ec71a68548c4a

1 MB
1 MB

521ms
264ms

Image
image/gif

163.181.66.233
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.douyinpic.com/obj/tos-cn-i-dy/ad2d666c37d44b36a34ec71a68548c4a
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H2
Server: 163.181.66.233 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / ImageX
Resource Hash: 2b4509b14a9b5debf2727a84af3d90979816e07c1f4fe0e92f65b8a42e9753c0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 12:20:23 GMT
via: n204-100-030, cache24.l2ot7-1[0,0,206-0,H], cache38.l2ot7-1[1,0], cache38.l2ot7-1[1,0], cache10.us17[0,0,200-0,H], cache10.us17[4,0]
x-response-lb: image
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
age: 523808
nw-session-id: 2022120519424301014203313923B8B4CEv9hg702dy
x-powered-by: ImageX
x-swift-cachetime: 31354259
x-cache: HIT TCP_MEM_HIT dirn:12:286836738 mlen:0
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache;desc=HIT,edge;dur=4
x-swift-savetime: Wed, 07 Dec 2022 14:49:25 GMT
x-length: 1445080
content-length: 1445080
last-modified: Mon, 05 Dec 2022 11:42:44 GMT
server: Tengine
x-tt-logid: 2022120519424301014203313923B8B4CE
x-response-date: Mon, 05 Dec 2022 19:42:44 GMT
ali-swift-global-savetime: 1670242824
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2022-12-05T19:42:44.033365338+08:00 55
cache-control: max-age=31536000
x-request-ip: fdbd:dc01:25:80::214
x-response-cinfo: 5.181.234.132
imagex-fmt: gif2gif
x-response-cache: edge_hit
timing-allow-origin: *, *
x-tt-trace-host: 01ea64f99fa80c9ebda0e492987eb4d117ea2dcd7a3861d2cfba542e5eb5da55029e7f5ee131c1aa55e05e4996a702928595f1eb82ae77f93cf61bc72a9dfb66ac2b2cd37fdaf8dbd89daeb0c923a5dc89da5c7a90a7d1d0685593b261b37352a3
eagleid: a3b5429e16707666329128039e

Redirect headers

location: https://p3.douyinpic.com/obj/tos-cn-i-dy/ad2d666c37d44b36a34ec71a68548c4a
cache-control: max-age=3600
referrer-policy: no-referrer

GET
H2

200

80425b77b9bd0cff2005378bab6643ed.gif
kvhfff.top/ Frame 175C
Redirect Chain

https://kzeii.com/80425b77b9bd0cff2005378bab6643ed.gif
https://kvhfff.top/80425b77b9bd0cff2005378bab6643ed.gif

1 MB
1 MB

64ms
25ms

Image
image/gif

2606:4700:3032::6815:40cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kvhfff.top/80425b77b9bd0cff2005378bab6643ed.gif
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H2
Server: 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be2b36a7353b79c2578b4ac0704ae20bb8441147fc2810b88e01dd156a52d66b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 152351
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1217913
last-modified: Mon, 10 Oct 2022 13:23:30 GMT
server: cloudflare
etag: "63441cd2-129579"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MtmnshcjZs0oC2zYvD1xm6DPdMQkqyvHGcF2PdnYdFU%2F7kg8SRhSAAZn1XRnrRz4y9yiEKzhz4MHsshbDbIGPjYYsCAA9kast1ql%2FLXpOt19RY659YVjX%2B4AgYc2jQggvAFam2Lqu%2Byy"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 777eb0993a138cb9-EWR
expires: Sun, 08 Jan 2023 19:31:20 GMT

Redirect headers

location: https://kvhfff.top/80425b77b9bd0cff2005378bab6643ed.gif
date: Sun, 11 Dec 2022 13:50:31 GMT
strict-transport-security: max-age=31536000
server: nginx
content-length: 162
content-type: text/html

GET
H/1.1 200
OK 1825aadc7435489f87c5b35903b8d679.gif
585227ybn.com/ Frame 175C 137 KB
138 KB 2585ms
379ms Image
image/gif 103.170.15.104
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://585227ybn.com/1825aadc7435489f87c5b35903b8d679.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.104 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: 3be630a28e559a5dd07a2e9e3bf8280a8e20dda60eda7dce947fad9716e2eba8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 22 Nov 2022 06:45:13 GMT
Last-Modified: Thu, 17 Nov 2022 13:33:08 GMT
Server: nginx
ETag: "63763814-225a8"
X-Cache: HIT from yd11_13-cdn-g01-la2-34
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 140712

GET
H2

200

ad2d666c37d44b36a34ec71a68548c4a
p3.douyinpic.com/obj/tos-cn-i-dy/ Frame 175C
Redirect Chain

https://img.1193555.com/images/638df30ccaa2bdc0a4c47cf7.gif
https://p3.douyinpic.com/obj/tos-cn-i-dy/ad2d666c37d44b36a34ec71a68548c4a

1 MB
1 MB

334ms
76ms

Image
image/gif

163.181.66.233
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.douyinpic.com/obj/tos-cn-i-dy/ad2d666c37d44b36a34ec71a68548c4a
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H2
Server: 163.181.66.233 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / ImageX
Resource Hash: 2b4509b14a9b5debf2727a84af3d90979816e07c1f4fe0e92f65b8a42e9753c0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 12:20:23 GMT
via: n204-100-030, cache24.l2ot7-1[0,0,206-0,H], cache38.l2ot7-1[1,0], cache38.l2ot7-1[1,0], cache17.us17[0,0,200-0,H], cache10.us17[3,0]
x-response-lb: image
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
age: 523808
nw-session-id: 2022120519424301014203313923B8B4CEv9hg702dy
x-powered-by: ImageX
x-swift-cachetime: 31535258
x-cache: HIT TCP_MEM_HIT dirn:12:229355765 mlen:0
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache;desc=HIT,edge;dur=3
x-swift-savetime: Mon, 05 Dec 2022 12:32:46 GMT
x-length: 1445080
content-length: 1445080
last-modified: Mon, 05 Dec 2022 11:42:44 GMT
server: Tengine
x-tt-logid: 2022120519424301014203313923B8B4CE
x-response-date: Mon, 05 Dec 2022 19:42:44 GMT
ali-swift-global-savetime: 1670242824
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2022-12-05T19:42:44.033365338+08:00 55
cache-control: max-age=31536000
x-request-ip: fdbd:dc01:25:80::214
x-response-cinfo: 5.181.234.132
imagex-fmt: gif2gif
x-response-cache: edge_hit
timing-allow-origin: *, *
x-tt-trace-host: 01ea64f99fa80c9ebda0e492987eb4d117ea2dcd7a3861d2cfba542e5eb5da55029e7f5ee131c1aa55e05e4996a702928595f1eb82ae77f93cf61bc72a9dfb66ac2b2cd37fdaf8dbd89daeb0c923a5dc89da5c7a90a7d1d0685593b261b37352a3
eagleid: a3b5429e16707666329118037e

Redirect headers

location: https://p3.douyinpic.com/obj/tos-cn-i-dy/ad2d666c37d44b36a34ec71a68548c4a
cache-control: max-age=3600
referrer-policy: no-referrer

GET index.gif
178880.vip/ Frame 175C 0
0

GET
H2

200

80425b77b9bd0cff2005378bab6643ed.gif
kvhfff.top/ Frame 3543
Redirect Chain

https://kzeii.com/80425b77b9bd0cff2005378bab6643ed.gif
https://kvhfff.top/80425b77b9bd0cff2005378bab6643ed.gif

1 MB
1 MB

112ms
76ms

Image
image/gif

2606:4700:3032::6815:40cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kvhfff.top/80425b77b9bd0cff2005378bab6643ed.gif
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H2
Server: 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be2b36a7353b79c2578b4ac0704ae20bb8441147fc2810b88e01dd156a52d66b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 152351
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1217913
last-modified: Mon, 10 Oct 2022 13:23:30 GMT
server: cloudflare
etag: "63441cd2-129579"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sij670ymbpoGOosvT%2FXEUrtWejVACeNTgRN3ntSmIQPrKPNS1l%2BZkfdC1ZXKvMXmHimdwOzCZbmFQ2fSbkgo1RYCXpkIMwWI8nG%2FJl%2BKXUyYcX5NxcgbuH9JZVVsMBM2RBkcGu5K7%2FfU"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 777eb0993a148cb9-EWR
expires: Sun, 08 Jan 2023 19:31:20 GMT

Redirect headers

location: https://kvhfff.top/80425b77b9bd0cff2005378bab6643ed.gif
date: Sun, 11 Dec 2022 13:50:31 GMT
strict-transport-security: max-age=31536000
server: nginx
content-length: 162
content-type: text/html

GET
H/1.1 200
OK 1825aadc7435489f87c5b35903b8d679.gif
585227ybn.com/ Frame 3543 137 KB
138 KB 2107ms
369ms Image
image/gif 103.170.15.104
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://585227ybn.com/1825aadc7435489f87c5b35903b8d679.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.104 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: 3be630a28e559a5dd07a2e9e3bf8280a8e20dda60eda7dce947fad9716e2eba8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 22 Nov 2022 06:45:13 GMT
Last-Modified: Thu, 17 Nov 2022 13:33:08 GMT
Server: nginx
ETag: "63763814-225a8"
X-Cache: HIT from yd11_13-cdn-g01-la2-34
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 140712

GET
H2

200

ad2d666c37d44b36a34ec71a68548c4a
p3.douyinpic.com/obj/tos-cn-i-dy/ Frame 3543
Redirect Chain

https://img.1193555.com/images/638df30ccaa2bdc0a4c47cf7.gif
https://p3.douyinpic.com/obj/tos-cn-i-dy/ad2d666c37d44b36a34ec71a68548c4a

1 MB
1 MB

510ms
252ms

Image
image/gif

163.181.66.233
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.douyinpic.com/obj/tos-cn-i-dy/ad2d666c37d44b36a34ec71a68548c4a
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H2
Server: 163.181.66.233 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / ImageX
Resource Hash: 2b4509b14a9b5debf2727a84af3d90979816e07c1f4fe0e92f65b8a42e9753c0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 12:20:23 GMT
via: n204-100-030, cache24.l2ot7-1[0,0,206-0,H], cache38.l2ot7-1[1,0], cache38.l2ot7-1[1,0], cache10.us17[0,0,200-0,H], cache10.us17[3,0]
x-response-lb: image
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
age: 523808
nw-session-id: 2022120519424301014203313923B8B4CEv9hg702dy
x-powered-by: ImageX
x-swift-cachetime: 31354259
x-cache: HIT TCP_HIT dirn:12:286836738 mlen:0
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache;desc=HIT,edge;dur=3
x-swift-savetime: Wed, 07 Dec 2022 14:49:25 GMT
x-length: 1445080
content-length: 1445080
last-modified: Mon, 05 Dec 2022 11:42:44 GMT
server: Tengine
x-tt-logid: 2022120519424301014203313923B8B4CE
x-response-date: Mon, 05 Dec 2022 19:42:44 GMT
ali-swift-global-savetime: 1670242824
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2022-12-05T19:42:44.033365338+08:00 55
cache-control: max-age=31536000
x-request-ip: fdbd:dc01:25:80::214
x-response-cinfo: 5.181.234.132
imagex-fmt: gif2gif
x-response-cache: edge_hit
timing-allow-origin: *, *
x-tt-trace-host: 01ea64f99fa80c9ebda0e492987eb4d117ea2dcd7a3861d2cfba542e5eb5da55029e7f5ee131c1aa55e05e4996a702928595f1eb82ae77f93cf61bc72a9dfb66ac2b2cd37fdaf8dbd89daeb0c923a5dc89da5c7a90a7d1d0685593b261b37352a3
eagleid: a3b5429e16707666329128038e

Redirect headers

location: https://p3.douyinpic.com/obj/tos-cn-i-dy/ad2d666c37d44b36a34ec71a68548c4a
cache-control: max-age=3600
referrer-policy: no-referrer

GET index.gif
178880.vip/ Frame 3543 0
0

GET
H2 200 gg.css
sb.learning8808.com/yPS7hqfHgkFauS2djb/ Frame 175C 3 KB
1 KB 112ms
51ms Stylesheet
text/css 2606:4700:3030::6815:12ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.learning8808.com/yPS7hqfHgkFauS2djb/gg.css
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xtb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:12ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bb4ec00d22758bd6f9960202619821782a2c88ebd0997582582b00f015642fb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Jun 2022 09:41:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 40612
etag: W/"62bc1e37-c63"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=36tXJEtMwQtTsI00Gq0WueRW8ScAVkCly8NW4wBmhl6H11URpigJR0e7mqcuA3LIy96bFZUOx3ky67Bv6dCfWfs5FLLJy1crGBqKNtWsfYNovQ4kO7xLj3fz6U6tV2QVf1pmBffgi1dVTqxE34mktco3"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 777eb091cc5e334e-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 11 Dec 2022 14:33:38 GMT

GET 69a77fdc94014ce6a6a1c95eafa17df7.gif
vcawmm.com/ Frame 175C 0
0

GET a16bc2eba9394ff7a8d1fd21227d4ad0.png
u0082.com/ Frame 175C 0
0

GET f67b410855efed07dc1783436baaa5f7.gif
kveii.com/ Frame 175C 0
0

GET 639186453ec05fc4952c55e1.gif
img.1134555.com/images/ Frame 175C 0
0

GET ad57239e363d4a2f96c2e91f27d2aefb.gif
bob5379.com/ Frame 175C 0
0

GET 200200.gif
taiwtp1.com/img/ Frame 175C 0
0

GET zbcpa2.png
tk.learning8808.com/images/ Frame 175C 0
0

GET 200x200.gif
701.oss-cn-hongkong.aliyuncs.com/gg/ Frame 175C 0
0

GET
H2 200 gg.css
sb.learning8808.com/yPS7hqfHgkFauS2djb/ Frame 3543 3 KB
1 KB 62ms
48ms Stylesheet
text/css 2606:4700:3030::6815:12ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.learning8808.com/yPS7hqfHgkFauS2djb/gg.css
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xtb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:12ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bb4ec00d22758bd6f9960202619821782a2c88ebd0997582582b00f015642fb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Jun 2022 09:41:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 40612
etag: W/"62bc1e37-c63"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SqI8xsb8euZKD2ZwzSR7%2FMc3gGmYN311uNOkogAJG6g6i2oFZsfJnFrOLbiYvCtWX5lI5KkP%2F%2FX6jGvxmJnzFJWQeVDTQIU%2B4DN3W4DybRa%2BLWAdWuTvJp0xGWIkkzX1fchWobntNATIgFtI1HMklPFr"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 777eb091cc5f334e-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 11 Dec 2022 14:33:38 GMT

GET
H2 200 69a77fdc94014ce6a6a1c95eafa17df7.gif
vcawmm.com/ Frame 3543 5 KB
6 KB 2093ms
361ms Image
image/gif 45.61.212.173
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcawmm.com/69a77fdc94014ce6a6a1c95eafa17df7.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xtb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.173 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: f79805b07dd476b307facd24cd474fff1007d5241bc3a4aaba3f9bb2a63a5273

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 20:39:31 GMT
last-modified: Tue, 04 Oct 2022 13:45:29 GMT
server: nginx
etag: "633c38f9-1519"
x-cache: HIT from cloud-us5-cdnb-13
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 5401

GET
H2 200 a16bc2eba9394ff7a8d1fd21227d4ad0.png
u0082.com/ Frame 3543 32 KB
32 KB 790ms
351ms Image
image/png 20.210.115.126
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u0082.com/a16bc2eba9394ff7a8d1fd21227d4ad0.png
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xtb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.210.115.126 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: 3a04d95ac386a81d422f3d04a11047536497843ef43a21858d5ee09ca99974c1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:31 GMT
content-encoding: gzip
last-modified: Wed, 05 Oct 2022 08:35:07 GMT
server: WAF/2.4-12.1
etag: W/"633d41bb-80a4"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/png

GET
H2

200

f67b410855efed07dc1783436baaa5f7.gif
kvkppp.top/ Frame 3543
Redirect Chain

https://kveii.com/f67b410855efed07dc1783436baaa5f7.gif
https://kvkppp.top/f67b410855efed07dc1783436baaa5f7.gif

28 KB
29 KB

143ms
92ms

Image
image/gif

2606:4700:3035::ac43:a70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kvkppp.top/f67b410855efed07dc1783436baaa5f7.gif
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H2
Server: 2606:4700:3035::ac43:a70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e3924fe2017f9c46663dba4707736be8be378ed41e761587eb7513ae69ab1dc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1552581
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29082
last-modified: Mon, 11 Apr 2022 15:08:57 GMT
server: cloudflare
etag: "62544489-719a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zuhXvtrwVHBp4XPX3cogXIBRwIQ4km6kxn%2B4GQrMIGeb4vwoJPKbYxeutwGdIdqsyvNatUrr2GZNyMYjaNy3703T37pmVG3Qq2Df58a%2Fe4q%2FQ2J6tWVZbkB6VpkqTvX50LePI81qGAti"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 777eb09afc319e02-EWR
expires: Fri, 23 Dec 2022 14:34:11 GMT

Redirect headers

location: https://kvkppp.top/f67b410855efed07dc1783436baaa5f7.gif
date: Sun, 11 Dec 2022 13:50:31 GMT
strict-transport-security: max-age=31536000
server: nginx
content-length: 162
content-type: text/html

GET
H2

200

514577c6f48f449fa13d1ac061c06d18
p3.douyinpic.com/obj/tos-cn-i-dy/ Frame 3543
Redirect Chain

https://img.1134555.com/images/639186453ec05fc4952c55e1.gif
https://p3.douyinpic.com/obj/tos-cn-i-dy/514577c6f48f449fa13d1ac061c06d18

85 KB
85 KB

228ms
228ms

Image
image/gif

163.181.66.233
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.douyinpic.com/obj/tos-cn-i-dy/514577c6f48f449fa13d1ac061c06d18
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H2
Server: 163.181.66.233 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / ImageX
Resource Hash: 7ee1ca0e727021580e2bf39fc1e84af4c4f5f89e4d3d50c90fdc153a3ee9e39e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:13:40 GMT
via: n204-099-037, cache15.l2ot7-1[0,0,206-0,H], cache19.l2ot7-1[1,0], cache19.l2ot7-1[2,0], cache10.us17[0,0,200-0,H], cache10.us17[3,0]
x-response-lb: image
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
age: 347813
nw-session-id: 202212072113400102020921563CB3FD80fxp9r03dy
x-powered-by: ImageX
x-swift-cachetime: 31436422
x-cache: HIT TCP_HIT dirn:12:535815292
x-bdcdn-cache-status: TCP_MISS
server-timing: cdn-cache;desc=HIT,edge;dur=3
x-swift-savetime: Thu, 08 Dec 2022 16:53:18 GMT
x-length: 86795
content-length: 86795
last-modified: Wed, 07 Dec 2022 13:13:40 GMT
server: Tengine
x-tt-logid: 202212072113400102020921563CB3FD80
x-response-date: Wed, 07 Dec 2022 21:13:40 GMT
ali-swift-global-savetime: 1670418820
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2022-12-07T21:13:40.170206398+08:00 32
cache-control: max-age=31536000
x-request-ip: fdbd:dc01:21:307::156
x-response-cinfo: 5.181.234.132
imagex-fmt: gif2gif
x-response-cache: edge_hit
timing-allow-origin: *, *
x-tt-trace-host: 01a2682f6eed469f3ec8ccb6cd6edea9e13ee129209bbc44cd6855966c0e6222923bc5f68f99cffd7d02e083c336754d35e39d1e40aa0e6e9429a1dea5eb2224894b037a7e655f165c3f29713f33994a0003321abce5fb73134c34004501ee537a
eagleid: a3b5429e16707666339221506e

Redirect headers

location: https://p3.douyinpic.com/obj/tos-cn-i-dy/514577c6f48f449fa13d1ac061c06d18
cache-control: max-age=3600
referrer-policy: no-referrer

GET
H/1.1 200
OK ad57239e363d4a2f96c2e91f27d2aefb.gif
bob5379.com/ Frame 3543 118 KB
118 KB 1703ms
67ms Image
image/gif 103.170.15.74
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bob5379.com/ad57239e363d4a2f96c2e91f27d2aefb.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xtb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.74 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: f21b17add2b5dc734217cfa6c6c2a2d277e17ca9f939cc0af2cadef672cbc68f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Thu, 08 Dec 2022 18:00:52 GMT
Last-Modified: Wed, 29 Jun 2022 10:22:11 GMT
Server: nginx
ETag: "62bc27d3-1d869"
X-Cache: HIT from yd11_13-cdn-g01-la2-04
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 120937

GET
H2 200 200200.gif
taiwtp1.com/img/ Frame 3543 73 KB
74 KB 1529ms
1085ms Image
image/gif 220.128.218.220
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://taiwtp1.com/img/200200.gif

Requested by

Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xtb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

220.128.218.220 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

220-128-218-220.hinet-ip.hinet.net

Software

nginx /

Resource Hash

0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:47:57 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
server: nginx
etag: "6228323e-125fb"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 75259
expires: Tue, 10 Jan 2023 13:47:57 GMT

GET
H3 200 zbcpa2.png
tk.learning8808.com/images/ Frame 3543 158 KB
158 KB 681ms
573ms Image
image/png 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/zbcpa2.png
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xtb.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca5ada5bab699078f3ecdb2a2b569bcef9b8b34f6773d2197c0658a55fad5d25

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1164982
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 161572
last-modified: Wed, 27 Apr 2022 12:03:23 GMT
server: cloudflare
etag: "6269310b-27724"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCXiCc4bgCSlYJRKuIyRyRBW%2B9JSpoPz7xpNR4TY9WKBLpCJd4p9OwvpfiaUwvLf84bksviu%2B3D5mvpuCRVFt56v4QjS6klWpIM8WedNffZbCVrJhEhDqdl16%2FDj%2FMMr9q4Ruq%2BGtsjXbAC8JftolwSw"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 777eb0945d6dc46b-EWR
expires: Wed, 28 Dec 2022 02:14:09 GMT

GET
H/1.1 200
OK 200x200.gif
701.oss-cn-hongkong.aliyuncs.com/gg/ Frame 3543 292 KB
292 KB 631ms
214ms Image
image/gif 47.75.19.251
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://701.oss-cn-hongkong.aliyuncs.com/gg/200x200.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xtb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.19.251 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: d41138a2f786edf66c084dc7465925fe47e70690d04c7264eeea9af1f34714e5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Sun, 11 Dec 2022 13:50:31 GMT
x-oss-request-id: 6395E02723C054313428D4C4
Last-Modified: Tue, 21 Jun 2022 08:13:56 GMT
Server: AliyunOSS
Content-MD5: nDumakHJn/7gFAWoN2EMyg==
ETag: "9C3BA66A41C99FFEE01405A837610CCA"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 8250722550151430017
Content-Length: 298536
x-oss-server-time: 2

GET
H3 200 xt12.gif
tk.learning8808.com/images/ Frame 3543 732 KB
733 KB 613ms
505ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt12.gif
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea0a19f999b329c2bfbf1d2147109c6ddd90ad772d209b86229f0412324b0d47

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1483227
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 749706
last-modified: Wed, 27 Apr 2022 12:03:08 GMT
server: cloudflare
etag: "626930fc-b708a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=akX6nmJ2RsJ5AEdPSTxdpEqHa8zGMudIQY96%2BQuwGAHRJpTprgETMZ%2FUk8K55IwDoyoc7U8L5BguGCDG7AUWeCvWM6A4h6WAPaw6SPjIivvsLSYgIC8zrvMzFXBcBjIYQl%2B%2Fycmtdjb8gPBm0UPg7kJP"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 777eb0945d6cc46b-EWR
expires: Sat, 24 Dec 2022 09:50:04 GMT

GET
H3 200 xt10.gif
tk.learning8808.com/images/ Frame 3543 609 KB
610 KB 311ms
203ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt10.gif
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9dfe27cd3c4cfd68f0deb55a593bcac7f77494883c5dc7dbe6f1301e150ab9d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 300301
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 623748
last-modified: Wed, 27 Apr 2022 12:03:04 GMT
server: cloudflare
etag: "626930f8-98484"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I6fPSUZj6pATmy8azptDDlUEAe0DJsRjbxds6AMlWdCm6JbOeqRxWzwVJU674NspaQ2l%2FPVEZRKjqUjBjELgDVB6Cy3owGrdXkKxn52d0oSj8QpJ2bZS2n1XyJdogP5o3F3zK%2F6DvqZyFhSBb%2ByH9q7G"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 777eb0945d6ac46b-EWR
expires: Sat, 07 Jan 2023 02:25:30 GMT

GET
H2 200 69a77fdc94014ce6a6a1c95eafa17df7.gif
vcawmm.com/ Frame 175C 5 KB
6 KB 2219ms
374ms Image
image/gif 45.61.212.173
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcawmm.com/69a77fdc94014ce6a6a1c95eafa17df7.gif
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.173 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: f79805b07dd476b307facd24cd474fff1007d5241bc3a4aaba3f9bb2a63a5273

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 20:39:31 GMT
last-modified: Tue, 04 Oct 2022 13:45:29 GMT
server: nginx
etag: "633c38f9-1519"
x-cache: HIT from cloud-us5-cdnb-13
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 5401

GET
H2 200 a16bc2eba9394ff7a8d1fd21227d4ad0.png
u0082.com/ Frame 175C 32 KB
32 KB 1194ms
616ms Image
image/png 20.210.115.126
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u0082.com/a16bc2eba9394ff7a8d1fd21227d4ad0.png
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.210.115.126 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: 3a04d95ac386a81d422f3d04a11047536497843ef43a21858d5ee09ca99974c1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:31 GMT
content-encoding: gzip
last-modified: Wed, 05 Oct 2022 08:35:07 GMT
server: WAF/2.4-12.1
etag: W/"633d41bb-80a4"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/png

GET
H2

200

f67b410855efed07dc1783436baaa5f7.gif
kvkppp.top/ Frame 175C
Redirect Chain

https://kveii.com/f67b410855efed07dc1783436baaa5f7.gif
https://kvkppp.top/f67b410855efed07dc1783436baaa5f7.gif

28 KB
29 KB

145ms
94ms

Image
image/gif

2606:4700:3035::ac43:a70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kvkppp.top/f67b410855efed07dc1783436baaa5f7.gif
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H2
Server: 2606:4700:3035::ac43:a70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e3924fe2017f9c46663dba4707736be8be378ed41e761587eb7513ae69ab1dc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1552581
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29082
last-modified: Mon, 11 Apr 2022 15:08:57 GMT
server: cloudflare
etag: "62544489-719a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j129Gw8anWwawoD5VznFR97U%2FwoYO1hCaP%2FLAALkmGclOt4dV1LiBvZiIH%2BYhtIhkylxgyBADCl7Gp50PuvzrFfwNBlKB5eX7zrEgoXkKV%2BK3yixHW58tqiqX%2ByHIQU3%2FLHjzI3cORoE"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 777eb09afc349e02-EWR
expires: Fri, 23 Dec 2022 14:34:11 GMT

Redirect headers

location: https://kvkppp.top/f67b410855efed07dc1783436baaa5f7.gif
date: Sun, 11 Dec 2022 13:50:31 GMT
strict-transport-security: max-age=31536000
server: nginx
content-length: 162
content-type: text/html

GET
H2

200

514577c6f48f449fa13d1ac061c06d18
p3.douyinpic.com/obj/tos-cn-i-dy/ Frame 175C
Redirect Chain

https://img.1134555.com/images/639186453ec05fc4952c55e1.gif
https://p3.douyinpic.com/obj/tos-cn-i-dy/514577c6f48f449fa13d1ac061c06d18

85 KB
85 KB

199ms
198ms

Image
image/gif

163.181.66.233
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.douyinpic.com/obj/tos-cn-i-dy/514577c6f48f449fa13d1ac061c06d18
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H2
Server: 163.181.66.233 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / ImageX
Resource Hash: 7ee1ca0e727021580e2bf39fc1e84af4c4f5f89e4d3d50c90fdc153a3ee9e39e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:13:40 GMT
via: n204-099-037, cache15.l2ot7-1[0,0,206-0,H], cache35.l2ot7-1[1,0], cache35.l2ot7-1[1,0], cache20.us17[0,0,200-0,H], cache10.us17[2,0]
x-response-lb: image
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
age: 347813
nw-session-id: 202212072113400102020921563CB3FD80fxp9r03dy
x-powered-by: ImageX
x-swift-cachetime: 31535357
x-cache: HIT TCP_MEM_HIT dirn:12:402500195
x-bdcdn-cache-status: TCP_MISS
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-swift-savetime: Wed, 07 Dec 2022 13:24:23 GMT
x-length: 86795
content-length: 86795
last-modified: Wed, 07 Dec 2022 13:13:40 GMT
server: Tengine
x-tt-logid: 202212072113400102020921563CB3FD80
x-response-date: Wed, 07 Dec 2022 21:13:40 GMT
ali-swift-global-savetime: 1670418820
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2022-12-07T21:13:40.170206398+08:00 32
cache-control: max-age=31536000
x-request-ip: fdbd:dc01:21:307::156
x-response-cinfo: 5.181.234.132
imagex-fmt: gif2gif
x-response-cache: edge_hit
timing-allow-origin: *, *
x-tt-trace-host: 01a2682f6eed469f3ec8ccb6cd6edea9e13ee129209bbc44cd6855966c0e6222923bc5f68f99cffd7d02e083c336754d35e39d1e40aa0e6e9429a1dea5eb2224894b037a7e655f165c3f29713f33994a0003321abce5fb73134c34004501ee537a
eagleid: a3b5429e16707666339221504e

Redirect headers

location: https://p3.douyinpic.com/obj/tos-cn-i-dy/514577c6f48f449fa13d1ac061c06d18
cache-control: max-age=3600
referrer-policy: no-referrer

GET
H/1.1 200
OK ad57239e363d4a2f96c2e91f27d2aefb.gif
bob5379.com/ Frame 175C 118 KB
118 KB 1795ms
65ms Image
image/gif 103.170.15.74
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bob5379.com/ad57239e363d4a2f96c2e91f27d2aefb.gif
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.74 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: f21b17add2b5dc734217cfa6c6c2a2d277e17ca9f939cc0af2cadef672cbc68f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Thu, 08 Dec 2022 18:00:52 GMT
Last-Modified: Wed, 29 Jun 2022 10:22:11 GMT
Server: nginx
ETag: "62bc27d3-1d869"
X-Cache: HIT from yd11_13-cdn-g01-la2-04
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 120937

GET
H2 200 200200.gif
taiwtp1.com/img/ Frame 175C 73 KB
74 KB 1142ms
604ms Image
image/gif 220.128.218.220
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://taiwtp1.com/img/200200.gif

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

220.128.218.220 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

220-128-218-220.hinet-ip.hinet.net

Software

nginx /

Resource Hash

0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:47:57 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
server: nginx
etag: "6228323e-125fb"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 75259
expires: Tue, 10 Jan 2023 13:47:57 GMT

GET
H2 200 zbcpa2.png
tk.learning8808.com/images/ Frame 175C 158 KB
158 KB 80ms
73ms Image
image/png 2606:4700:3030::6815:12ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/zbcpa2.png
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:12ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca5ada5bab699078f3ecdb2a2b569bcef9b8b34f6773d2197c0658a55fad5d25

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1374370
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 161572
last-modified: Wed, 27 Apr 2022 12:03:23 GMT
server: cloudflare
etag: "6269310b-27724"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cix4AmLrEJPlH7AbhXC9dHgMp7bPAcFFm6gg%2Fl0EdUtfBh3R2osyW1NoWAvPyioa9GSQTglg5xTeYIiTz085pWpNh%2BJw9X91XYggcWCIpMpykiTwGqKa5f2thsrr1vXQo6ICKE7ALXFzK9bRKoPUtchu"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 777eb0931e09334e-EWR
expires: Sun, 25 Dec 2022 16:04:20 GMT

GET
H/1.1 200
OK 200x200.gif
701.oss-cn-hongkong.aliyuncs.com/gg/ Frame 175C 292 KB
292 KB 1075ms
564ms Image
image/gif 47.75.19.251
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://701.oss-cn-hongkong.aliyuncs.com/gg/200x200.gif
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.19.251 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: d41138a2f786edf66c084dc7465925fe47e70690d04c7264eeea9af1f34714e5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Sun, 11 Dec 2022 13:50:31 GMT
x-oss-request-id: 6395E0279DB5783533D6E9EE
Last-Modified: Tue, 21 Jun 2022 08:13:56 GMT
Server: AliyunOSS
Content-MD5: nDumakHJn/7gFAWoN2EMyg==
ETag: "9C3BA66A41C99FFEE01405A837610CCA"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 8250722550151430017
Content-Length: 298536
x-oss-server-time: 1

GET
H2 200 xt12.gif
tk.learning8808.com/images/ Frame 175C 732 KB
733 KB 87ms
79ms Image
image/gif 2606:4700:3030::6815:12ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt12.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/250.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:12ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea0a19f999b329c2bfbf1d2147109c6ddd90ad772d209b86229f0412324b0d47

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1764989
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 749706
last-modified: Wed, 27 Apr 2022 12:03:08 GMT
server: cloudflare
etag: "626930fc-b708a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2e7M7uQgu5m%2B2WdWnp0GKEOyl25GUA24rvj9TJx2zK5%2F5QU%2BxorPtxIHS33uszqGR9W2A8Xa7au4xAVxL2BXuAWJSFkvt58Xi1ltIVwQyMgkyI3yrPuQEvvewUB86fL24Dcf83M7JAZ0%2FmZwuIrzC2SO"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 777eb0931e08334e-EWR
expires: Wed, 21 Dec 2022 03:34:01 GMT

GET
H2 200 xt10.gif
tk.learning8808.com/images/ Frame 175C 609 KB
610 KB 87ms
78ms Image
image/gif 2606:4700:3030::6815:12ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt10.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/250.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:12ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9dfe27cd3c4cfd68f0deb55a593bcac7f77494883c5dc7dbe6f1301e150ab9d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1514141
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 623748
last-modified: Wed, 27 Apr 2022 12:03:04 GMT
server: cloudflare
etag: "626930f8-98484"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cKnGoNrJROVHYu4EisiH5EPB50VvHYtyXe52uT9w38aK5jpV7e1NjUBQ3kb4GnmSU2%2FMCt2Lt8O1MsiWEOoNATVspBpLSin%2BUmHYOxNd7A4LyQNkN%2FV8VdivMaLhUR73Ar2Q23bXaDeylk50%2B652BbrC"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 777eb0931e07334e-EWR
expires: Sat, 24 Dec 2022 01:14:49 GMT

GET
H3 200 xt1.gif
tk.learning8808.com/images/ Frame 3543 433 KB
434 KB 700ms
592ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt1.gif
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c01d665a1abb0e10e3ac90119e3674db0363a112da7f8322c12bbafbe0bd88dc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 766781
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 443705
last-modified: Wed, 27 Apr 2022 12:03:03 GMT
server: cloudflare
etag: "626930f7-6c539"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cpDzrl%2BFJNi7Gv80cEILVGNoswAgubDnHdNSFIP5OrmGL5wjkH7HgYpbPyCSlmATLXNxmZa06Hc9MztFkuy%2B5va1r3dMsqBnugF7SBtTejzrfxf%2FOKtF6ad%2FLmhgueHID71tSTFgzIY757FfOk5J5GDv"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 777eb0945d6fc46b-EWR
expires: Sun, 01 Jan 2023 16:50:50 GMT

GET
H3 200 xt2.gif
tk.learning8808.com/images/ Frame 3543 368 KB
368 KB 167ms
59ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt2.gif
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c0afb20158289f63a2b8a9d57502a932cbaabb4b255babeacac3bf0a6534d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 985395
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 376694
last-modified: Wed, 27 Apr 2022 12:03:09 GMT
server: cloudflare
etag: "626930fd-5bf76"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TsCy4MVsdEBbzu2iQA7v0mUQ%2Fr29OT8s%2B9qNhEH2lS0uubJ9EEewck1GBqgHBzqDykbVbHRPixHa7O0HFPJL%2FlswUlbCByeK3IYocSwU27SkB6JgqsH5DVIEV3%2Bvoa5oNWtkPq9y5hpC3RdxUliS8OFn"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 777eb0945d69c46b-EWR
expires: Fri, 30 Dec 2022 04:07:16 GMT

GET
H3 200 video-play.png
klx14.zhgmjglh88k.com/template/m1938pc/images/ Frame 175C 2 KB
2 KB 135ms
58ms Image
image/png 2606:4700:3033::ac43:99b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://klx14.zhgmjglh88k.com/template/m1938pc/images/video-play.png
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/template/m1938pc/css/zui.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:99b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/template/m1938pc/css/zui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1657351
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1567
last-modified: Sun, 19 Dec 2021 02:38:52 GMT
server: cloudflare
etag: "61be9b3c-61f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H40I1c8gOYsungUMCEamgbVK86HXS%2BUxtXTZkXQDdL%2FqAbkNBrzb8ZJCcpybL1wbDOcQ9bsdb%2FoXP%2BFS6uU4VsNgK3yz%2FHVAoCSPHQfcSEHjqfhHEF4S%2FppTFgSVi1yTyG1y5svVMTRTBWGmTVqGeQOvKug%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 777eb092e811c466-EWR
expires: Thu, 22 Dec 2022 09:27:59 GMT

GET
H3 200 video-play.png
klx14.zhgmjglh88k.com/template/m1938pc/images/ Frame 3543 2 KB
2 KB 54ms
42ms Image
image/png 2606:4700:3033::ac43:99b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://klx14.zhgmjglh88k.com/template/m1938pc/images/video-play.png
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/template/m1938pc/css/zui.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:99b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/template/m1938pc/css/zui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1657351
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1567
last-modified: Sun, 19 Dec 2021 02:38:52 GMT
server: cloudflare
etag: "61be9b3c-61f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BCSj7sabBHBQimJBVsWzQLAhwaEQZHXM9DOyHdYlbKPH%2FhTo0JZxWW8kKZvYtGubRZDBBsuDCUdB%2BgW9YQeHJ7CNr5gFH79aKjIrYZky%2FsxMenvYbIqTNukV65A%2FWJxFn3csxADpRQmAWbcTcJAI%2BfUTkc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 777eb0931867c466-EWR
expires: Thu, 22 Dec 2022 09:27:59 GMT

GET
H3 200 xt1.gif
tk.learning8808.com/images/ Frame 175C 433 KB
434 KB 80ms
34ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt1.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/251.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c01d665a1abb0e10e3ac90119e3674db0363a112da7f8322c12bbafbe0bd88dc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 766781
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 443705
last-modified: Wed, 27 Apr 2022 12:03:03 GMT
server: cloudflare
etag: "626930f7-6c539"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QfukZI2JoSO2pF5gAU2AYVihBpY7mDqtqrYynOD%2B3LvbZXajkE1%2FFMyWLW777PgGmWt3KWF4Z6oVvLddBZpNFzObxazTXCSFGK2684rLju7RO5auxqpbNNtQOrGY9igf8MHjoraYL86FJiPSha0QafHj"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 777eb0945d70c46b-EWR
expires: Sun, 01 Jan 2023 16:50:50 GMT

GET
H3 200 xt2.gif
tk.learning8808.com/images/ Frame 175C 368 KB
368 KB 736ms
690ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt2.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/251.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c0afb20158289f63a2b8a9d57502a932cbaabb4b255babeacac3bf0a6534d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 985395
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 376694
last-modified: Wed, 27 Apr 2022 12:03:09 GMT
server: cloudflare
etag: "626930fd-5bf76"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UhSd5zcETJUpwsrUZn9IE4vQK7yjPblZ4pIxjFg26DRdwtmnaRPD4VCMaxwT%2FKZnINfxD89WCEoo1Ao%2FpAqzxvkz42KiPyJySorQQzRpKw9KTCXgpxbolPGR80MGG7UUDyxYIVZdowafcnLAyqQUk92U"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 777eb0945d71c46b-EWR
expires: Fri, 30 Dec 2022 04:07:16 GMT

GET
H3 200 xt3.gif
tk.learning8808.com/images/ Frame 3543 189 KB
189 KB 757ms
721ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt3.gif
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac04d049696b8e58a9d9ccc2c2e90f480ad925f796df8ddb5a87f10250bc39e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1604834
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 193237
last-modified: Wed, 27 Apr 2022 12:03:11 GMT
server: cloudflare
etag: "626930ff-2f2d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IBGmOmI8hdz%2FKIk0czhNGKAo4F%2F9yJSJnmdatnysrre7k0mKedGP4NA5ZrLmQjGWtrtK9xg%2F%2BgX%2FJxJAkbh5jsnsor%2BkkeXmCEKftJZWe%2Fc56aQpfET7J%2B2oO9N3totyyE35UFSABqz0RQDWdcVygWfz"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 777eb0945d72c46b-EWR
expires: Fri, 23 Dec 2022 00:03:17 GMT

GET
H3 200 xt5.gif
tk.learning8808.com/images/ Frame 3543 2 MB
2 MB 773ms
737ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt5.gif
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ce2e990e0e3d34b9c049d12bdd691163c668d93a1fcfc52c91336a227b3dc94

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1483225
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1693315
last-modified: Wed, 27 Apr 2022 12:03:15 GMT
server: cloudflare
etag: "62693103-19d683"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eoSgm%2FEKekFruTft5PypJ4Qf7Nh3tp3WIC9wm6arShGhgafwL%2FNazsITU4tOFfgAsz6%2FNQw5BCztt%2BsUsA7iBRw%2B8AAVCwkb1c7FHd%2BCs3INB3l%2Bg2aOZqZH%2BbzqJOJFqpB61EorBc2ea67p7TvVb2Cn"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 777eb0946d77c46b-EWR
expires: Sat, 24 Dec 2022 09:50:06 GMT

GET
H3 200 xt6.gif
tk.learning8808.com/images/ Frame 3543 2 MB
2 MB 1035ms
999ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt6.gif
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a6920701b78e0d28ab0d1bc646ccb7a82f93eaf66399a435b55788356d594eb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1030071
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2168710
last-modified: Wed, 27 Apr 2022 12:03:17 GMT
server: cloudflare
etag: "62693105-211786"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQDXy1eEU5o1O1lK4%2BYDbIiiihp3dGFTWinKot8PsloHf8OEz46Q1y7hyEFOcset%2BH4e2OA2TFgtiTwZQIBuPFqhy66dbIIr%2BFuTQG50H9Fnr1WjBKRGfSqjHjGhGzoTlbXl%2Fz077g3JzNsNbAW895Pz"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 777eb0946d78c46b-EWR
expires: Thu, 29 Dec 2022 15:42:40 GMT

GET
H3 200 xt7.gif
tk.learning8808.com/images/ Frame 3543 263 KB
263 KB 1341ms
1306ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt7.gif
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59c730a313db642dd842aad1586e7d3a29dabe14be7404a1cd0a0d25138e669c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 300301
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 269177
last-modified: Wed, 27 Apr 2022 12:03:19 GMT
server: cloudflare
etag: "62693107-41b79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5n%2F8V8aP%2ButfO%2FsQsEjm9eHyJU1PLxjHGS8z1zzApYuD99KX7CANoHMHiOah9tu8K%2FGmtMG3%2BxMCSAN6ZhTAN3DjuvCqScnVjWF1dEhxIhUEQMzADYAo9ZIvAOmioiFfJGhkVsMNGe5QCqUo9lUXVhSo"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 777eb0946d79c46b-EWR
expires: Sat, 07 Jan 2023 02:25:30 GMT

GET
H3 200 xt3.gif
tk.learning8808.com/images/ Frame 175C 189 KB
189 KB 1216ms
1210ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt3.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/252.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac04d049696b8e58a9d9ccc2c2e90f480ad925f796df8ddb5a87f10250bc39e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1604834
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 193237
last-modified: Wed, 27 Apr 2022 12:03:11 GMT
server: cloudflare
etag: "626930ff-2f2d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fdz6F2ZGzFuFm8czLAqqMtj82UzGGwdNjSdgOa9LIXpoJWc%2FCPv5%2BXKuAZa91Y9WB21aXc3YnSYXyD406E6FFoBJtBF3AMKAPhKGADB%2BBKnaQ0ooGiXBE0OXysrdIUnLKGZTdvEAHfmczuLLjWYwhNJY"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 777eb0951e71c46b-EWR
expires: Fri, 23 Dec 2022 00:03:17 GMT

GET
H3 200 xt5.gif
tk.learning8808.com/images/ Frame 175C 2 MB
2 MB 1227ms
1222ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt5.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/252.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ce2e990e0e3d34b9c049d12bdd691163c668d93a1fcfc52c91336a227b3dc94

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1483225
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1693315
last-modified: Wed, 27 Apr 2022 12:03:15 GMT
server: cloudflare
etag: "62693103-19d683"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uExTWxX8TojCVMnyuJGwogkPgTlGOd%2BuPr2ccquU%2Bri%2B061JDVuhwRaWCY609FRe%2BMMK%2BfrvjLWla04fUgTTXHNbkfQNwwVDpZK0uzn1FjJnjIUUoM5gsNxSI%2BjiAmUmwNXOs5HQmgqGevuHORCWJCX%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 777eb0951e73c46b-EWR
expires: Sat, 24 Dec 2022 09:50:06 GMT

GET
H3 200 xt6.gif
tk.learning8808.com/images/ Frame 175C 2 MB
2 MB 1324ms
1319ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt6.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/253.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a6920701b78e0d28ab0d1bc646ccb7a82f93eaf66399a435b55788356d594eb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1030071
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2168710
last-modified: Wed, 27 Apr 2022 12:03:17 GMT
server: cloudflare
etag: "62693105-211786"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7Q6kjEHy%2FHs39uHlHWy69e70CpBSpLFlgngfW8W5LEv2jQGKt5ADXDAEBVrQSMdGPGXMb0OU6ea9pzzNRUIqUZMLE5Tpbb03jBCDIExUb8Jfoor2Nr9y6UuPqcQXktJpSoXgiuffLaPXxjWAYJWMGXs"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 777eb0951e74c46b-EWR
expires: Thu, 29 Dec 2022 15:42:40 GMT

GET
H3 200 xt7.gif
tk.learning8808.com/images/ Frame 175C 263 KB
263 KB 1446ms
1442ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt7.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/253.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59c730a313db642dd842aad1586e7d3a29dabe14be7404a1cd0a0d25138e669c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 300301
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 269177
last-modified: Wed, 27 Apr 2022 12:03:19 GMT
server: cloudflare
etag: "62693107-41b79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJCKtl4ue2JfD82WAMr1Rml3b4frnAqJ4%2BRJBeLMZameuPiBD1qP3IFwyIQ4Usi68tuROisp4P2FW02DLJVxKnspYwrBstaiBEOh8qXvJTej9v22RkTF4PWznLQGCjvbe2SeY%2Fmioj4UCWo18EJqQHp1"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 777eb0951e75c46b-EWR
expires: Sat, 07 Jan 2023 02:25:30 GMT

GET
H3 200 xt11.gif
tk.learning8808.com/images/ Frame 3543 2 MB
2 MB 1463ms
1460ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt11.gif
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c64028fba849ecf81cae46173194457736017f36066493ba9241fc6717bb7ab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 985394
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1639812
last-modified: Wed, 27 Apr 2022 12:03:06 GMT
server: cloudflare
etag: "626930fa-190584"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4vXqvRZBOckItL4k7OgKEs9Z3%2F%2BEGGt%2BY95NNjvKafEfAalIJop8YXdpDi6gkGRBZN49XA0vscvG0yrxoV1rYSdxok%2B2f4h%2F9vi9lY6CX7U6ZegLv8KSiq1KWei0LyMLoIXDPwFjmGpirUHaV%2FdqKQrk"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 777eb0951e77c46b-EWR
expires: Fri, 30 Dec 2022 04:07:17 GMT

GET
H3 200 xt9.gif
tk.learning8808.com/images/ Frame 3543 322 KB
322 KB 1561ms
1557ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt9.gif
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd96321466d68dddabbc45cf7d72821ab7801de184f638a382b6a6681fba949d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1483224
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 329331
last-modified: Wed, 27 Apr 2022 12:03:21 GMT
server: cloudflare
etag: "62693109-50673"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oMC6UwMepZRtH9bSJ2NKMSuyVT8p6n0JiHywqBHN%2FanbzArzL%2BNcWD89jgObIwxYo%2BolwOWLmy8uaFgyMFKtpIw5XeEY5pe0i0F3DS7eFGKORnyqYS3%2FIrNqXpezbSYia81SFswVyqeHzJscDF0FcJrt"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 777eb0951e7ac46b-EWR
expires: Sat, 24 Dec 2022 09:50:07 GMT

GET
H3 200 xt11.gif
tk.learning8808.com/images/ Frame 175C 2 MB
2 MB 1270ms
1237ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt11.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/254.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c64028fba849ecf81cae46173194457736017f36066493ba9241fc6717bb7ab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 985394
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1639812
last-modified: Wed, 27 Apr 2022 12:03:06 GMT
server: cloudflare
etag: "626930fa-190584"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DefTzXbjNPgvRULsb1PJvjfO%2F9A5Ia4U19sZnGyDu1dPWwrBfVYU5%2BDM12P1u89j1uieGlOLZB6n6LninwqAY%2Fv4uaSd%2Bn7a1tAhM31cxAaj9esmW7%2BOBNucYeYrZ8oN%2Ft%2BqUjf61m8sUTCUU%2Fx%2FoBv5"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 777eb0974973c46b-EWR
expires: Fri, 30 Dec 2022 04:07:17 GMT

GET
H3 200 xt9.gif
tk.learning8808.com/images/ Frame 175C 322 KB
322 KB 1363ms
1330ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt9.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/254.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd96321466d68dddabbc45cf7d72821ab7801de184f638a382b6a6681fba949d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1483224
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 329331
last-modified: Wed, 27 Apr 2022 12:03:21 GMT
server: cloudflare
etag: "62693109-50673"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SVxmLu8XMHwX2%2F0vX7tXCJUo8xu1rTTU%2FRQlggZ%2BtrtFXbpsx50K%2FAHvAOivGVhFJ4uJpoqVEJO%2Fh30a%2BMMdIkNOLIqdGu6OPfHQOINUS6M2dxN63mXhAxsVG6nTd20SnXzX4E67BfHSPYxnYW79kIzD"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 777eb0974979c46b-EWR
expires: Sat, 24 Dec 2022 09:50:07 GMT

GET
H3

200

80425b77b9bd0cff2005378bab6643ed.gif
kvhfff.top/ Frame 175C
Redirect Chain

https://kzeii.com/80425b77b9bd0cff2005378bab6643ed.gif
https://kvhfff.top/80425b77b9bd0cff2005378bab6643ed.gif

1 MB
1 MB

98ms
78ms

Image
image/gif

2606:4700:3032::6815:40cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kvhfff.top/80425b77b9bd0cff2005378bab6643ed.gif
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H3
Server: 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be2b36a7353b79c2578b4ac0704ae20bb8441147fc2810b88e01dd156a52d66b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 13:50:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 140954
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1217913
last-modified: Mon, 10 Oct 2022 13:23:30 GMT
server: cloudflare
etag: "63441cd2-129579"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kssnOl%2BP61XvL7LSWPcDx1tPyIppbf1%2FO3dcid1DoQKtQbO%2BgwXD0SxOuZBdcX0FpNhkeYeBy0z6pf4rSmbIBy%2BJx0JIQYqn6Qw5hj0jLLwk0xRqqfKJhybotrZhIVPJqUP3eKIHynDN"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 777eb09b8bc8f021-EWR
expires: Sun, 08 Jan 2023 22:41:18 GMT

Redirect headers

location: https://kvhfff.top/80425b77b9bd0cff2005378bab6643ed.gif
date: Sun, 11 Dec 2022 13:50:31 GMT
strict-transport-security: max-age=31536000
server: nginx
content-length: 162
content-type: text/html

GET
H/1.1 200
OK 1825aadc7435489f87c5b35903b8d679.gif
585227ybn.com/ Frame 175C 137 KB
138 KB 1685ms
389ms Image
image/gif 103.170.15.104
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://585227ybn.com/1825aadc7435489f87c5b35903b8d679.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.104 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: 3be630a28e559a5dd07a2e9e3bf8280a8e20dda60eda7dce947fad9716e2eba8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 22 Nov 2022 06:45:13 GMT
Last-Modified: Thu, 17 Nov 2022 13:33:08 GMT
Server: nginx
ETag: "63763814-225a8"
X-Cache: HIT from yd11_13-cdn-g01-la2-34
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 140712

GET
H2

200

ad2d666c37d44b36a34ec71a68548c4a
p3.douyinpic.com/obj/tos-cn-i-dy/ Frame 175C
Redirect Chain

https://img.1193555.com/images/638df30ccaa2bdc0a4c47cf7.gif
https://p3.douyinpic.com/obj/tos-cn-i-dy/ad2d666c37d44b36a34ec71a68548c4a

1 MB
1 MB

578ms
321ms

Image
image/gif

163.181.66.233
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.douyinpic.com/obj/tos-cn-i-dy/ad2d666c37d44b36a34ec71a68548c4a
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: H2
Server: 163.181.66.233 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / ImageX
Resource Hash: 2b4509b14a9b5debf2727a84af3d90979816e07c1f4fe0e92f65b8a42e9753c0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 12:20:23 GMT
via: n204-100-030, cache24.l2ot7-1[0,0,206-0,H], cache38.l2ot7-1[1,0], cache38.l2ot7-1[1,0], cache10.us17[0,0,200-0,H], cache10.us17[5,0]
x-response-lb: image
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
age: 523808
nw-session-id: 2022120519424301014203313923B8B4CEv9hg702dy
x-powered-by: ImageX
x-swift-cachetime: 31354259
x-cache: HIT TCP_MEM_HIT dirn:12:286836738 mlen:0
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache;desc=HIT,edge;dur=5
x-swift-savetime: Wed, 07 Dec 2022 14:49:25 GMT
x-length: 1445080
content-length: 1445080
last-modified: Mon, 05 Dec 2022 11:42:44 GMT
server: Tengine
x-tt-logid: 2022120519424301014203313923B8B4CE
x-response-date: Mon, 05 Dec 2022 19:42:44 GMT
ali-swift-global-savetime: 1670242824
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2022-12-05T19:42:44.033365338+08:00 55
cache-control: max-age=31536000
x-request-ip: fdbd:dc01:25:80::214
x-response-cinfo: 5.181.234.132
imagex-fmt: gif2gif
x-response-cache: edge_hit
timing-allow-origin: *, *
x-tt-trace-host: 01ea64f99fa80c9ebda0e492987eb4d117ea2dcd7a3861d2cfba542e5eb5da55029e7f5ee131c1aa55e05e4996a702928595f1eb82ae77f93cf61bc72a9dfb66ac2b2cd37fdaf8dbd89daeb0c923a5dc89da5c7a90a7d1d0685593b261b37352a3
eagleid: a3b5429e16707666329128040e

Redirect headers

location: https://p3.douyinpic.com/obj/tos-cn-i-dy/ad2d666c37d44b36a34ec71a68548c4a
cache-control: max-age=3600
referrer-policy: no-referrer

GET index.gif
178880.vip/ Frame 175C 0
0

GET
H/1.1 200 go1
ia.51.la/ Frame 175C 0
215 B 1166ms
298ms Image
text/plain 103.143.19.103
CHINANET-HEBEI-SH...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ia.51.la/go1?id=21278765&rt=1670766631869&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1670766631869&tt=lubiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx14.zhgmjglh88k.com%252F&pu=http%253A%252F%252Fwww.jimshella.com%252F
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 103.143.19.103 , China, ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 13:50:32 GMT
Server: CloudWAF
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ Frame 175C 29 KB
11 KB 3101ms
3028ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?1138ebd140b7eb3f7d7147d4a8915456

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

f202c7feba3b85147176363841983d3474f4536cb0cbf5d4eb4cae988f742466

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 13:50:32 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: dc98be65171a113d83cc7ae9cbbdee3c
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11253

GET
H/1.1 200 go1
ia.51.la/ Frame 3543 0
215 B 1247ms
288ms Image
text/plain 103.143.19.103
CHINANET-HEBEI-SH...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ia.51.la/go1?id=21278765&rt=1670766632080&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1670766632080&tt=lubiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx14.zhgmjglh88k.com%252F&pu=http%253A%252F%252Fwww.jimshella.com%252F
Requested by: Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 103.143.19.103 , China, ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 13:50:33 GMT
Server: CloudWAF
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 702ms
288ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=309376352&si=b612079d928e97fce7171ee79868a9fe&v=1.3.0&lv=1&sn=17342&r=0&ww=1600&u=http%3A%2F%2Fwww.jimshella.com%2Findex.php&tt=%E9%B9%A4%E5%A3%81%E6%92%91%E6%8E%A8%E8%A3%85%E9%A5%B0%E5%B7%A5%E7%A8%8B%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

Requested by

Host: www.jimshella.com
URL: http://www.jimshella.com/index.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.jimshella.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Dec 2022 13:50:32 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ Frame 3543 29 KB
11 KB 738ms
302ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?1138ebd140b7eb3f7d7147d4a8915456

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

f202c7feba3b85147176363841983d3474f4536cb0cbf5d4eb4cae988f742466

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 13:50:32 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: dc98be65171a113d83cc7ae9cbbdee3c
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11253

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ Frame 3543 43 B
299 B 317ms
317ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1526706045&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.jimshella.com%2F&v=1.3.0&lv=1&sn=17344&r=0&ww=1600&u=https%3A%2F%2Fklx14.zhgmjglh88k.com%2F&tt=lubiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Dec 2022 13:50:34 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ Frame 175C 43 B
299 B 324ms
323ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&lt=1670766634&rnd=2125053715&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.jimshella.com%2F&v=1.3.0&lv=2&sn=17345&r=0&ww=1600&u=https%3A%2F%2Fklx14.zhgmjglh88k.com%2F&tt=lubiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91

Requested by

Host: klx14.zhgmjglh88k.com
URL: https://klx14.zhgmjglh88k.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://klx14.zhgmjglh88k.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Dec 2022 13:50:35 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: js.users.51.la
URL: https://js.users.51.la/21406885.js

Domain: 178880.vip
URL: https://178880.vip/index.gif

Domain: 178880.vip
URL: https://178880.vip/index.gif

Domain: 178880.vip
URL: https://178880.vip/index.gif

Domain: vcawmm.com
URL: https://vcawmm.com/69a77fdc94014ce6a6a1c95eafa17df7.gif

Domain: u0082.com
URL: https://u0082.com/a16bc2eba9394ff7a8d1fd21227d4ad0.png

Domain: kveii.com
URL: https://kveii.com/f67b410855efed07dc1783436baaa5f7.gif

Domain: img.1134555.com
URL: https://img.1134555.com/images/639186453ec05fc4952c55e1.gif

Domain: bob5379.com
URL: https://bob5379.com/ad57239e363d4a2f96c2e91f27d2aefb.gif

Domain: taiwtp1.com
URL: https://taiwtp1.com/img/200200.gif

Domain: tk.learning8808.com
URL: https://tk.learning8808.com/images/zbcpa2.png

Domain: 701.oss-cn-hongkong.aliyuncs.com
URL: https://701.oss-cn-hongkong.aliyuncs.com/gg/200x200.gif

Domain: 178880.vip
URL: https://178880.vip/index.gif

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.jimshella.com/	1970-01-20 08:06:07	Name: Cookies_KL Value: 1
.hm.baidu.com/	1970-01-20 17:42:06	Name: HMACCOUNT_BFESS Value: 4A658370BA2F7792
.www.jimshella.com/	1970-01-20 16:51:42	Name: Hm_lvt_b612079d928e97fce7171ee79868a9fe Value: 1670766632
.www.jimshella.com/	1969-12-31 23:59:59	Name: Hm_lpvt_b612079d928e97fce7171ee79868a9fe Value: 1670766632

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://www.jimshella.com/tj.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/21406885.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.jimshella.com/tj.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/21406885.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	warning	URL: https://klx14.zhgmjglh88k.com/ Message: Mixed Content: The page at 'https://klx14.zhgmjglh88k.com/' was loaded over HTTPS, but requested an insecure element 'http://178880.vip/index.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://klx14.zhgmjglh88k.com/ Message: Mixed Content: The page at 'https://klx14.zhgmjglh88k.com/' was loaded over HTTPS, but requested an insecure element 'http://178880.vip/index.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://klx14.zhgmjglh88k.com/ Message: Mixed Content: The page at 'https://klx14.zhgmjglh88k.com/' was loaded over HTTPS, but requested an insecure element 'http://178880.vip/index.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://klx14.zhgmjglh88k.com/ Message: Mixed Content: The page at 'https://klx14.zhgmjglh88k.com/' was loaded over HTTPS, but requested an insecure element 'http://178880.vip/index.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://klx14.zhgmjglh88k.com/ Message: Mixed Content: The page at 'https://klx14.zhgmjglh88k.com/' was loaded over HTTPS, but requested an insecure element 'http://178880.vip/index.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://klx14.zhgmjglh88k.com/ Message: Mixed Content: The page at 'https://klx14.zhgmjglh88k.com/' was loaded over HTTPS, but requested an insecure element 'http://178880.vip/index.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

178880.vip
585227ybn.com
701.oss-cn-hongkong.aliyuncs.com
bob5379.com
hm.baidu.com
ia.51.la
img.1134555.com
img.1193555.com
jimshella.com
js.users.51.la
klx14.zhgmjglh88k.com
kveii.com
kvhfff.top
kvkppp.top
kzeii.com
lb.learning8809.com
p3.douyinpic.com
sb.learning8808.com
taiwtp1.com
tk.learning8808.com
u0082.com
vcawmm.com
www.gg123456789gg.com
www.jimshella.com
178880.vip
701.oss-cn-hongkong.aliyuncs.com
bob5379.com
img.1134555.com
js.users.51.la
kveii.com
taiwtp1.com
tk.learning8808.com
u0082.com
vcawmm.com
103.143.19.103
103.170.15.104
103.170.15.74
103.235.46.191
136.0.141.5
163.181.66.233
166.88.147.42
185.239.226.87
20.210.115.126
209.73.159.133
220.128.218.220
2606:4700:3030::6815:12ae
2606:4700:3030::ac43:b6cf
2606:4700:3032::6815:40cc
2606:4700:3033::ac43:99b4
2606:4700:3035::6815:5699
2606:4700:3035::ac43:a70b
45.154.215.92
45.61.212.173
47.75.19.251
64.32.13.142
02ffc05b43e07d8552bbfda7a37a41f98c09756bf98a1a179df2192ef0b2a71b
04175fb5c6bd228ea43e01e9dd3b4cc9102ba738a4d99e8b5ca59b1c3c3dc644
0bb4ec00d22758bd6f9960202619821782a2c88ebd0997582582b00f015642fb
0c0afb20158289f63a2b8a9d57502a932cbaabb4b255babeacac3bf0a6534d80
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
11487e254e251d6e076f182cdfd459547425db242256a61e855c509330cab352
1308118139c5a6ee361785472b2be0a1136d79f71ccab16b7f463f65cf2aa769
14ebb4f3440e36c34181e159003eb7856c751989b354429b6bee7f2e4e4f7689
15e1e408f6fa3fc51fca18bfaf49430e9d400eaa0597d6ac749c206521280e85
1b80fa0672efee3f0b38d6dc3059463a44da056f4ea8c771155de75d12476fca
1c64028fba849ecf81cae46173194457736017f36066493ba9241fc6717bb7ab
1e1f6e83aa7f6f4cfbf4eeda0310f5e633136dafbaac5bea17b9dcbc70a9c272
1e7a84758ba9f9d265ed5f408fa2d978ecbc754ac09613e96addf13da3b91e63
1e836f129ab861fb7e1688c45374b1336d11af9ff3f3121e41f78d7a24c3f398
26096de7e679e8be59dabd4290f5b0587afd5457984f41818b54a64fa1c25969
2a2faf511f109124170caa32b1d239f2b052d77c729288cc56a213d171c52b64
2b4509b14a9b5debf2727a84af3d90979816e07c1f4fe0e92f65b8a42e9753c0
2b5c904ef5811220bcf42cfea7e394ab5b2e7c78b978774efccc7deb2ba5febc
2d4e320f6ad0f360a7301d8b2b0e04fd2a3d3e76403ad389c79dd2d179764688
2fde54ef46ec943a5192856e8172ee97e622e174664fc35e73c303a92b35fe7b
3442accca34618dbc2de8a274eb3a9b99e53fae4ecba7f0956e0c6f1527b837b
3547fd92b42ab4ed227bc18d691a65f4c6fe6f7cd4bf33c5d771698ca08df471
35742e874e60b23deec883cd5179e7c350f334fde1f07e5f9f2c1a1a7f2f18f6
3648fcc8b72fd9e290c9eb7337bff687ead4e2e1ca682e4dfc54d06d7211233b
3732b63e0c4536a7319342e8b4f88c06e8eab5d08dbb995d0b9a1f65dbfd487b
377df2ecbae39c09c9f1b3b1c1fcc5ee24d117037c634c3e0b0f08b6ba730438
385ace7701f1372da6741105a4657a1c7987ce3a5a699f472dc86b5dcc0dcd03
3a04d95ac386a81d422f3d04a11047536497843ef43a21858d5ee09ca99974c1
3a96a779e3988f36dd9027cbd20f7ee482cd8452f4d4314d7df5a3dde3a9229c
3b9fe18cd6b61db8204b6200d359f5aaaba482641a9e0e787cbe8e04c59f585a
3be630a28e559a5dd07a2e9e3bf8280a8e20dda60eda7dce947fad9716e2eba8
41dcfcb7e81e8f7217408cc728f389f5e6356d47c4455cff68e774597c008cc7
42e8d36fb30655599571c960e1315ace728f21a3da7bd50183063d2659471859
45d84033ec3422ec7b090c251f810b567f497b3fa5548c4344820e5b0a67d680
4638e1b3d37bcc0f7541ffd91879dc9f6bd069cdd76675562b6038a020925af9
474d7a6baca6a2ad09282edaa3c8dbbb74cda5d46062abdfc4c4c6d35d7c34ba
4b8dce9166eb1173bcdc21832036e5aeb48d3ef007ea24f182adc2511c4855c2
5565f81db170d81799ef3af49c3de085a90ea310c3854387330f78dc25585f81
5604d1f1cb49908df6895860cd972e3125c00fd42a023e7ddbda050726f6c592
5747091c57f26ff3d371214647adc55b8a442485e46ffed057069d8b601c7d67
58b6b48cce0b67dc9d56e9caf98b63d7ce07158fe9f25c9d1a8bbc237ccb6af1
59c730a313db642dd842aad1586e7d3a29dabe14be7404a1cd0a0d25138e669c
61ce547f1cde11ac967bdf53baa7dfd0cad762b399f2d8a39ca72496aa4b4d1a
6223ea653b3ccdc2d5f9567a16a7225332905919ea00edde3fecc09aa0ba5461
63b0dd5e9390517f2d764dfe1f40ad60da877770263870c844f6b80cbbbc8186
6ce2e990e0e3d34b9c049d12bdd691163c668d93a1fcfc52c91336a227b3dc94
6e2c8ed251e3b6d33a4eb6dd045fe274c518eeec8d9466b44cb0921a91ea583b
745f629ed4edc73378f4c7eb2d8cc205b32206d545e7e3568c873f7de9dba9dc
79b70dd58b4295aeda1d68082ad1e0badb5c8d187f591fe139f80a7682540d9a
79bf2ea3fe68d6c2fb3725346611944a113f0f183b67e1db67f45639df6d63f2
7ee1ca0e727021580e2bf39fc1e84af4c4f5f89e4d3d50c90fdc153a3ee9e39e
852eb38ab2bc82f7ec323e9f4e2880636ecff95ba25f901d6a42360b570a82c1
8a6920701b78e0d28ab0d1bc646ccb7a82f93eaf66399a435b55788356d594eb
8aa2da22dedb5ab042730ff210346e241e58ea83a23639430b24fa8db18622b9
8b8658e2c506db441848435c08f2c834cf70c3edb1fde80e3d3e62d9c4932402
943c39ed555b9aaf89c96d595b852458ae13cda8fa6a2b345f83202918f69205
95add14ccb4e022cf7194a6b5da42ab3e38bf171796f45a6d68733c6465dece9
99b519340a4ecf9d55fd3059ebec1066bfddec57e72f7d121a24e4ab7bd468c4
99b5c580c671e71cd95df9b9eccb22782706b2ce5ac255fc1566cdc18798faa2
9e3924fe2017f9c46663dba4707736be8be378ed41e761587eb7513ae69ab1dc
a80288b7878b7dc270ca0126330939ee7429ff75ec9d6cf82f5e6e52d2ea9694
a9189a3a524e8d0369e25ee5fe11e37f9730f4bf1860f33d082959ebece8a9aa
a9dfe27cd3c4cfd68f0deb55a593bcac7f77494883c5dc7dbe6f1301e150ab9d
a9fc4f222f397cf8b9b5fd24d7be3de9ea64e1952bfc53bd46c30d81f1889c0f
b016d08b5926768cbb1dd91adc16a0f0302bd1d3b1fcbfbe4dd30f66cfe0a9eb
b1b4e88052704527f126e5c5a2624bbeaec69a3761c83aa420365c64ab48c3e3
b260b43c9735e20c48498649e4a0c3c353d55d39b3c1648d990c14774afb4586
b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d
bd96321466d68dddabbc45cf7d72821ab7801de184f638a382b6a6681fba949d
be2b36a7353b79c2578b4ac0704ae20bb8441147fc2810b88e01dd156a52d66b
bee2126898d8046588a39436dcef69d981f7b29686326fd0edd0603604fd693e
c01d665a1abb0e10e3ac90119e3674db0363a112da7f8322c12bbafbe0bd88dc
c10afccbf2eb99bc0f8f0b121ceaa6393f99ee707ec81d7b00d7ff7cb499c0c1
c40e7c053c50bdd57d7dcede7e5049f67195f5c4e569073e718a327c54dda333
c4f43b7341f0bcca2a7e009e93c970140b9e3bd8585856e8a82627a0ec8cd423
c75432ef6553397d43707b9a1de5acc84ad70871ae1af2bc6309f7aa8d315dc7
ca5ada5bab699078f3ecdb2a2b569bcef9b8b34f6773d2197c0658a55fad5d25
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
cdfb2de5f6f91daedd33297cec6933443c83c8fdaab3dd95a5a2000bdaf4ee86
ce09e142aa35b61e878ec3f11231663342934b06b6615f5b3a1840868cf5828e
cf449169a76ce2d0701a05c05e2b4eeedd2260191a0e4afda511978bd9fdac99
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e0c99b75ac4215fc4a11276ce779711b880f4776ea9fce53f3427abe422f69
d41138a2f786edf66c084dc7465925fe47e70690d04c7264eeea9af1f34714e5
d50dd127af29572aa9720129f686699380d9c9f5fbec76825e9883efc83489f2
d653222e02b0dfb70d11368109bcb69e8d2a1ec0c0d7831d947375b772df96c7
dac04d049696b8e58a9d9ccc2c2e90f480ad925f796df8ddb5a87f10250bc39e
dd35300aa551a9b7ac4c3a748dc75b6c26c725a16aed34414adfeee9d8703348
e26bde04b5854abcfdc4d274cea7025074837cdb82bcc87dd0e77c0c8a5e67c4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7388077486f760cc4b1ac6a8d84e7ba716cc74ffccd8b58bdce081a11994348
e8557a5dfa86a99f5bb186107289009db210a147790b8769897579706cdff2d0
ea0a19f999b329c2bfbf1d2147109c6ddd90ad772d209b86229f0412324b0d47
f13a6a82767d52a14dc1249f7bc42458b90de17faad1250bb84de08854d821ec
f202c7feba3b85147176363841983d3474f4536cb0cbf5d4eb4cae988f742466
f21b17add2b5dc734217cfa6c6c2a2d277e17ca9f939cc0af2cadef672cbc68f
f79805b07dd476b307facd24cd474fff1007d5241bc3a4aaba3f9bb2a63a5273
fc784915465b7915f274420a524f74751ed2eeb44b286b9773c8052016e2c267
fd0da0caa449d5f09b77a48f8eacc692fd62e0c5311c84975e592ee84cc7d102

www.jimshella.com Open in urlscan Pro 166.88.147.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

216 Requests

86 %HTTPS

29 %IPv6

21 Domains

24 Subdomains

19 IPs

5 Countries

30709 kBTransfer

31085 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

216 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.jimshella.com Open in urlscan Pro
166.88.147.42 Public Scan

Screenshot
Live screenshot

Full Image

216
Requests

86 %
HTTPS

29 %
IPv6

21
Domains

24
Subdomains

19
IPs

5
Countries

30709 kB
Transfer

31085 kB
Size

4
Cookies

216 HTTP transactions
0 data transactions