URL: http://amtta.xyz/
Submission: On August 27 via api from BD — Scanned from DE

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 71 HTTP transactions. The main IP is 104.233.142.144, located in Hacienda Heights, United States and belongs to PEGTECHINC, US. The main domain is amtta.xyz.
This is the only time amtta.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
25 104.233.142.144 54600 (PEGTECHINC)
3 108.171.249.205 40676 (AS40676)
30 2606:4700:20:... 13335 (CLOUDFLAR...)
5 52.223.7.154 16509 (AMAZON-02)
1 47.253.50.2 45102 (ALIBABA-C...)
2 16.163.165.53 16509 (AMAZON-02)
1 103.143.19.103 134760 (CHINANET-...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
71 9
Apex Domain
Subdomains
Transfer
30 tutu.finance
tk.tutu.finance
6 MB
25 amtta.xyz
amtta.xyz
4 MB
5 amtkfile.com
www.amtkfile.com
913 KB
3 tuku678.com
www.tuku678.com
593 KB
2 2020kj.com
zhibo.2020kj.com — Cisco Umbrella Rank: 915102
17 KB
2 51.la
sdk.51.la — Cisco Umbrella Rank: 65086
collect-v6.51.la — Cisco Umbrella Rank: 63430
13 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 615
32 KB
0 cdztkc.com Failed
tk2.cdztkc.com Failed
0 11121113.com Failed
11121113.com Failed
71 9
Domain Requested by
30 tk.tutu.finance amtta.xyz
25 amtta.xyz amtta.xyz
5 www.amtkfile.com amtta.xyz
3 www.tuku678.com amtta.xyz
2 zhibo.2020kj.com amtta.xyz
code.jquery.com
1 code.jquery.com zhibo.2020kj.com
1 collect-v6.51.la sdk.51.la
1 sdk.51.la amtta.xyz
0 tk2.cdztkc.com Failed amtta.xyz
0 11121113.com Failed amtta.xyz
71 10

This site contains links to these domains. Also see Links.

Domain
www.3amtt.xyz
582226.com
582229.com
135558.com
Subject Issuer Validity Valid
tuku678.com
Sectigo RSA Domain Validation Secure Server CA
2021-09-07 -
2022-09-07
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-05-06 -
2023-05-06
a year crt.sh
amtkfile.com
Amazon
2022-06-17 -
2023-07-16
a year crt.sh
*.sjkj.com
ZeroSSL RSA Domain Secure Site CA
2022-08-16 -
2022-11-14
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh

This page contains 2 frames:

Primary Page: http://amtta.xyz/
Frame ID: 5C45CA926A956942D1E1842554EF654B
Requests: 68 HTTP requests in this frame

Frame: https://zhibo.2020kj.com:777/2020kj.html
Frame ID: 5ED1800BCC26F230B87280FFB2C61971
Requests: 6 HTTP requests in this frame

Screenshot

Page Title

澳门头条

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

71
Requests

58 %
HTTPS

25 %
IPv6

9
Domains

10
Subdomains

9
IPs

4
Countries

11208 kB
Transfer

11432 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

71 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
amtta.xyz/
71 KB
13 KB
Document
General
Full URL
http://amtta.xyz/
Protocol
HTTP/1.1
Server
104.233.142.144 Hacienda Heights, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / PHP/5.2.17 ASP.NET
Resource Hash
c0476a80b721b0dec87b4a6779984645a3598bce527121ce902655a29ce3c8c6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding
gzip
Content-Length
12631
Content-Type
text/html; charset=gb2312
Date
Sat, 27 Aug 2022 08:49:24 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
Microsoft-IIS/8.5
Vary
Accept-Encoding
X-Powered-By
PHP/5.2.17 ASP.NET
style.css
amtta.xyz/style/
20 KB
5 KB
Stylesheet
General
Full URL
http://amtta.xyz/style/style.css
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
HTTP/1.1
Server
104.233.142.144 Hacienda Heights, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
699f8d5f6bca1ad8154c2e9c4729de5c210d0e7fa8e9d724fd69de690d5a312d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 08:49:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Jul 2022 12:32:19 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"804b6fe9b4a1d81:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
4997
media.css
amtta.xyz/style/
1 KB
775 B
Stylesheet
General
Full URL
http://amtta.xyz/style/media.css
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
HTTP/1.1
Server
104.233.142.144 Hacienda Heights, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c3570d048dd297c058670212d6d2786d447cbbf76302d082613edb57b3a1b16e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 08:49:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Jul 2022 12:32:19 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"f959ede9b4a1d81:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
482
jquery-1.6.1.min.js
amtta.xyz/js/
89 KB
32 KB
Script
General
Full URL
http://amtta.xyz/js/jquery-1.6.1.min.js
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
HTTP/1.1
Server
104.233.142.144 Hacienda Heights, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
642f9f0350e821af2dab25b9cba356e024c218e6937585cd11e676c2a33daabc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 08:49:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Jul 2022 12:32:19 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"804b6fe9b4a1d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
32072
mgess.js
amtta.xyz/js/
5 KB
2 KB
Script
General
Full URL
http://amtta.xyz/js/mgess.js
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
HTTP/1.1
Server
104.233.142.144 Hacienda Heights, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d2cc0913b5811da1c46c5dd96c9636d48d1f0489e82deb61eb9eb64b0ee82321

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 08:49:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Jul 2022 12:32:19 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"804b6fe9b4a1d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1262
respond.js
amtta.xyz/js/
9 KB
3 KB
Script
General
Full URL
http://amtta.xyz/js/respond.js
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
HTTP/1.1
Server
104.233.142.144 Hacienda Heights, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e817975ec8ac62bed97dbd584a9f96fcb87c905e76cf75de4ceb2effc6d47242

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 08:49:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Jul 2022 12:32:19 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"804b6fe9b4a1d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
2959
999.jpg
amtta.xyz/images/
54 KB
54 KB
Image
General
Full URL
http://amtta.xyz/images/999.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
HTTP/1.1
Server
104.233.142.144 Hacienda Heights, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ce5ce59a13d75d9d44dc2ebd12cfb6697f6053838ea4be8727e9c3ca4d281640

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 08:49:25 GMT
Last-Modified
Fri, 05 Aug 2022 12:41:12 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"65c85ba5c8a8d81:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
55244
navico1.png
amtta.xyz/images/
9 KB
9 KB
Image
General
Full URL
http://amtta.xyz/images/navico1.png
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
HTTP/1.1
Server
104.233.142.144 Hacienda Heights, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
3fca505120ed64ec30cf41191e176d5ae7112bf3e4198c9afe9a49967c60f950

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 08:49:25 GMT
Last-Modified
Wed, 27 Jul 2022 12:32:19 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"f770ace9b4a1d81:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
8728
navico2.png
amtta.xyz/images/
11 KB
11 KB
Image
General
Full URL
http://amtta.xyz/images/navico2.png
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
HTTP/1.1
Server
104.233.142.144 Hacienda Heights, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4e58361d4cd4e2e4c8f5c0f62d88b88d7358643ae08893665a145cb8d2629131

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 08:49:25 GMT
Last-Modified
Wed, 27 Jul 2022 12:32:19 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"c4d3aee9b4a1d81:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
11031
navico3.png
amtta.xyz/images/
8 KB
8 KB
Image
General
Full URL
http://amtta.xyz/images/navico3.png
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
HTTP/1.1
Server
104.233.142.144 Hacienda Heights, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a57e06e2a6a100e939493ed714c4b88e15d7ecd05b2e3f41f8bc4c8c1df14500

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 08:49:25 GMT
Last-Modified
Wed, 27 Jul 2022 12:32:19 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"c4d3aee9b4a1d81:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
8387
navico4.png
amtta.xyz/images/
12 KB
12 KB
Image
General
Full URL
http://amtta.xyz/images/navico4.png
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
HTTP/1.1
Server
104.233.142.144 Hacienda Heights, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ef6ab331ae591d5d5a08b33d23db1eca26efdf3c9a72ca6d63b762f93ed423a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 08:49:25 GMT
Last-Modified
Wed, 27 Jul 2022 12:32:19 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"c4d3aee9b4a1d81:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
11933
navico5.png
amtta.xyz/images/
11 KB
11 KB
Image
General
Full URL
http://amtta.xyz/images/navico5.png
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
HTTP/1.1
Server
104.233.142.144 Hacienda Heights, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
16b2984c535bc67b491c5230dd037a83b653d5e14a4ddb50331ca56ac7542392

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 08:49:25 GMT
Last-Modified
Wed, 27 Jul 2022 12:32:19 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"2536b1e9b4a1d81:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
11385
navico6.png
amtta.xyz/images/
20 KB
20 KB
Image
General
Full URL
http://amtta.xyz/images/navico6.png
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
HTTP/1.1
Server
104.233.142.144 Hacienda Heights, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
760777278b302e76dec86877f7157c8c0614ff6a59145b5afd8fc9b73074cbb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 08:49:25 GMT
Last-Modified
Wed, 27 Jul 2022 12:32:19 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"2536b1e9b4a1d81:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
20249
ao.png
amtta.xyz/tu/
155 KB
155 KB
Image
General
Full URL
http://amtta.xyz/tu/ao.png
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
HTTP/1.1
Server
104.233.142.144 Hacienda Heights, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
53c750e3f34d3ecde7cbe96a414e328da08e92d33c2df9d385cf8cf8b4aa67e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 08:49:25 GMT
Last-Modified
Wed, 27 Jul 2022 12:32:19 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"60e3f6e9b4a1d81:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
158414
123123.gif
amtta.xyz/images/
2 KB
2 KB
Image
General
Full URL
http://amtta.xyz/images/123123.gif
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
HTTP/1.1
Server
104.233.142.144 Hacienda Heights, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
9be846c18af51a3afe4ae5926237234faa293785eac585f4122eb8c8e1ddebac

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 08:49:25 GMT
Last-Modified
Wed, 27 Jul 2022 12:32:19 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"c25f7ae9b4a1d81:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
2109
sz.gif
amtta.xyz/images/
2 KB
2 KB
Image
General
Full URL
http://amtta.xyz/images/sz.gif
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
HTTP/1.1
Server
104.233.142.144 Hacienda Heights, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
69dc0ebabf27e7de29e5a9fba60301fa0e4c088f1224e24a8074159297f48b76

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 08:49:25 GMT
Last-Modified
Wed, 27 Jul 2022 12:32:19 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"97dc9e9b4a1d81:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
1652
gst.png
amtta.xyz/images/
137 KB
137 KB
Image
General
Full URL
http://amtta.xyz/images/gst.png
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
HTTP/1.1
Server
104.233.142.144 Hacienda Heights, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ca667e3783c94c03b6d52b8ff793ab3a083973a951f298d5b5da6176ecb12300

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 08:49:25 GMT
Last-Modified
Fri, 05 Aug 2022 12:41:12 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"e16faa4c8a8d81:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
139915
239.jpg
amtta.xyz/tu/pt/
206 KB
206 KB
Image
General
Full URL
http://amtta.xyz/tu/pt/239.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
HTTP/1.1
Server
104.233.142.144 Hacienda Heights, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
753d99b88637220bea6d172d533c3c6cb7744f1552e2da33d14dc79eab605f34

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 08:49:25 GMT
Last-Modified
Fri, 26 Aug 2022 14:02:02 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"5bae996a54b9d81:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
210526
238.jpg
amtta.xyz/tu/pt/
211 KB
212 KB
Image
General
Full URL
http://amtta.xyz/tu/pt/238.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
HTTP/1.1
Server
104.233.142.144 Hacienda Heights, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
6b75c1dc00e979838165176e47081b2ec3fe8a2aa95586dc5cff899495dd05b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 08:49:26 GMT
Last-Modified
Thu, 25 Aug 2022 13:59:16 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"6207add8ab8d81:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
216356
237.jpg
amtta.xyz/tu/pt/
213 KB
213 KB
Image
General
Full URL
http://amtta.xyz/tu/pt/237.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
HTTP/1.1
Server
104.233.142.144 Hacienda Heights, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0b52f11cb0595f914ddc47976421d8ea83a57df6407c1684ccec4daeadc6d6bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 08:49:26 GMT
Last-Modified
Wed, 24 Aug 2022 13:53:13 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"b76848dac0b7d81:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
218089
fenlixian.gif
11121113.com/tu/
0
0

114103.jpg
www.tuku678.com/tkdata/amtuku/col/239/
138 KB
138 KB
Image
General
Full URL
https://www.tuku678.com/tkdata/amtuku/col/239/114103.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
108.171.249.205 , United States, ASN40676 (AS40676, US),
Reverse DNS
unassigned.psychz.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2f1c2565b53ca4fd621cbfcd4d09aef51c839c7ba6fd687031500546e2b4439a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 08:47:03 GMT
Last-Modified
Sat, 27 Aug 2022 05:09:52 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"1a173dd3b9d81:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
140936
impb.jpg
www.tuku678.com/tkdata/amtuku/col/239/
111 KB
112 KB
Image
General
Full URL
https://www.tuku678.com/tkdata/amtuku/col/239/impb.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
108.171.249.205 , United States, ASN40676 (AS40676, US),
Reverse DNS
unassigned.psychz.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
64f1398f15bff5ada3e079453197ffe457573ab44488e9501206cdde87c59500

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 08:47:03 GMT
Last-Modified
Sat, 27 Aug 2022 05:23:39 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"3089f2ad5b9d81:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
114165
fhtjt.jpg
www.tuku678.com/tkdata/amtuku/col/239/
343 KB
343 KB
Image
General
Full URL
https://www.tuku678.com/tkdata/amtuku/col/239/fhtjt.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
108.171.249.205 , United States, ASN40676 (AS40676, US),
Reverse DNS
unassigned.psychz.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
984d67122380ad08838deebb990833f111e4276e6ebc2ce4b7928d721a79ae0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 08:47:03 GMT
Last-Modified
Sat, 27 Aug 2022 05:10:25 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"9177ae50d3b9d81:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
351218
tt38.jpg
tk.tutu.finance//aomen/2022/col/239/
164 KB
165 KB
Image
General
Full URL
https://tk.tutu.finance//aomen/2022/col/239/tt38.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:457b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d4a60fd74b29f0c4063608d127360c503c8bba520a65e904f1b406925b64dab8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:22 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
content-length
168358
last-modified
Fri, 26 Aug 2022 16:28:58 GMT
server
cloudflare
etag
"db4a0f168b9d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7rcrt%2F%2Fkp5OP70MMEHfSeEZ2U1nBFRW1uBAuqopyMgWCoRkOG2nrc55tXGDO4HELHCxzSOkq2pOUkoSmtOpvSFEyH30TXU%2Fv%2FcUy4D7tNhLms7GC2R%2BkcFPcu8phPJYUprYO3bBmjatDR0kJDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=7200
cf-polished
degrade=85, origSize=340245, status=webp_bigger
accept-ranges
bytes
cf-ray
74138daeb8e40f86-MXP
cf-bgj
imgq:85,h2pri
m41.jpg
tk.tutu.finance//aomen/2022//col/239/
936 KB
937 KB
Image
General
Full URL
https://tk.tutu.finance//aomen/2022//col/239/m41.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:457b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
117a4539568efdecb373cd8a1ea76678d2d2674c59591603e4ce5274f0f402f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:23 GMT
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Fri, 26 Aug 2022 14:02:59 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
"454acd8c54b9d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2FPbuQYJ8sglamlrWpQYyZavlN014QUj%2FcI2O8mk2QMZh3aOTvGYhfTEuLAylSasSPsZTDm8sYk1a81WC8jnkfdxZHtyAY%2BxFBcw5VKkJCF%2Fair7rUPXjd0chD2sFXqi1SmvBOX%2BJROr7XrJFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
74138daeb8e60f86-MXP
content-length
958375
114115.jpg
www.amtkfile.com/galleryfiles/system/big-pic/col/2022/239/
262 KB
263 KB
Image
General
Full URL
https://www.amtkfile.com/galleryfiles/system/big-pic/col/2022/239/114115.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.7.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa0c5864fd1ce4ee4.awsglobalaccelerator.com
Software
nginx/1.20.2 /
Resource Hash
57d456a0691375ad960c8b89abe208835232492f5a9ba1b0eac6ff3b69a272c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:22 GMT
last-modified
Fri, 26 Aug 2022 13:57:03 GMT
server
nginx/1.20.2
etag
"6308d12f-4189e"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
268446
expires
Sun, 28 Aug 2022 08:49:22 GMT
114101.jpg
www.amtkfile.com/galleryfiles/system/big-pic/col/2022/239/
212 KB
213 KB
Image
General
Full URL
https://www.amtkfile.com/galleryfiles/system/big-pic/col/2022/239/114101.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.7.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa0c5864fd1ce4ee4.awsglobalaccelerator.com
Software
nginx/1.20.2 /
Resource Hash
109cb810d00ecf1fff1ffe717025059c2d777111acd2890c14785b78f4561f79

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:22 GMT
last-modified
Fri, 26 Aug 2022 13:57:00 GMT
server
nginx/1.20.2
etag
"6308d12c-350e3"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
217315
expires
Sun, 28 Aug 2022 08:49:22 GMT
11496.jpg
www.amtkfile.com/galleryfiles/system/big-pic/col/2022/239/
120 KB
121 KB
Image
General
Full URL
https://www.amtkfile.com/galleryfiles/system/big-pic/col/2022/239/11496.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.7.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa0c5864fd1ce4ee4.awsglobalaccelerator.com
Software
nginx/1.20.2 /
Resource Hash
ebba3a40b243de6d5108f5f33eab9b5e4e28528938ffcdc6e136e079723d3f4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:22 GMT
last-modified
Fri, 26 Aug 2022 13:56:59 GMT
server
nginx/1.20.2
etag
"6308d12b-1e0b8"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
123064
expires
Sun, 28 Aug 2022 08:49:22 GMT
114114.jpg
www.amtkfile.com/galleryfiles/system/big-pic/col/2022/239/
154 KB
154 KB
Image
General
Full URL
https://www.amtkfile.com/galleryfiles/system/big-pic/col/2022/239/114114.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.7.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa0c5864fd1ce4ee4.awsglobalaccelerator.com
Software
nginx/1.20.2 /
Resource Hash
815c6af7299d45ed8c82e8b5f2f4a23f16a76f9477d58b1114d39bab2bcf8749

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:22 GMT
last-modified
Fri, 26 Aug 2022 13:57:02 GMT
server
nginx/1.20.2
etag
"6308d12e-267b1"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
157617
expires
Sun, 28 Aug 2022 08:49:22 GMT
114105.jpg
www.amtkfile.com/galleryfiles/system/big-pic/col/2022/239/
162 KB
163 KB
Image
General
Full URL
https://www.amtkfile.com/galleryfiles/system/big-pic/col/2022/239/114105.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.7.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa0c5864fd1ce4ee4.awsglobalaccelerator.com
Software
nginx/1.20.2 /
Resource Hash
818e79329569737f32ad198b589887ffd8042737b3dde77c63c4792d0e35f1f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:23 GMT
last-modified
Fri, 26 Aug 2022 13:57:00 GMT
server
nginx/1.20.2
etag
"6308d12c-28873"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
166003
expires
Sun, 28 Aug 2022 08:49:23 GMT
sbxxj.jpg
tk2.cdztkc.com/col/239/
0
0

mgxs.jpg
tk.tutu.finance/aomen/2022/col/239/
127 KB
127 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2022/col/239/mgxs.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:457b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
dbd2f7e40bcc792d6738b6024d295e6f1effc3de068d7cfe08149ca07b0389c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:24 GMT
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Sat, 27 Aug 2022 04:46:36 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
"e1686dfdcfb9d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rqz4ULaYewXMqoh3xJbodei7e8ls7BXZo84CnAA8ZtaIQOUBIkcwiU2FD%2BHfcNLx3G%2FaTcDjHFEEZArTrq6KjgBugN%2FRtQzw7%2F2kEWysaYxJaDlOCEuLCJpPwNlwnhyqFoS6EIo0vZtLTzs0%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
74138db7e9b50f86-MXP
content-length
130048
yct.jpg
tk.tutu.finance//aomen/2022/col/239/
240 KB
241 KB
Image
General
Full URL
https://tk.tutu.finance//aomen/2022/col/239/yct.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:457b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
49382853c920998741ffb58c10a986ae71bd01c9a01643181fd3085aaf941b32

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:24 GMT
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Fri, 26 Aug 2022 16:12:17 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
"9eadd9c66b9d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GuO781BqkLCW6J8YdB%2FiRDvy1mfkHzocXK%2F9yy7Xlcwlg98I%2BnBFadMDs65lc7eB1Fbs4ivv2E16hW7KTcBFLtBewiv%2F7UhtQ54Bv9JmN1xrZNM1gwQSOB567C0HgFVNivHjEeJdJzFcYYxiHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
74138db7e9b60f86-MXP
content-length
245870
m42.jpg
tk2.cdztkc.com/col/239/
0
0

alalx18m.jpg
tk.tutu.finance/aomen/2022/col/239/
96 KB
97 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2022/col/239/alalx18m.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:457b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8d20fbdbd4d1afa33d4159ace37d7c7ef05463b321cbd01378adf8c87f3638cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:25 GMT
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Fri, 26 Aug 2022 16:10:11 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
"bfc6985166b9d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYuDqq%2Fx1YNBTvHjHborIehYYnVtj7Gerz8BzeSPleL87OMADM84yZls9U7JfiRh%2FuVJ31UUfyilrCfWQhnqMKlM0AMT%2BX%2BwJ8992gVi7i2t5M9Z5nrJUOMFH8HZs%2Bz8VYnuQpc3UnRMpt5%2BAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
74138db829f80f86-MXP
content-length
98688
yylm.jpg
tk.tutu.finance/aomen/2022/col/239/
96 KB
97 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2022/col/239/yylm.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:457b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a06fa100a97ae14ef836835f4c351352f1278cec14bb97eb25c392f6a07cfaf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:23 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
content-length
98558
last-modified
Fri, 26 Aug 2022 16:12:20 GMT
server
cloudflare
etag
"3cbd19e66b9d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3ZUhzASJobYoANDMZMtXRtF8KdXm7iClh7XUZgfltHMRoSI76oMeaSOQk52CKVBT8q5ksBFdU%2B3%2BucfKc1xtZH3ztaVpu07KdpivFVgrXn37OF5iHH1cYuJZfVxZW8vF%2FrAuuv5hibG3cqc%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=7200
cf-polished
degrade=85, origSize=134415, status=webp_bigger
accept-ranges
bytes
cf-ray
74138db829fc0f86-MXP
cf-bgj
imgq:85,h2pri
hdjr.jpg
tk.tutu.finance/aomen/2022/col/239/
142 KB
142 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2022/col/239/hdjr.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:457b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
fd9ad908e4068ccedfee326a46ac1e35dd03f2af6ccf937f30ba8a5898d3ca2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:24 GMT
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Fri, 26 Aug 2022 16:11:05 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
"9894e87166b9d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WIhbIeKf4u3OG0riTVXjCLLohhrtOTxxRZT%2B3wahyFu06hzH9pAQ2Yn5q7VBfh0CwwG2e4YAKOXCavz4En7TMGqGM%2F4FPn9LrbjM7MUHtvZoUu56mnP9k09ODDRptS3%2BEhKled1LWYDnSrihzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
74138db829fd0f86-MXP
content-length
145071
qjzy.jpg
tk.tutu.finance/aomen/2022/col/239/
132 KB
132 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2022/col/239/qjzy.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:457b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
fbca7e3dd442f30f27e8b42944185214a343629fa6bde20e34c2e83c5584feb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:25 GMT
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Fri, 26 Aug 2022 16:11:42 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
"e8322b8866b9d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uqERE2gaV6OWWqH%2BqVQq0o5PiK5ZG0ZXk5gavrSjYhrgon2GJFpHjZawK378wtHXjaMN%2BLMfQf3gPI97Qhs33fh%2B5FmI4uOpDqcIoyGt8jZ9JeIY2tVIIUZuSX2EKsLHDgnzmF%2FukfQiDwh0ew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
74138db829fe0f86-MXP
content-length
134662
ampgt.jpg
tk.tutu.finance/aomen/2022/col/239/
259 KB
260 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2022/col/239/ampgt.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:457b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2d163843e069c11867d71abfca45ae1f7f03336a9f88420382f7540d829e55ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:23 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
content-disposition
inline; filename="ampgt.webp"
content-length
265094
last-modified
Fri, 26 Aug 2022 13:59:13 GMT
server
cloudflare
etag
"61fd0654b9d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6uM2qoaiVVFtaxY1r5ILGnlO%2FZDQQvvZQBcg3%2Fu6XORKXyDG4z%2BLdqFYI9kLioHAP4oAp79MZtHXofwrYIt26xu%2Bk7%2B%2BWlsoGZRYJ9lukMeiKr8irUjPeN0OhtpYv1fyoG5B3A7HGT%2F%2FnUo1Mw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=7200
cf-polished
qual=85, origFmt=jpeg, origSize=517581
accept-ranges
bytes
cf-ray
74138db82a000f86-MXP
cf-bgj
imgq:85,h2pri
lbpgt.jpg
tk.tutu.finance/aomen/2022/col/239/
110 KB
110 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2022/col/239/lbpgt.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:457b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
98377171e64fa084f0cb1811af92790758a28d747921f21fbab21cd8b4e37d15

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:23 GMT
vary
Accept-Encoding
cf-cache-status
REVALIDATED
last-modified
Fri, 26 Aug 2022 16:11:17 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
"2041b27866b9d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZAYijiEBCjB2zfpZEO6kHznf3Sm0LoAftIXevGH9ab5guI6U4H8JgB1f37s5cQkBzH4gBfsWb7knuznrRTDsdoqcJ5WMMkZAeS9lJ%2BJolXAKHu4UnaHhAaCJPysVRkWbIEoxUXUG6Vb1lnGclg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
74138db82a020f86-MXP
content-length
112184
lpgt.jpg
tk.tutu.finance/aomen/2022/col/239/
135 KB
136 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2022/col/239/lpgt.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:457b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1775c8b7c8152285a222d8adab9bcc11c5ebd0cb59a1889ea931cc856fb8b300

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:23 GMT
vary
Accept-Encoding
cf-cache-status
REVALIDATED
last-modified
Fri, 26 Aug 2022 16:11:24 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
"245b327d66b9d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2W6EYd1SSa1iH31rTKLRup9lcbq7jcvwbEof1Q%2F9ka6PELVpuX024yLpNN4URMx7dk2ffLb%2BRMJXAL%2BtDe0eCv2lBZd%2B3sCU9IEGnUIXvUypg9tyFOTulT89M1UV7fu131x7yUAtEipgcthGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
74138db82a050f86-MXP
content-length
138400
tm07.jpg
tk.tutu.finance/aomen/2022/col/239/
430 KB
431 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2022/col/239/tm07.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:457b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3a854609608f6ed4ab4e54ed8e0c4a6572f51b477061aebe2758bbebcda2a4ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:24 GMT
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Sat, 27 Aug 2022 04:45:33 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
"305bedd7cfb9d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EdO%2F%2FVMr0Pd6bzaFm5QA3Sbs0pEwe0L6j0jInRT%2FeN%2FOrnHTcqs8HIHMrhm38QApNrncnhCzYO3%2FbhSYFghTx7wdoJDTkjqpD5kPod46V%2F40eZm%2BSCuv2Bfvnk2ynEtcf%2B60B1e6VdIDNcfmdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
74138db82a060f86-MXP
content-length
440155
amgjp.jpg
tk.tutu.finance/aomen/2022/col/239/
129 KB
130 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2022/col/239/amgjp.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:457b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
233a5762dde7869a841e369df78049a9dc99731a167a46705363c4eb0be582bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:24 GMT
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Fri, 26 Aug 2022 16:10:19 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
"c4a605666b9d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cONJc6IQL%2FhIIsvQUDFVL9JLl8Bs0dCvYANXZpB%2FRVI%2Bqa%2B7XxCTtLP5z4%2FU%2FMarHRHGXDz5Ra7iKYLZOWpDLL%2FDlQ9nt%2Fr%2FqADjIkMZlFfi1ssyPy%2FJxI9KHQekjC15cxJqe8Qi3bYb%2FerdDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
74138db82a080f86-MXP
content-length
132050
zdsc25.jpg
tk.tutu.finance/aomen/2022/col/239/
115 KB
116 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2022/col/239/zdsc25.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:457b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a5b48397f3b76d7fbe7a9570d88d409d88bae57620ee30c90c7316616167d2ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:24 GMT
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Sat, 27 Aug 2022 04:45:43 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
"b886a0ddcfb9d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UIltjvSJkpEBJ2q7lMtpLMVUJNhbF2DeX6m7swieoHqTYTiLY18xLIqyQNx5%2FViDDVsLKlxd5pvCCKjvn6%2Bb99XLXeWBBhQ21kmXSoACAVY00BaDJW2O1rVhup1DKJONHUw5xO4O%2Fpa0Nxf23g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
74138db82a0a0f86-MXP
content-length
117836
amnrw.jpg
tk.tutu.finance/aomen/2022/col/239/
66 KB
66 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2022/col/239/amnrw.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:457b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f00eacbf969e325d18740d37de4705736617d56d5b031bbcdb3dcadbbd795b7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:24 GMT
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Fri, 26 Aug 2022 16:10:26 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
"2b67ae5a66b9d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2By47gS1xEv5dCp5DdRqz7F27KU3zCey2XErNIxmaJtjm%2Bx5j4oarjsxBa8TTTa58hJ8wojFV0YdROma9F2vcpS5Vb5K%2FgZOSeGhkvr3dU0UQ7d8fZQQmfLbpRzbSh1W7gb8Vy9pXqQaj0Kg6Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
74138db84a230f86-MXP
content-length
67588
nrw.jpg
tk.tutu.finance/aomen/2022/col/239/
512 KB
513 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2022/col/239/nrw.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:457b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
fbdd1f9a34d05926ef69403c2b4223dcde1a82a421d84b986279a320782dc5f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:25 GMT
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Fri, 26 Aug 2022 16:11:39 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
"83b9d58566b9d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tf%2BkRsUSmjnvSDxiBSFBoLX46wbAEhoc6eg3gaLOYVAORvK0FCZyhX6kBuNvS9%2B%2BREwFGBueDB8Dha9qzM7Mzhc5MrHho7P2%2F3pTpoD4CDPTyvpBNJv1HKfpsp7Jx6F2GjNpWR51MwX3ThlKhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
74138db84a250f86-MXP
content-length
524050
amcsb.jpg
tk.tutu.finance/aomen/2022/col/239/
223 KB
224 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2022/col/239/amcsb.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:457b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d686bfe5ae44169ccbad794f85082c7e80e2337fd5834923710b57d10eeb6f96

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:24 GMT
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Fri, 26 Aug 2022 16:10:14 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
"17fe7b5366b9d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZC9Y%2FiiubQrkpuy0rQB55IDHzDLpFxkzU2CmXgT%2FrejiDwC%2Bpb0Fjpl9c0yTj25Pwxgf3DOZ3hv9Vh0aCDmhuifDBVqXhKjaGHc6X9WPfb2VDfEYyV7ZSMjjVD3ta5RR5xIo7YTFykrs09hHpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
74138db84a260f86-MXP
content-length
228481
ammhb.jpg
tk.tutu.finance/aomen/2022/col/239/
187 KB
188 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2022/col/239/ammhb.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:457b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b0952df589849e62340e9f5c9ba4e6fb6e1e30e5c8344f32c0dedc6de25c521a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:24 GMT
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Fri, 26 Aug 2022 16:10:23 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
"38a7f35866b9d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0RRXaxVe3NG3JlOrKnmIv%2FXZXVQ0hr%2Bf8p9zM3VYJZ2Pt9rV4KYirKkQTS1jxVCooVOTcMimnu8aFuUIPJEti9Mdx61fYT1rZtMLiVrPTm9TP2LY5uD6AaikDxL7OvVpZo%2BW%2F6vU0CvgTXm4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
74138db84a280f86-MXP
content-length
191624
yjzy.jpg
tk.tutu.finance/aomen/2022/col/239/
124 KB
124 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2022/col/239/yjzy.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:457b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e17a4a21e7f2d326798fff910990476722745e16fd3b1a809dffa3c40f87ff04

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:24 GMT
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Fri, 26 Aug 2022 16:12:17 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
"cec289d66b9d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ItuL2V9C8KOckQrhCJ9IT6wrtAdUHHPwrn5ZPsrGxK8k%2B2qpmGyuVSyEFdoc3ssFdOtABkTQr%2FhMI%2BhDOx8ku2K2WiipkB10b8IN3IalIo4GnI%2Buyd4hRiC6%2FHp0W6XcQ79DlCBfxRD%2BTz8fUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
74138db84a290f86-MXP
content-length
126607
c258.jpg
tk.tutu.finance/aomen/2022/col/239/
172 KB
173 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2022/col/239/c258.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:457b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b055272731e77eac1925b15de67ddf85c5768f01e5e129e90e0b481191e61176

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:24 GMT
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Fri, 26 Aug 2022 16:26:07 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
"201bb78b68b9d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mdx60HvVVonJIi%2FlBKmrgJJreFXKIkRgpgyxy8%2BBbYgu8XgjUGs7Gjm0pjvjAExBIzJWBr6m86qVVYjzx8I5fyD5IkWwXPhvAn13Rp5aL6G4vF6J8dNnJctG7S27EWGm%2BrzJ7TQDpf83jXWZ0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
74138db84a2a0f86-MXP
content-length
176425
hzlz.jpg
tk.tutu.finance/aomen/2022/col/239/
108 KB
109 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2022/col/239/hzlz.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:457b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
eb16c041d8f12d3cedf268c9f5d5b8b9c14a124c98a852ecba5b7987bf50dab2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:24 GMT
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Fri, 26 Aug 2022 16:11:08 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
"28e88d7366b9d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kiWAeq6z5sNQf%2F9o7zWpOmkeBOjlZ19wcxK6JUhY%2Bc9sH3y%2Fu7vN3Mly6c1RcgoXl5WfMbsojvDUXxaQQGzzbviJU%2FSV%2F%2FkaLObCQ57u8CW4Kp08ebqmFELGS1a%2F9PoXK98Ny0vNlMF3f2wl8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
74138db84a2b0f86-MXP
content-length
110989
amktzm.jpg
tk.tutu.finance/aomen/2022/col/239/
86 KB
87 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2022/col/239/amktzm.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:457b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
45b3715d770d81392589f0884af275bf78b81b9b435beba18acacd6e0f53e6e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:24 GMT
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Fri, 26 Aug 2022 16:10:21 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
"d8c4da5766b9d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mj6kweE5YzvnR8h%2BNZdSgV9kqJ6G7oSsQfGMweez%2FjctqtyDIqvpZ3Ac12f4hvXsKzbJEQB6pVNWIhzCMHzhRfCPV%2FzLg7hz24SgTMcexUAVgyXcXZMsPDOOPzS240s6DdJUx2jztg5tQaDYmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
74138db84a2e0f86-MXP
content-length
88171
ywfd.jpg
tk.tutu.finance/aomen/2022/col/239/
77 KB
77 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2022/col/239/ywfd.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:457b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bdea827575f059061dbfd4d233193e1b9ab66392160c47aa50b6e47fb86528c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:23 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
content-length
78460
last-modified
Fri, 26 Aug 2022 16:12:19 GMT
server
cloudflare
etag
"52d43b9e66b9d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kt2QE5ChN8Bh0hRysmr5hWvYHkG9ENSX6mywHC8KTfoYv7378h0N2IV7DL9y8cvFXUyxNkCsNrDlQQbjvAGxLNBFp2UqGmN%2Fy0cKoIV16vSy0Pmd0dK7kIBmfMhzkvJX9CauDlMQH1AVuxLVSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=7200
cf-polished
degrade=85, origSize=110828, status=webp_bigger
accept-ranges
bytes
cf-ray
74138db84a2f0f86-MXP
cf-bgj
imgq:85,h2pri
805.jpg
tk.tutu.finance/aomen/2022/col/239/
296 KB
297 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2022/col/239/805.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:457b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d705eb2c8bb95adb6a36057957f1e7495f25f2d9ea2e5088f1ad019a10d56dd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:24 GMT
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Fri, 26 Aug 2022 15:06:05 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
"9d40175d5db9d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RTIRCHngwWt16osLy2J0XND3ofxVKbnxLRaNB8Wltd%2FqqjRoYM7x9B5xhl4ZzatFL9vzwEvKYgn233HB95f9mLCPVrRu707xn%2BdngpNTLxiLv0TYIvXG6D%2BZ2zLACEB2JNWWQnu1Q2DL9OzDvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
74138db84a300f86-MXP
content-length
302968
bb16.jpg
tk.tutu.finance/aomen/2022/col/239/
210 KB
211 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2022/col/239/bb16.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:457b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a03dfec532560014ea836557d6accf1957b7b36b0cd10a47d8c8a42bd0dc0310

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:24 GMT
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Fri, 26 Aug 2022 13:56:26 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
"4cd57ba253b9d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BpjCJ3t6ywl2T%2BBD%2BC4xfkTu%2B%2FMn2ir%2BGOg9GjzBWyoGbumuy7%2B2lUNVf12FzMKXLGhZyQKCldTf6lv3WoNkBNzdCni%2BxweIASHwiMMORCE076MKG9Bs709OHy4aAQrTxoU3n%2BfRNfDwQNfhBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
74138db84a310f86-MXP
content-length
215435
jxsm.jpg
tk.tutu.finance/aomen/2022/col/239/
122 KB
122 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2022/col/239/jxsm.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:457b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
33a430a94a63fb862c09d5984870101db87ac18d1c64f439a9a8c84d4451302b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:23 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
content-disposition
inline; filename="jxsm.webp"
content-length
124678
last-modified
Fri, 26 Aug 2022 16:11:14 GMT
server
cloudflare
etag
"15893c7766b9d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWbf4McxaKcGo3qmrlSrkZVe7nzlLce1PZKz2Dukq2iyuB9k6bZIa594OnYbQAU2pGAA%2FTSwCa99Lh%2B8GLfdB%2FIzzhtXTkD4nfa4Il8qIqespsha06wopU3sCrfyW6Q0fzLo9QTaEA60YhjWaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=7200
cf-polished
qual=85, origFmt=jpeg, origSize=162941
accept-ranges
bytes
cf-ray
74138db84a320f86-MXP
cf-bgj
imgq:85,h2pri
yql.jpg
tk.tutu.finance/aomen/2022/col/239/
160 KB
161 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2022/col/239/yql.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:457b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b4c249c98e70c1bc175664336f62298e9fccd662da439b037d6b300500d4b6ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:24 GMT
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Sat, 27 Aug 2022 04:46:40 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
"dc5474ffcfb9d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyVC6uDVbz3HqpCZzIVjrkyX%2FXzYbC2nuXgZLgiF86%2B663%2BBMmykJc%2Bn0J%2FMzwh8VLUqKBGw8ph10ieG2pfqaqfafXFqlowLuTsatfHRNI5NnZ%2BQcoGS%2FUZhCXE%2FBanPit1U1cm3np0qVek%2B3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
74138db84a340f86-MXP
content-length
164303
amqlb.jpg
tk.tutu.finance/aomen/2022/col/239/
80 KB
81 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2022/col/239/amqlb.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:457b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c98b0174caa21677614a05dd27b7aff8b1e67849327531d528dda5b116792de1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:24 GMT
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Fri, 26 Aug 2022 16:10:30 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
"89bfca5c66b9d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RcrJXC%2FKcKPlbuWVT7euSzKB2obEfzRsL3YmQ31wLF%2FtfXMqXBKyPj1HiQ5AgZIGl7mcVrhEDWeGOk7ghHmecKt7X5xHeJ%2BiZ%2F8stuYolZPF4g1kn4asRzfgVHDsMQa4pANSpD6cySSnK%2BH43Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
74138db84a360f86-MXP
content-length
82267
ammh.jpg
tk.tutu.finance/aomen/2022/col/239/
56 KB
57 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2022/col/239/ammh.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:457b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
76627064f3a61951f6a44c474b08a4f3f9927c511f43e10b0c8d74a3cae7b2c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:24 GMT
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Fri, 26 Aug 2022 16:10:23 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
"3491cd5866b9d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B81dBHzQ8wH1PEE5vv30CStYwDwPvdfxVrcR5eUmgeCn9DvPC0CzRl5NzKfvoL%2F0xPqjZGqKh37LPWAu6s0F0%2Bihv9HiNCdwnYo9uH5t7ojzT%2B9s6etxRoAt2y0sNRlG8KhYl%2FrCx8ul2o9yLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
74138db84a380f86-MXP
content-length
57684
lhtt.jpg
tk.tutu.finance/aomen/2022/col/239/
202 KB
202 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2022/col/239/lhtt.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:457b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
17b40daf0d9d2feac3f1a1ce3c9305d2e5bc1f71741a69dfb29f02053c693f7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:24 GMT
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Fri, 26 Aug 2022 16:11:21 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
"4993327b66b9d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ervv4JRNf60VcV1DbuFvvS87gOCbWaJADQHIWYlIGB8QCVUZ4E4XR9bbfpr1hMNGcJ%2BRZ655JGudon0qI8mepZZqD5PywE83N3x21zhozYpqRXe6XaJ8H1JU6avqNWlGSgZmb5iIWTH52HBFQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
74138db84a390f86-MXP
content-length
206502
shengxiao.png
amtta.xyz/images/
2 MB
2 MB
Image
General
Full URL
http://amtta.xyz/images/shengxiao.png
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
HTTP/1.1
Server
104.233.142.144 Hacienda Heights, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
db21e3a71ba3fd5528b575896daa935e6f807c1e8ef79bff2287ec09017e4d16

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 08:49:26 GMT
Last-Modified
Wed, 27 Jul 2022 12:32:19 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"2abc6e9b4a1d81:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
2374192
js-sdk-pro.min.js
sdk.51.la/
34 KB
13 KB
Script
General
Full URL
http://sdk.51.la/js-sdk-pro.min.js
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
HTTP/1.1
Server
47.253.50.2 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
openresty /
Resource Hash
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 08:49:21 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Jul 2022 04:05:56 GMT
Server
openresty
ETag
W/"62d0e7a4-861a"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=1296000
Access-Control-Allow-Credentials
true
Connection
keep-alive
bg.jpg
amtta.xyz/images/
394 KB
394 KB
Image
General
Full URL
http://amtta.xyz/images/bg.jpg
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/style/style.css
Protocol
HTTP/1.1
Server
104.233.142.144 Hacienda Heights, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
bc13395b9658e1f16798eafdaec6477f52070cf09ec8b834a045039b59ad2610

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/style/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 08:49:25 GMT
Last-Modified
Wed, 27 Jul 2022 12:32:19 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"0d58fe9b4a1d81:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
403116
2020kj.html
zhibo.2020kj.com/ Frame 5ED1
37 KB
17 KB
Document
General
Full URL
https://zhibo.2020kj.com:777/2020kj.html
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
16.163.165.53 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-163-165-53.ap-east-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
27a86e79b1963b4634b4e4c3f4dd2da5e9d19dc9aab5cfe3eb1c38571cc16e58

Request headers

Referer
http://amtta.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
17418
content-type
text/html
date
Sat, 27 Aug 2022 08:49:21 GMT
etag
"801681da2cb1d81:0"
last-modified
Tue, 16 Aug 2022 04:58:41 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-powered-by
ASP.NET
collect
collect-v6.51.la/v6/
0
391 B
XHR
General
Full URL
http://collect-v6.51.la/v6/collect?dt=4
Requested by
Host: sdk.51.la
URL: http://sdk.51.la/js-sdk-pro.min.js
Protocol
HTTP/1.1
Server
103.143.19.103 , China, ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN),
Reverse DNS
Software
CloudWAF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Access-Control-Allow-Origin
http://amtta.xyz
Date
Sat, 27 Aug 2022 08:49:23 GMT
Access-Control-Allow-Credentials
true
Server
CloudWAF
Connection
keep-alive
Content-Length
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
cfl1-2.png
amtta.xyz/images/
2 KB
3 KB
Image
General
Full URL
http://amtta.xyz/images/cfl1-2.png
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/style/style.css
Protocol
HTTP/1.1
Server
104.233.142.144 Hacienda Heights, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a883bc04792acc9ebc1345c9f117f8e6b129cfab3a6f7690ebf0632b180e9bb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/style/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 08:49:25 GMT
Last-Modified
Wed, 27 Jul 2022 12:32:19 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"0d58fe9b4a1d81:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
2512
cfl4.png
amtta.xyz/images/
4 KB
4 KB
Image
General
Full URL
http://amtta.xyz/images/cfl4.png
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/style/style.css
Protocol
HTTP/1.1
Server
104.233.142.144 Hacienda Heights, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ab4cfcd442ae228c2533edd8c7ca8ed791a82e0f9bf87a7552fe56164c099864

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/style/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 08:49:25 GMT
Last-Modified
Wed, 27 Jul 2022 12:32:19 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"34fc96e9b4a1d81:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3886
cfl3.png
amtta.xyz/images/
3 KB
3 KB
Image
General
Full URL
http://amtta.xyz/images/cfl3.png
Requested by
Host: amtta.xyz
URL: http://amtta.xyz/style/style.css
Protocol
HTTP/1.1
Server
104.233.142.144 Hacienda Heights, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
690525e35adf0a12e48716dd62cd5efe930485d8e5e876a11762b9658b667e00

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://amtta.xyz/style/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 08:49:25 GMT
Last-Modified
Wed, 27 Jul 2022 12:32:19 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"be9994e9b4a1d81:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3044
jquery-1.10.2.min.js
code.jquery.com/ Frame 5ED1
91 KB
32 KB
Script
General
Full URL
https://code.jquery.com/jquery-1.10.2.min.js
Requested by
Host: zhibo.2020kj.com
URL: https://zhibo.2020kj.com:777/2020kj.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zhibo.2020kj.com:777/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:23 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-16bb3"
vary
Accept-Encoding
x-hw
1661590163.dop109.fr8.t,1661590163.cds108.fr8.hn,1661590163.cds272.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
32788
i1i1i1i1i1l1l1l1l0.js
zhibo.2020kj.com/js/ Frame 5ED1
82 B
178 B
XHR
General
Full URL
https://zhibo.2020kj.com:777/js/i1i1i1i1i1l1l1l1l0.js?_=1661590163363
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.10.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
16.163.165.53 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-163-165-53.ap-east-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
88bedcfc5d775aa8a3c73c9d990a7d746c21480bad3f515f27e48da3e05c33a0

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://zhibo.2020kj.com:777/2020kj.html
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 08:49:21 GMT
last-modified
Sat, 27 Aug 2022 08:41:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
W/"403d6bdf0b9d81:0"
content-type
application/javascript
accept-ranges
bytes
content-length
82
truncated
/ Frame 5ED1
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1836a0027a45c7aa22fcec0954babdbea21e9fd686f13b7581e8cce9c5224eff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5ED1
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
33197024b06f488a6590409fdd724a85913851d54dba51a2ec5f8bf823a1011e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5ED1
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8943138e5f103988369b19e2e7825b4b565d3f1e56ce0b10f09354236af0851

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
11121113.com
URL
http://11121113.com/tu/fenlixian.gif
Domain
tk2.cdztkc.com
URL
https://tk2.cdztkc.com:4949/col/239/sbxxj.jpg
Domain
tk2.cdztkc.com
URL
https://tk2.cdztkc.com:4949/col/239/m42.jpg

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation function| $ function| jQuery function| ag_hidde function| hidde function| inner_hidde function| frm_iop object| respond function| topMao object| LA number| laWaitTime object| $this

5 Cookies

Domain/Path Name / Value
amtta.xyz/ Name: PHPSESSID
Value: 19c4c9c9bf14cb8926446462c46f6234
amtta.xyz/ Name: __vtins__JiidFa73dkWm1erN
Value: %7B%22sid%22%3A%20%22da951966-25c4-5813-bfee-c17e8c9f65c8%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201661591961646%2C%20%22ct%22%3A%201661590161646%7D
amtta.xyz/ Name: __51uvsct__JiidFa73dkWm1erN
Value: 1
amtta.xyz/ Name: __51vcke__JiidFa73dkWm1erN
Value: 6bdf8cc3-a3b3-57fb-a8bd-070c97ecd2f7
amtta.xyz/ Name: __51vuft__JiidFa73dkWm1erN
Value: 1661590161648

2 Console Messages

Source Level URL
Text
network error URL: https://tk2.cdztkc.com:4949/col/239/sbxxj.jpg
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://tk2.cdztkc.com:4949/col/239/m42.jpg
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11121113.com
amtta.xyz
code.jquery.com
collect-v6.51.la
sdk.51.la
tk.tutu.finance
tk2.cdztkc.com
www.amtkfile.com
www.tuku678.com
zhibo.2020kj.com
11121113.com
tk2.cdztkc.com
103.143.19.103
104.233.142.144
108.171.249.205
16.163.165.53
2001:4de0:ac18::1:a:3a
2606:4700:20::ac43:457b
47.253.50.2
52.223.7.154
0b52f11cb0595f914ddc47976421d8ea83a57df6407c1684ccec4daeadc6d6bb
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
109cb810d00ecf1fff1ffe717025059c2d777111acd2890c14785b78f4561f79
117a4539568efdecb373cd8a1ea76678d2d2674c59591603e4ce5274f0f402f8
16b2984c535bc67b491c5230dd037a83b653d5e14a4ddb50331ca56ac7542392
1775c8b7c8152285a222d8adab9bcc11c5ebd0cb59a1889ea931cc856fb8b300
17b40daf0d9d2feac3f1a1ce3c9305d2e5bc1f71741a69dfb29f02053c693f7f
1836a0027a45c7aa22fcec0954babdbea21e9fd686f13b7581e8cce9c5224eff
233a5762dde7869a841e369df78049a9dc99731a167a46705363c4eb0be582bf
27a86e79b1963b4634b4e4c3f4dd2da5e9d19dc9aab5cfe3eb1c38571cc16e58
2d163843e069c11867d71abfca45ae1f7f03336a9f88420382f7540d829e55ac
2f1c2565b53ca4fd621cbfcd4d09aef51c839c7ba6fd687031500546e2b4439a
33197024b06f488a6590409fdd724a85913851d54dba51a2ec5f8bf823a1011e
33a430a94a63fb862c09d5984870101db87ac18d1c64f439a9a8c84d4451302b
3a854609608f6ed4ab4e54ed8e0c4a6572f51b477061aebe2758bbebcda2a4ee
3fca505120ed64ec30cf41191e176d5ae7112bf3e4198c9afe9a49967c60f950
45b3715d770d81392589f0884af275bf78b81b9b435beba18acacd6e0f53e6e6
49382853c920998741ffb58c10a986ae71bd01c9a01643181fd3085aaf941b32
4e58361d4cd4e2e4c8f5c0f62d88b88d7358643ae08893665a145cb8d2629131
53c750e3f34d3ecde7cbe96a414e328da08e92d33c2df9d385cf8cf8b4aa67e5
57d456a0691375ad960c8b89abe208835232492f5a9ba1b0eac6ff3b69a272c3
642f9f0350e821af2dab25b9cba356e024c218e6937585cd11e676c2a33daabc
64f1398f15bff5ada3e079453197ffe457573ab44488e9501206cdde87c59500
690525e35adf0a12e48716dd62cd5efe930485d8e5e876a11762b9658b667e00
699f8d5f6bca1ad8154c2e9c4729de5c210d0e7fa8e9d724fd69de690d5a312d
69dc0ebabf27e7de29e5a9fba60301fa0e4c088f1224e24a8074159297f48b76
6b75c1dc00e979838165176e47081b2ec3fe8a2aa95586dc5cff899495dd05b7
753d99b88637220bea6d172d533c3c6cb7744f1552e2da33d14dc79eab605f34
760777278b302e76dec86877f7157c8c0614ff6a59145b5afd8fc9b73074cbb5
76627064f3a61951f6a44c474b08a4f3f9927c511f43e10b0c8d74a3cae7b2c9
815c6af7299d45ed8c82e8b5f2f4a23f16a76f9477d58b1114d39bab2bcf8749
818e79329569737f32ad198b589887ffd8042737b3dde77c63c4792d0e35f1f1
88bedcfc5d775aa8a3c73c9d990a7d746c21480bad3f515f27e48da3e05c33a0
8d20fbdbd4d1afa33d4159ace37d7c7ef05463b321cbd01378adf8c87f3638cd
98377171e64fa084f0cb1811af92790758a28d747921f21fbab21cd8b4e37d15
984d67122380ad08838deebb990833f111e4276e6ebc2ce4b7928d721a79ae0b
9be846c18af51a3afe4ae5926237234faa293785eac585f4122eb8c8e1ddebac
a03dfec532560014ea836557d6accf1957b7b36b0cd10a47d8c8a42bd0dc0310
a06fa100a97ae14ef836835f4c351352f1278cec14bb97eb25c392f6a07cfaf0
a57e06e2a6a100e939493ed714c4b88e15d7ecd05b2e3f41f8bc4c8c1df14500
a5b48397f3b76d7fbe7a9570d88d409d88bae57620ee30c90c7316616167d2ac
a883bc04792acc9ebc1345c9f117f8e6b129cfab3a6f7690ebf0632b180e9bb3
ab4cfcd442ae228c2533edd8c7ca8ed791a82e0f9bf87a7552fe56164c099864
b055272731e77eac1925b15de67ddf85c5768f01e5e129e90e0b481191e61176
b0952df589849e62340e9f5c9ba4e6fb6e1e30e5c8344f32c0dedc6de25c521a
b4c249c98e70c1bc175664336f62298e9fccd662da439b037d6b300500d4b6ad
bc13395b9658e1f16798eafdaec6477f52070cf09ec8b834a045039b59ad2610
bdea827575f059061dbfd4d233193e1b9ab66392160c47aa50b6e47fb86528c9
c0476a80b721b0dec87b4a6779984645a3598bce527121ce902655a29ce3c8c6
c3570d048dd297c058670212d6d2786d447cbbf76302d082613edb57b3a1b16e
c8943138e5f103988369b19e2e7825b4b565d3f1e56ce0b10f09354236af0851
c98b0174caa21677614a05dd27b7aff8b1e67849327531d528dda5b116792de1
ca667e3783c94c03b6d52b8ff793ab3a083973a951f298d5b5da6176ecb12300
ce5ce59a13d75d9d44dc2ebd12cfb6697f6053838ea4be8727e9c3ca4d281640
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
d2cc0913b5811da1c46c5dd96c9636d48d1f0489e82deb61eb9eb64b0ee82321
d4a60fd74b29f0c4063608d127360c503c8bba520a65e904f1b406925b64dab8
d686bfe5ae44169ccbad794f85082c7e80e2337fd5834923710b57d10eeb6f96
d705eb2c8bb95adb6a36057957f1e7495f25f2d9ea2e5088f1ad019a10d56dd9
db21e3a71ba3fd5528b575896daa935e6f807c1e8ef79bff2287ec09017e4d16
dbd2f7e40bcc792d6738b6024d295e6f1effc3de068d7cfe08149ca07b0389c4
e17a4a21e7f2d326798fff910990476722745e16fd3b1a809dffa3c40f87ff04
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e817975ec8ac62bed97dbd584a9f96fcb87c905e76cf75de4ceb2effc6d47242
eb16c041d8f12d3cedf268c9f5d5b8b9c14a124c98a852ecba5b7987bf50dab2
ebba3a40b243de6d5108f5f33eab9b5e4e28528938ffcdc6e136e079723d3f4c
ef6ab331ae591d5d5a08b33d23db1eca26efdf3c9a72ca6d63b762f93ed423a6
f00eacbf969e325d18740d37de4705736617d56d5b031bbcdb3dcadbbd795b7a
fbca7e3dd442f30f27e8b42944185214a343629fa6bde20e34c2e83c5584feb1
fbdd1f9a34d05926ef69403c2b4223dcde1a82a421d84b986279a320782dc5f1
fd9ad908e4068ccedfee326a46ac1e35dd03f2af6ccf937f30ba8a5898d3ca2f