www.sagitco.com Open in urlscan Pro
38.63.1.109 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sagitco.com/
Effective URL:
http://www.sagitco.com/
Submission: On July 11 via api (July 11th 2022, 1:02:55 am UTC) from US — Scanned from DE

Summary HTTP 266 Redirects Behaviour Indicators

Summary

This website contacted 25 IPs in 6 countries across 23 domains to perform 266 HTTP transactions. The main IP is 38.63.1.109, located in United States and belongs to PEGTECHINC, US. The main domain is www.sagitco.com.

This is the only time www.sagitco.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	38.63.1.109 38.63.1.109	54600 (PEGTECHINC) (PEGTECHINC)
1	39.156.68.163 39.156.68.163	9808 (CHINAMOBI...) (CHINAMOBILE-CN China Mobile Communications Group Co.)
2	136.0.141.3 136.0.141.3	18779 (EGIHOSTING) (EGIHOSTING)
6	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
38	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
100	136.0.141.5 136.0.141.5	18779 (EGIHOSTING) (EGIHOSTING)
2	112.90.153.42 112.90.153.42	136959 (UNICOM-FU...) (UNICOM-FUOSHAN-IDC China Unicom Guangdong IP network)
5	103.170.15.20 103.170.15.20	7483 (SKYCLOUD-...) (SKYCLOUD-NET Skycloud Computing co.)
5	20.239.77.42 20.239.77.42	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	20.239.153.86 20.239.153.86	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	103.170.15.96 103.170.15.96	7483 (SKYCLOUD-...) (SKYCLOUD-NET Skycloud Computing co.)
12	45.61.212.125 45.61.212.125	53587 (AZT) (AZT)
7	118.107.46.234 118.107.46.234	64050 (BCPL-SG B...) (BCPL-SG BGPNET Global ASN)
7	220.128.218.220 220.128.218.220	3462 (HINET Dat...) (HINET Data Communication Business Group)
7	2606:4700:303... 2606:4700:3030::6815:12ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	52.253.108.99 52.253.108.99	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	103.170.15.111 103.170.15.111	7483 (SKYCLOUD-...) (SKYCLOUD-NET Skycloud Computing co.)
2	45.61.212.225 45.61.212.225	53587 (AZT) (AZT)
2	103.170.15.71 103.170.15.71	7483 (SKYCLOUD-...) (SKYCLOUD-NET Skycloud Computing co.)
2	47.75.19.38 47.75.19.38	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
2	162.209.201.60 162.209.201.60	40065 (CNSERVERS) (CNSERVERS)
17	2606:4700:303... 2606:4700:3030::ac43:b6cf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	183.131.207.66 183.131.207.66	136190 (CHINATELE...) (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA)
1	182.61.201.93 182.61.201.93	38365 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
266	25

4 38.63.1.109 (United States) 1 redirects

ASN54600 (PEGTECHINC, US)

sagitco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.sagitco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 39.156.68.163 (China)

ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN)

push.zhanzhang.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.0.141.3 (United States)

ASN18779 (EGIHOSTING, US)

136.0.141.3	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

klx42.zhgm8jglhk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lb.learning8809.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

100 136.0.141.5 (United States)

ASN18779 (EGIHOSTING, US)

www.gg123456789gg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 112.90.153.42 (China)

ASN136959 (UNICOM-FUOSHAN-IDC China Unicom Guangdong IP network, CN)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.170.15.20 (Taiwan)

ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW)

vecukb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 20.239.77.42 (Central, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

n0477.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 20.239.153.86 (Central, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

32653562.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.170.15.96 (Taiwan)

ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW)

bob4915.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 45.61.212.125 (United States)

ASN53587 (AZT, US)

jcyunk2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xox8863.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bob5379.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 118.107.46.234 (Singapore)

ASN64050 (BCPL-SG BGPNET Global ASN, SG)

yyzbtg01.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 220.128.218.220 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 220-128-218-220.hinet-ip.hinet.net

taiwtp1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3030::6815:12ae (United States)

ASN13335 (CLOUDFLARENET, US)

sb.learning8808.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tk.learning8808.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.253.108.99 (Tokyo, Japan)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

n0404.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
n0399.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.170.15.111 (Taiwan)

ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW)

bob4942.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.61.212.225 (United States)

ASN53587 (AZT, US)

xox8889.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.170.15.71 (Taiwan)

ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW)

xox8956.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 47.75.19.38 (Central, Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

701.oss-cn-hongkong.aliyuncs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.209.201.60 (United States)

ASN40065 (CNSERVERS, US)

sdjigd56c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:3030::ac43:b6cf (United States)

ASN13335 (CLOUDFLARENET, US)

tk.learning8808.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 183.131.207.66 (China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)

ia.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.61.201.93 (China)

ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

api.share.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
100	gg123456789gg.com www.gg123456789gg.com	2 MB
30	learning8809.com lb.learning8809.com	29 KB
24	learning8808.com sb.learning8808.com tk.learning8808.com Failed	17 MB
8	zhgm8jglhk.com klx42.zhgm8jglhk.com	60 KB
8	baidu.com push.zhanzhang.baidu.com — Cisco Umbrella Rank: 66055 hm.baidu.com — Cisco Umbrella Rank: 7790 api.share.baidu.com — Cisco Umbrella Rank: 48124	36 KB
7	taiwtp1.com taiwtp1.com — Cisco Umbrella Rank: 284371	1 MB
7	yyzbtg01.cc yyzbtg01.cc	1 MB
5	xox8863.com xox8863.com	3 MB
5	jcyunk2.com jcyunk2.com — Cisco Umbrella Rank: 740474	2 MB
5	bob4915.com bob4915.com — Cisco Umbrella Rank: 613326	2 MB
5	32653562.com 32653562.com	1 MB
5	n0477.com n0477.com — Cisco Umbrella Rank: 655012	1 MB
5	vecukb.com vecukb.com	434 KB
4	n0404.com n0404.com Failed	132 KB
4	51.la js.users.51.la — Cisco Umbrella Rank: 60541 Failed ia.51.la — Cisco Umbrella Rank: 53210	6 KB
4	sagitco.com 1 redirects sagitco.com www.sagitco.com	4 KB
2	sdjigd56c.com sdjigd56c.com Failed	320 KB
2	aliyuncs.com 701.oss-cn-hongkong.aliyuncs.com Failed	584 KB
2	xox8956.com xox8956.com Failed	27 KB
2	xox8889.com xox8889.com — Cisco Umbrella Rank: 345039 Failed	59 KB
2	bob5379.com bob5379.com — Cisco Umbrella Rank: 674509 Failed	237 KB
2	bob4942.com bob4942.com Failed	379 KB
2	n0399.com n0399.com Failed	100 KB
266	23

	Domain	Requested by
100	www.gg123456789gg.com	klx42.zhgm8jglhk.com
30	lb.learning8809.com	klx42.zhgm8jglhk.com
22	tk.learning8808.com	lb.learning8809.com klx42.zhgm8jglhk.com
8	klx42.zhgm8jglhk.com	www.sagitco.com klx42.zhgm8jglhk.com
7	taiwtp1.com	klx42.zhgm8jglhk.com lb.learning8809.com
7	yyzbtg01.cc	klx42.zhgm8jglhk.com lb.learning8809.com
6	hm.baidu.com	www.sagitco.com klx42.zhgm8jglhk.com
5	xox8863.com	klx42.zhgm8jglhk.com lb.learning8809.com
5	jcyunk2.com	klx42.zhgm8jglhk.com lb.learning8809.com
5	bob4915.com	klx42.zhgm8jglhk.com lb.learning8809.com
5	32653562.com	klx42.zhgm8jglhk.com lb.learning8809.com
5	n0477.com	klx42.zhgm8jglhk.com lb.learning8809.com
5	vecukb.com	klx42.zhgm8jglhk.com lb.learning8809.com
4	n0404.com	lb.learning8809.com klx42.zhgm8jglhk.com
3	www.sagitco.com	www.sagitco.com
2	ia.51.la	klx42.zhgm8jglhk.com
2	sdjigd56c.com	lb.learning8809.com klx42.zhgm8jglhk.com
2	701.oss-cn-hongkong.aliyuncs.com	lb.learning8809.com klx42.zhgm8jglhk.com
2	xox8956.com	lb.learning8809.com klx42.zhgm8jglhk.com
2	xox8889.com	lb.learning8809.com klx42.zhgm8jglhk.com
2	bob5379.com	lb.learning8809.com klx42.zhgm8jglhk.com
2	bob4942.com	lb.learning8809.com klx42.zhgm8jglhk.com
2	n0399.com	lb.learning8809.com klx42.zhgm8jglhk.com
2	sb.learning8808.com	lb.learning8809.com
2	js.users.51.la	www.sagitco.com klx42.zhgm8jglhk.com
1	api.share.baidu.com	www.sagitco.com
1	push.zhanzhang.baidu.com	www.sagitco.com
1	sagitco.com	1 redirects
266	28

This site contains no links.

Subject Issuer	Validity	Valid
baidu.com GlobalSign RSA OV SSL CA 2018	`2021-11-15` - `2022-08-02`	9 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-23` - `2023-06-22`	a year	crt.sh
*.learning8809.com E1	`2022-06-17` - `2022-09-15`	3 months	crt.sh
www.gg123456789gg.com R3	`2022-04-25` - `2022-07-24`	3 months	crt.sh
*.users.51.la GlobalSign GCC R3 DV TLS CA 2020	`2022-03-29` - `2023-04-30`	a year	crt.sh
vecukb.com Sectigo RSA Domain Validation Secure Server CA	`2022-07-03` - `2023-07-03`	a year	crt.sh
n0477.com R3	`2022-06-17` - `2022-09-15`	3 months	crt.sh
32653562.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-18` - `2023-03-18`	a year	crt.sh
bob4915.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-08`	a year	crt.sh
jcyunk2.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-21` - `2023-03-21`	a year	crt.sh
xox8863.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-08`	a year	crt.sh
www.yyzbtg01.cc R3	`2022-05-26` - `2022-08-24`	3 months	crt.sh
taiwtp1.com R3	`2022-07-09` - `2022-10-07`	3 months	crt.sh
*.learning8808.com E1	`2022-06-17` - `2022-09-15`	3 months	crt.sh
n0404.com R3	`2022-06-17` - `2022-09-15`	3 months	crt.sh
n0399.com R3	`2022-06-17` - `2022-09-15`	3 months	crt.sh
bob4942.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-08`	a year	crt.sh
bob5379.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-08`	a year	crt.sh
xox8889.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-08`	a year	crt.sh
xox8956.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-08`	a year	crt.sh
*.oss-cn-hongkong.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-01-20` - `2023-02-21`	a year	crt.sh
dsiauhf22.com Sectigo RSA Domain Validation Secure Server CA	`2021-08-10` - `2022-08-10`	a year	crt.sh
*.51.la GlobalSign GCC R3 DV TLS CA 2020	`2022-04-19` - `2023-05-21`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://www.sagitco.com/
Frame ID: AAB88BD6C4EE61B9C2515D85F5C0DB24
Requests: 10 HTTP requests in this frame

Frame: https://klx42.zhgm8jglhk.com/
Frame ID: DF298D297546C50154F168DA755F258D
Requests: 124 HTTP requests in this frame

Frame: https://klx42.zhgm8jglhk.com/
Frame ID: CD3C7CF5F0596A10AFDA2A5AB48E6A04
Requests: 132 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

三亚缆魄医疗科技有限公司三亚缆魄医疗科技有限公司

Page URL History Show full URLs

http://sagitco.com/ HTTP 301
http://www.sagitco.com/ Page URL

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Page Statistics

266
Requests

88 %
HTTPS

13 %
IPv6

23
Domains

28
Subdomains

25
IPs

6
Countries

32962 kB
Transfer

33363 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sagitco.com/ HTTP 301
http://www.sagitco.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

266 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.sagitco.com/
Redirect Chain

http://sagitco.com/
http://www.sagitco.com/

3 KB
1 KB

1035ms
166ms

Document
text/html

38.63.1.109
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://www.sagitco.com/
Protocol: HTTP/1.1
Server: 38.63.1.109 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: 860b3b34607079cc4092b537b77998403d7eda0e0ca004c5977d569bcc519443

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 11 Jul 2022 01:02:22 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html
Date: Mon, 11 Jul 2022 01:02:21 GMT
Location: http://www.sagitco.com/
Server: nginx

GET
H/1.1 200
OK common.js Show response
www.sagitco.com/ 4 KB
2 KB 179ms
179ms Script
application/x-javascript 38.63.1.109
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://www.sagitco.com/common.js
Requested by: Host: www.sagitco.com
URL: http://www.sagitco.com/
Protocol: HTTP/1.1
Server: 38.63.1.109 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: d26298e53439e37511c0fb08df9a0924244d8f75ea898de79d9ae215d38898f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.sagitco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 01:02:23 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/x-javascript

GET
H/1.1 200
OK tj.js Show response
www.sagitco.com/ 364 B
520 B 176ms
176ms Script
application/x-javascript 38.63.1.109
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://www.sagitco.com/tj.js
Requested by: Host: www.sagitco.com
URL: http://www.sagitco.com/
Protocol: HTTP/1.1
Server: 38.63.1.109 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: 99d585f6806983ff7bb2661d2faf828373656603eb9188d0ced326515b9b4d08

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.sagitco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 01:02:23 GMT
Server: nginx
Connection: keep-alive
Content-Length: 364
Content-Type: application/x-javascript

GET
H/1.1 200
OK push.js Show response
push.zhanzhang.baidu.com/ 281 B
752 B 1787ms
1392ms Script
text/javascript 39.156.68.163
CHINAMOBILE-CN Ch...

General

Check archive.org

Show headers Download Go to

Full URL: http://push.zhanzhang.baidu.com/push.js
Requested by: Host: www.sagitco.com
URL: http://www.sagitco.com/
Protocol: HTTP/1.1
Server: 39.156.68.163 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software: apache /
Resource Hash: 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.sagitco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 01:02:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
Server: apache
Etag: "4078521116"
Vary: Accept-Encoding
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 227
Expires: Tue, 11 Jul 2023 01:02:24 GMT

GET
H/1.1 200
OK chabi-common.php Show response
136.0.141.3/ 69 B
535 B 327ms
164ms XHR
text/html 136.0.141.3
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: http://136.0.141.3/chabi-common.php?val=chabi4&t=0.9614020822713019?v=07786824298873867
Requested by: Host: www.sagitco.com
URL: http://www.sagitco.com/common.js
Protocol: HTTP/1.1
Server: 136.0.141.3 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ed98c7de211fde8b21e4d6b7cc0990c5f9690b348674fae73593aa6ef6cd8ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.sagitco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 01:02:22 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE
Content-Type: text/html;charset=utf-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin

GET
H/1.1 200
OK chabi-common.php Show response
136.0.141.3/ 69 B
535 B 329ms
165ms XHR
text/html 136.0.141.3
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: http://136.0.141.3/chabi-common.php?val=chabi4&t=0.9815886961309004?v=070847529603705
Requested by: Host: www.sagitco.com
URL: http://www.sagitco.com/common.js
Protocol: HTTP/1.1
Server: 136.0.141.3 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ed98c7de211fde8b21e4d6b7cc0990c5f9690b348674fae73593aa6ef6cd8ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.sagitco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 01:02:22 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE
Content-Type: text/html;charset=utf-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 30 KB
12 KB 1096ms
421ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?10e44e3c6edee82d823051e24349004b

Requested by

Host: www.sagitco.com
URL: http://www.sagitco.com/tj.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

9aafeaa03b44b57673f1ec6b07714da2831c33afa8803c6abdc45cd44c8d9650

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.sagitco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 01:02:23 GMT
Content-Encoding: gzip
Server: apache
Etag: 2da48d5052acdde7043d4d16ba698004
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11342

GET 21279169.js
js.users.51.la/ 0
0

GET
H2 200 / Show response
klx42.zhgm8jglhk.com/ Frame DF29 43 KB
7 KB 658ms
507ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klx42.zhgm8jglhk.com/
Requested by: Host: www.sagitco.com
URL: http://www.sagitco.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3a4d6defb0807c524acbcd4843ce8eade9b4763818f2b6984e92e3a04b10662

Request headers

Referer: http://www.sagitco.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 728d9d022e0590e8-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 11 Jul 2022 01:02:23 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2jCrMJKbs89A1VRaxCbUl5hpdQGkcZ3ha38a3n7ToVw8u9AOoSIX6Q%2BdueSnKv6sFTgQq7an9m3O41Cr42t9agcqHib7Uut%2BzP9ZThJOSGkCzBtSBa%2BEjT174EQk2oD9znFfB81fGxTvRUsinbn9SkbCVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 / Show response
klx42.zhgm8jglhk.com/ Frame CD3C 43 KB
7 KB 661ms
511ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klx42.zhgm8jglhk.com/
Requested by: Host: www.sagitco.com
URL: http://www.sagitco.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3a4d6defb0807c524acbcd4843ce8eade9b4763818f2b6984e92e3a04b10662

Request headers

Referer: http://www.sagitco.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 728d9d022e0690e8-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 11 Jul 2022 01:02:23 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YVJnsUqhuOBvUjamn01oBdWxPxwtoGKnOIla4Sj2P2k27v1SHyxBaJ0wykw5J09rgh66SVDcmI06P7u2jXlfPq9ZRs4nfB%2FILZJ6EQjU1cxyIG%2FLVHEAM6PDKxbsR3NYbOaKzqw1%2Fp%2BPyUgWqjv03scoZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 ate.css
klx42.zhgm8jglhk.com/template/m1938pc/css/ Frame DF29 74 KB
5 KB 26ms
24ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klx42.zhgm8jglhk.com/template/m1938pc/css/ate.css
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3815
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 19 Dec 2021 02:38:44 GMT
server: cloudflare
etag: W/"61be9b34-126e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okHvxv3YKDK%2FFeXEruVNxjPOdh94MLWTkyZTTdEx%2FMHOo6na%2Bolk4mu1ofAYRc0FbR33yX66h5ZS6y7w6htYt20BfeGsI6WvGohC8q6hh11outzFm5Wek91tVdA2heDRvARCrfwLhfvFuT%2F%2Bx00Yae7Rew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 728d9d056fb590e8-FRA
expires: Mon, 11 Jul 2022 11:58:48 GMT

GET
H2 200 zui.css
klx42.zhgm8jglhk.com/template/m1938pc/css/ Frame DF29 84 KB
16 KB 27ms
26ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klx42.zhgm8jglhk.com/template/m1938pc/css/zui.css
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b9fe18cd6b61db8204b6200d359f5aaaba482641a9e0e787cbe8e04c59f585a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3565
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 26 Mar 2022 14:12:08 GMT
server: cloudflare
etag: W/"623f1f38-14f3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vIRvfzvwugm7kyjWqVCmryi5N3FuAeLMyhCNSwzTJdpburKuIU2e59GV9Zx6tUw4Vk2zhUK%2BrfLniFgLjuIvAWTI12RgdI2Eye02FFYM90Lvzt24VQS9Y16CaHd8L3Kw3eu%2FYIJbR%2BfFDZPfDQ6rxbKmmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 728d9d056fb690e8-FRA
expires: Mon, 11 Jul 2022 12:02:58 GMT

GET
H2 200 xx1.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame DF29 3 KB
1 KB 135ms
31ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9919c48077207bb93df2ae5c47dadfe3d3db323d46702aa62ebcc093c93153bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7768
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 10 Jul 2022 06:19:19 GMT
server: cloudflare
etag: W/"62ca6f67-bfd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95SpxbynxlaPwmuCWDcpoykYEGCMhbNdFdgbVFZMkGkZKu%2BQhxxSYH6AxmZsvtVuqHiPEqtizKuD3%2F6QS%2FcPW3oSIxpRpDUu48Aw%2FvGc%2FIWeUp26TLFSUMFGnK1tGz8dgTy5NB8Z3%2FgCE33oL%2Bl1wQUX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 728d9d061a6d9259-FRA
expires: Mon, 11 Jul 2022 10:52:55 GMT

GET
H2 200 dh1.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame DF29 2 KB
705 B 128ms
25ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/dh1.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb51712a1fc7b56a44972da5b4dabf950d9bdeee00f4f8b3d3be00939928907b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5645
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 18 Jun 2022 09:31:58 GMT
server: cloudflare
etag: W/"62ad9b8e-970"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DEaQJuCrf%2BogqpkMrlWEijDRausv1YhPid7ccJjuJUIFm8Rh77Vxebf4PPCwkpQc%2B%2Bx57B3j8T2XPKLGqp79kCgTR%2FczOa%2BuwTEg7M%2FMVSpS%2Bb64hhNPc%2FIqWtN6vvJIEAhRHHv1NnyB282myaZ4bYX3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 728d9d061a719259-FRA
expires: Mon, 11 Jul 2022 11:28:18 GMT

GET
H2 200 dh.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame DF29 11 KB
1 KB 130ms
27ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/dh.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9575baec4ff44eb2a9700beb0313456e2bd99d32dde705007eb8837d548917cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7488
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 06 Jul 2022 10:47:12 GMT
server: cloudflare
etag: W/"62c56830-2b77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZYNNIM78cmvQRSl%2F86ggt%2BaZyp8Kii8olILCs5EESAzsHSCnTMN3kRMdUjl6jb%2Bt%2BkWZbEvUgf3qTq8gZiXwU%2B5b07fTf4eX4V9JIJtSRlXyL4El%2BLriwkjxknkwYaPSLXr0KwlMEOKWwZudj3%2B67uu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 728d9d061a729259-FRA
expires: Mon, 11 Jul 2022 10:57:35 GMT

GET
H2 200 xx2.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame DF29 2 KB
877 B 131ms
28ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 230a01af63bbad4a2c1f60b5f1a0336027feb4395cd127ab5a3b83fc38c1fa59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5644
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 10 Jul 2022 06:19:25 GMT
server: cloudflare
etag: W/"62ca6f6d-945"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CETgMCP%2F57bxTRTnwLp752iscnPRxpiX687QrGpncw8jTGkLfgWbChgz71MGE4uUo%2B6Z55w%2FLEoPktyL9q0%2FBsbmXWPTIFx8lhByL0kJX2eod0hrtZztCiyyRxV%2Bp0YjekxGBOH0JeaarPMyBZLDE2Ou"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 728d9d061a749259-FRA
expires: Mon, 11 Jul 2022 11:28:18 GMT

GET
H2 200 xtb.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame DF29 6 KB
1 KB 128ms
25ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xtb.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81e297c65d0e9f0ac54f129f69040e74c7c29c5b515f07377d77b61ea0e26e04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4839
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 06 Jul 2022 10:47:12 GMT
server: cloudflare
etag: W/"62c56830-1628"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zTdKkb0o%2BvFYeDMpf2neYdoKeaTAuxWoTbvIfyuZe2Oh00q03tDE%2B38TowBSg83qZqYNsqLlxqpMEHwc2%2BHjlhEsesHdX9U4cNzJKwAq5Dbc0wOAha%2FZzii9Xh32CRcG5%2FmNvScgNyO%2B2auSswrflRiO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 728d9d061a759259-FRA
expires: Mon, 11 Jul 2022 11:41:44 GMT

GET
H2 200 250.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame DF29 1 KB
626 B 129ms
26ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/250.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 382be919c25db8460cb8d031daf012683c1f318026787081de572170e6be003b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5644
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 06 Jul 2022 10:47:12 GMT
server: cloudflare
etag: W/"62c56830-425"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzUZ5erpQncAnki8P1KYJInh%2F5efX9SP6iJA7U7BmckbaORyl82IjnOMeJeeyrIDIenTIeTGV5dDU8mbGp%2B%2B%2BK3K1RdrAX3z1ccjz%2FW%2FfFI%2B7Bd2BoWCKt3MM4qGE10ZwqbIBaafnRWU5oLXH7ApFW7g"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 728d9d061a769259-FRA
expires: Mon, 11 Jul 2022 11:28:19 GMT

GET
H2 200 f3b3483baf724d42682f4838b5f5b5c6.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 10 KB
10 KB 1471ms
330ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/f3b3483baf724d42682f4838b5f5b5c6.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

12848eca8a8b499eff31128b20e1a760268b7891370f8f6b9accb56f9eff7c73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:06 GMT
server: nginx
etag: "62ca55ce-288b"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10379
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 eeafcab579d5ef795a8ff3eaaf2f28a1.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 9 KB
9 KB 1638ms
498ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/eeafcab579d5ef795a8ff3eaaf2f28a1.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

f5b3eb5923f88e39672d3be70f839230bbcdd1fbaa78b6a16b07d3dd43e7b2b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:06 GMT
server: nginx
etag: "62ca55ce-23be"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9150
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 17c82e72490fe25e24b49395686ead64.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 11 KB
11 KB 1638ms
497ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/17c82e72490fe25e24b49395686ead64.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

432d04d1f6e16570ce4f6127583834645c382c3e270b021d1576e8e713065ae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:06 GMT
server: nginx
etag: "62ca55ce-2b16"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11030
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 02e58fda7dfae5b7b54aba7e5c6886db.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 12 KB
12 KB 1638ms
498ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/02e58fda7dfae5b7b54aba7e5c6886db.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

e370c8d760ffe4dab5abc27ef3df543f0367e9caf9d636fe749778d9f9edb4e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:06 GMT
server: nginx
etag: "62ca55ce-2ead"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11949
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 5cfb2b72ea3af757242e98f3b24da38a.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 14 KB
14 KB 1638ms
498ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/5cfb2b72ea3af757242e98f3b24da38a.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

06a80d5dbb5d46db0047e23fa95032229a4a0bb3a548dbc1edaa4866bba22776

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:05 GMT
server: nginx
etag: "62ca55cd-366d"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13933
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 35f8b9f82638709f72b0e77a3db35d6d.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 23 KB
24 KB 1638ms
498ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/35f8b9f82638709f72b0e77a3db35d6d.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

e009fc04603e4ebdddd92a14479b41d96feec3e0fd7bb253f8c0514544f707fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:05 GMT
server: nginx
etag: "62ca55cd-5dec"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 24044
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 98359bd8b97b19f8aef8d7dfc008358f.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 18 KB
18 KB 367ms
364ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/98359bd8b97b19f8aef8d7dfc008358f.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

82849ce6266621aedf79cf0f6aa7830c19b2f0143e8bc50d2336e1057bd438b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:05 GMT
server: nginx
etag: "62ca55cd-46f4"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18164
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 0b49fd2c9e8919d24095f9ae6654b75b.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 18 KB
18 KB 367ms
364ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/0b49fd2c9e8919d24095f9ae6654b75b.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

9f300557e18d586adc4f8f2ea5de5f2466df7797f5d00f810895809cde0b057c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:05 GMT
server: nginx
etag: "62ca55cd-473d"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18237
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 f4d1b5b438e75281f774ab93349009a3.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 12 KB
12 KB 367ms
364ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/f4d1b5b438e75281f774ab93349009a3.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

8735db91b8bb4f3d9b2b66bd6d0fa23d6edbf040c0a6681de0f2c99e9d4e96ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:04 GMT
server: nginx
etag: "62ca55cc-301b"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12315
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 bb44d753e51dce17b25c5d89d9f6868f.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 6 KB
7 KB 367ms
364ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/bb44d753e51dce17b25c5d89d9f6868f.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

ac0e9defaa47d1cfb006b2c9adc432657a78508733d0b87620af0cb24f103c80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:04 GMT
server: nginx
etag: "62ca55cc-1964"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6500
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H3 200 251.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame DF29 1 KB
943 B 72ms
30ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/251.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cc273eaaec28a73c3d3adc6a8a0e8b92ea623cb0fa1eb9027a3dbc7a25a86be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7767
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 18 Jun 2022 09:31:58 GMT
server: cloudflare
etag: W/"62ad9b8e-40f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0t%2Bc084S1w%2FDNG%2BNHKBUWzHJrj%2BM%2FAdCVm366%2F4eb6F1PzyJSiGog4xupM3D3YdB37IVNfWi1zOEHmensW%2FtlvsutHfQlWPqhxmpd041gsa8S5bfOHU2hjEcOfzKzt23uyEDuKnWeID4BAJrlFPP05Kj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 728d9d068c8e9bc8-FRA
expires: Mon, 11 Jul 2022 10:52:56 GMT

GET
H2 200 5650e8e8e9381e8f2fa387057b716661.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 15 KB
15 KB 367ms
364ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/5650e8e8e9381e8f2fa387057b716661.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

3ac3aad5ec7f8c52e9dea11498d74555fa160c761cd1a6d0483ebbec531e3bf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:11 GMT
server: nginx
etag: "62ca55d3-3afe"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15102
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 b0c59dad22d4f8625765e226e27121cd.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 11 KB
11 KB 367ms
364ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/b0c59dad22d4f8625765e226e27121cd.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

fe496755c594831ed259ad475844bd43cd64da748b551ca16b7cb2cfed2f73a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:11 GMT
server: nginx
etag: "62ca55d3-2bf5"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11253
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 bfcd179c56ea2205b1c650968af8a820.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 8 KB
8 KB 367ms
365ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/bfcd179c56ea2205b1c650968af8a820.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

800fc876f0c4117de57ac691f2b558740eeed29b6b1522721b20d3601d16cbdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:10 GMT
server: nginx
etag: "62ca55d2-20bb"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8379
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 af6c136461076bfd12e4793d4ba029d9.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 10 KB
10 KB 368ms
365ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/af6c136461076bfd12e4793d4ba029d9.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

b152cdbaa6d52c9dad37398233d5e3402b6b6572d9874341a80301da77bef65a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:10 GMT
server: nginx
etag: "62ca55d2-27a3"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10147
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 6eb3a7475eb61c48208a1f87eff1cc8e.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 12 KB
12 KB 368ms
365ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/6eb3a7475eb61c48208a1f87eff1cc8e.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

84b8e5e32e37501371faef98a425ebdbfb520288241e025736d3cb34aa1d6618

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:10 GMT
server: nginx
etag: "62ca55d2-3056"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12374
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 24c79f6406b8ef4a3e876163b9f1793d.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 11 KB
11 KB 368ms
365ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/24c79f6406b8ef4a3e876163b9f1793d.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

a51cc577da532ea4bd7809b31ee22a0085f713040b9b6539d606b4966d70ed05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:10 GMT
server: nginx
etag: "62ca55d2-2c5e"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11358
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 44862abc68e40a61bc9b5e644de99727.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 21 KB
21 KB 372ms
369ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/44862abc68e40a61bc9b5e644de99727.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

320e3871cd42eb21886cfc4069ea895cf691be0413263a046f1b12a75646f095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:10 GMT
server: nginx
etag: "62ca55d2-543d"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 21565
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 c145ef46837cfb9319ab01ee9af9ed7a.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 17 KB
17 KB 372ms
369ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/c145ef46837cfb9319ab01ee9af9ed7a.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

af83a1651a8c45650c53a7ea66b625afdea60ed1a3e67f5a2d7d51a562e7ed81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:09 GMT
server: nginx
etag: "62ca55d1-4254"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 16980
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 d8fc3566baed44683e9675e49cb483fa.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 11 KB
12 KB 372ms
370ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/d8fc3566baed44683e9675e49cb483fa.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

d49aaed32d580ad12a688f0d79a39e047335ea715677181851622ef6335a78c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:09 GMT
server: nginx
etag: "62ca55d1-2d60"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11616
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 449cc19519626c9bd3274f4a5c4768e1.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 8 KB
9 KB 372ms
370ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/449cc19519626c9bd3274f4a5c4768e1.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

0deceb48aff8e713f2eacfef80b4197b2be117a4ef3053429d3b5fe64a63b207

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:09 GMT
server: nginx
etag: "62ca55d1-216d"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8557
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H3 200 252.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame DF29 1 KB
942 B 88ms
46ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/252.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58cbcba238140b4366da7b34c8fa11a5547c2f6ffa8a07c1106186bd119034df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7767
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 18 Jun 2022 09:31:58 GMT
server: cloudflare
etag: W/"62ad9b8e-40f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=31Wqhv57ln2wsLnCcWc7yM%2FNTbs%2F%2B9V6FWWxhSg3Boc89wfAejyETfTU%2FK64K8zXjyCHNqtANPxTawVxs%2FRtkzqMy4icHOOasjfi832%2FKJ26n3wRRk6yxHnb3v9bT0InAznWfQT24rcb25SSmew9OnxX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 728d9d068c8f9bc8-FRA
expires: Mon, 11 Jul 2022 10:52:56 GMT

GET
H2 200 7ac0cec07b76ff3b0850c4cea9c6a4b7.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 11 KB
11 KB 373ms
370ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/7ac0cec07b76ff3b0850c4cea9c6a4b7.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

1bbafb81b6ec00be79d17979ed4fce95ec049306c3836feaf66e552b4fcf595e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:24 GMT
server: nginx
etag: "62ca55e0-2bcd"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11213
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 d0c8206db19e6435222e5b22cdfe3415.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 11 KB
11 KB 373ms
370ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/d0c8206db19e6435222e5b22cdfe3415.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

824074f3bcb68d4f3139841bb3d04621e4fd4e153d86b839cc531f11d9321d26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:24 GMT
server: nginx
etag: "62ca55e0-2bd3"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11219
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 b841fec565042539e014dd6170dc12f4.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 12 KB
12 KB 373ms
370ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/b841fec565042539e014dd6170dc12f4.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

99d7d5953a3e93a0617381d8de374c3df78a7ab74e2b72f833f1b69ce08c0419

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:24 GMT
server: nginx
etag: "62ca55e0-30f9"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12537
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 5d969b45b2ed4ff2e4f57d1891343718.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 11 KB
11 KB 374ms
371ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/5d969b45b2ed4ff2e4f57d1891343718.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

e75726247b62381768e281afd8c815b43910dbc2bcf1f9702a552230fc4c9fac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:23 GMT
server: nginx
etag: "62ca55df-2af5"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10997
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 8642a2df64c98946c5684ad786e80765.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 11 KB
12 KB 374ms
371ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/8642a2df64c98946c5684ad786e80765.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

faffda3fa955b4e738adf6934c888fdcec87880a26857877aa3c8aeaf6b7c8a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:23 GMT
server: nginx
etag: "62ca55df-2db6"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11702
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 98dfd320b9a2699dd5cbceb00252504f.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 10 KB
10 KB 374ms
372ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/98dfd320b9a2699dd5cbceb00252504f.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e10fee6bf229960fe624dc46cdb5be700406911a31864bfb830b904bc0c736

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:23 GMT
server: nginx
etag: "62ca55df-26c4"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9924
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 66f345350bc84c92864d4df040bc3dc5.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 8 KB
8 KB 374ms
372ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/66f345350bc84c92864d4df040bc3dc5.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

35660a4103d23c526fd8b7c7ba1618368fb4f69c10039b515c4f4d3b6ff752d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:23 GMT
server: nginx
etag: "62ca55df-1e4d"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7757
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 a03b9d1a1dec74a1693afe1c19cbc9ef.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 12 KB
12 KB 376ms
373ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/a03b9d1a1dec74a1693afe1c19cbc9ef.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

d17972380b648eb2282b833ec849ca46ffb85d715b7f87e56e41cb991bacd9c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:22 GMT
server: nginx
etag: "62ca55de-310d"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12557
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 40944deef329e29f86a5a54fd33b92ba.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 9 KB
9 KB 376ms
373ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/40944deef329e29f86a5a54fd33b92ba.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

052407f8e59e225e051cd57823f3d81f3baea0fcc826814e3e865ae380124f7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:22 GMT
server: nginx
etag: "62ca55de-24a4"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9380
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 63b6fe0d73f68b5fbb45d192cedfe3f1.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 16 KB
16 KB 376ms
374ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/63b6fe0d73f68b5fbb45d192cedfe3f1.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

00a9acf2656bd5e695da4599930e72a98b74b00c7b944019135561fce8df64e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:22 GMT
server: nginx
etag: "62ca55de-3f37"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 16183
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H3 200 253.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame DF29 1001 B
927 B 70ms
29ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/253.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19f9436703c1b5b718781093004ea368249bf0a0074d2b6516adc5765131a408

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7766
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 18:27:45 GMT
server: cloudflare
etag: W/"62868c21-3e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WngrA083OxTGkIvBosV3erIpPhsgTC5T0dQXfwjqit9mj%2FLEp%2By%2BvOtIpV1hfTWk%2BavhomkEePFvb6me%2FIc0gCQy3Tb1ZOVKVJEAXXNHfp36Ad0%2BAFDmqYWqr1fQsPndu8E8bKZxWVFCptj0ggkMpVRu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 728d9d068c859bc8-FRA
expires: Mon, 11 Jul 2022 10:52:56 GMT

GET
H2 200 c4096f4ae8d1d9483a11c231608fa66d.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 12 KB
12 KB 376ms
374ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/c4096f4ae8d1d9483a11c231608fa66d.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

d46b141505ab73ecec9d79295e8cdb2332944f50502144007e4a195b228427a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:14 GMT
server: nginx
etag: "62ca55d6-311c"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12572
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 9b01310e628dfab7bcd272fe4c568cd0.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 17 KB
18 KB 376ms
374ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/9b01310e628dfab7bcd272fe4c568cd0.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

63060f7715b504cc0d95a9bdc5598e4cf29927a259ad3e1f6ddb2463ea8fa2d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:14 GMT
server: nginx
etag: "62ca55d6-45c1"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 17857
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 6675001314ae36e6e1f18bd9c8e70744.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 15 KB
15 KB 376ms
374ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/6675001314ae36e6e1f18bd9c8e70744.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

8f50465e9570b638a1763935613b33cc543c25563e4199b8973bf69ed2cd18e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:14 GMT
server: nginx
etag: "62ca55d6-3ca1"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15521
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 bcaffd4830987bfb0722b410b27ddc87.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 15 KB
15 KB 377ms
374ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/bcaffd4830987bfb0722b410b27ddc87.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

544b35d43202d727d8a99c3f3d0e675cc534aacda03d8edd95fa7199c75e24d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:14 GMT
server: nginx
etag: "62ca55d6-3a78"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14968
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 87ab716b5b2a0e4d4583ae915832f2a9.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 11 KB
11 KB 377ms
374ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/87ab716b5b2a0e4d4583ae915832f2a9.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

c6986b3983434bd54c9a229705abbc137c607c1bf352bfe863a35d7dc8639920

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:14 GMT
server: nginx
etag: "62ca55d6-2ac1"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10945
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 1a807e840e552c8ce3a3ffb895c0bc61.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 12 KB
12 KB 377ms
375ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/1a807e840e552c8ce3a3ffb895c0bc61.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

4c181b1c63b5faa7f3eac7837e9bdae4042b681f2eae56f38c704f257e87ffcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:13 GMT
server: nginx
etag: "62ca55d5-2eb2"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11954
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 ffa014687e2c9a6c7d9dfa77a10171f7.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 11 KB
11 KB 377ms
375ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/ffa014687e2c9a6c7d9dfa77a10171f7.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

acc7ca3596dd546e1b6e146afe5ceb58525adbb7a51e0ae7e71c9f7ce7c3c6bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:13 GMT
server: nginx
etag: "62ca55d5-2abd"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10941
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 c4121759dc2447c9128ac43fc6c9c5cc.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 13 KB
13 KB 377ms
375ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/c4121759dc2447c9128ac43fc6c9c5cc.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

77d41f75f9667370277b6f3e3266f4abea6d5ed7966e06f65e3fad511477b953

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:13 GMT
server: nginx
etag: "62ca55d5-3232"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12850
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 08cfdbe19e035d19e95c4d42afe592a4.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 9 KB
10 KB 378ms
375ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/08cfdbe19e035d19e95c4d42afe592a4.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

d25d6737172533d10e54109bf263732076933e2e73c007717f405bbe8f6d0d86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:13 GMT
server: nginx
etag: "62ca55d5-25b5"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9653
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 f04fee3eec9e73242a2fe1a080c5532b.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame DF29 10 KB
11 KB 378ms
376ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/f04fee3eec9e73242a2fe1a080c5532b.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

e40d9b49cb8659d53e49ec5115e0333b305e8d819ca6e0b2eb9b38482d4f86cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:13 GMT
server: nginx
etag: "62ca55d5-2948"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10568
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H3 200 254.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame DF29 1002 B
928 B 68ms
27ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/254.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4213ff4a5fe5cdf48179cc698ba23d974c451ebd7dd93448b49930c281ebfbd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10991
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 18:27:45 GMT
server: cloudflare
etag: W/"62868c21-3ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FtRw23FtoLNcvZedjxpZxbhnLJ4O0tJs2y194yJtNdJG%2Fok9lgAnVtFoU8YNKm60xWTMIIshjLDsPaxbHypNN5%2BkXOCmexK3%2FuIGuvU6PJ0qekqyQzwTjMx18VlAwpWbhqBMqE7Sb9Ozdb6CiGgNvcYU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 728d9d068c869bc8-FRA
expires: Mon, 11 Jul 2022 09:59:12 GMT

GET
H2 200 51c4873e0809d56be0fce8d3f67c389a.jpg
www.gg123456789gg.com//upload/vod/20220531-1/ Frame DF29 12 KB
13 KB 378ms
376ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220531-1/51c4873e0809d56be0fce8d3f67c389a.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

385ace7701f1372da6741105a4657a1c7987ce3a5a699f472dc86b5dcc0dcd03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Mon, 30 May 2022 22:30:19 GMT
server: nginx
etag: "6295457b-3154"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12628
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 d7aae5cd95abf917a164034caf87219d.jpg
www.gg123456789gg.com//upload/vod/20220531-1/ Frame DF29 14 KB
14 KB 378ms
376ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220531-1/d7aae5cd95abf917a164034caf87219d.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

b016d08b5926768cbb1dd91adc16a0f0302bd1d3b1fcbfbe4dd30f66cfe0a9eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Mon, 30 May 2022 22:30:19 GMT
server: nginx
etag: "6295457b-3741"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14145
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 bbedf0d044382a6f05172a4e45bc5752.jpg
www.gg123456789gg.com//upload/vod/20220531-1/ Frame DF29 15 KB
15 KB 378ms
376ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220531-1/bbedf0d044382a6f05172a4e45bc5752.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

4638e1b3d37bcc0f7541ffd91879dc9f6bd069cdd76675562b6038a020925af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Mon, 30 May 2022 22:30:20 GMT
server: nginx
etag: "6295457c-3bfd"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15357
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 25b53882b68945b6ea9430cd4295982c.jpg
www.gg123456789gg.com//upload/vod/20220516-1/ Frame DF29 32 KB
32 KB 378ms
376ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220516-1/25b53882b68945b6ea9430cd4295982c.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

a9189a3a524e8d0369e25ee5fe11e37f9730f4bf1860f33d082959ebece8a9aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Mon, 16 May 2022 04:30:15 GMT
server: nginx
etag: "6281d357-800a"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 32778
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 775ea27fcc79d57b47c0daa2231eeddf.jpg
www.gg123456789gg.com//upload/vod/20220516-1/ Frame DF29 33 KB
33 KB 379ms
377ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220516-1/775ea27fcc79d57b47c0daa2231eeddf.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

e7388077486f760cc4b1ac6a8d84e7ba716cc74ffccd8b58bdce081a11994348

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Mon, 16 May 2022 04:30:15 GMT
server: nginx
etag: "6281d357-8362"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 33634
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 2c88d74092f9c5084b88232d74335828.jpg
www.gg123456789gg.com//upload/vod/20220516-1/ Frame DF29 23 KB
23 KB 379ms
377ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220516-1/2c88d74092f9c5084b88232d74335828.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

95add14ccb4e022cf7194a6b5da42ab3e38bf171796f45a6d68733c6465dece9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Mon, 16 May 2022 04:30:15 GMT
server: nginx
etag: "6281d357-5ba6"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 23462
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 3e6a21934a0acf4dc40c6faaa80e31e4.jpg
www.gg123456789gg.com//upload/vod/20220515-1/ Frame DF29 12 KB
12 KB 379ms
377ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220515-1/3e6a21934a0acf4dc40c6faaa80e31e4.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

d653222e02b0dfb70d11368109bcb69e8d2a1ec0c0d7831d947375b772df96c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 15 May 2022 04:30:18 GMT
server: nginx
etag: "628081da-3041"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12353
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 b4849c7ed812f3e4b1e6d9ca08467f8c.jpg
www.gg123456789gg.com//upload/vod/20220515-1/ Frame DF29 18 KB
18 KB 379ms
377ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220515-1/b4849c7ed812f3e4b1e6d9ca08467f8c.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

35742e874e60b23deec883cd5179e7c350f334fde1f07e5f9f2c1a1a7f2f18f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 15 May 2022 04:30:18 GMT
server: nginx
etag: "628081da-46c7"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18119
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 10d13a7170bdc910487afba5201cbbb3.jpg
www.gg123456789gg.com//upload/vod/20220515-1/ Frame DF29 75 KB
75 KB 379ms
377ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220515-1/10d13a7170bdc910487afba5201cbbb3.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

c10afccbf2eb99bc0f8f0b121ceaa6393f99ee707ec81d7b00d7ff7cb499c0c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 15 May 2022 04:30:19 GMT
server: nginx
etag: "628081db-12a73"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76403
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 55f2e1214732097f562ed85779e1649b.jpg
www.gg123456789gg.com//upload/vod/20220514-1/ Frame DF29 48 KB
48 KB 380ms
378ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220514-1/55f2e1214732097f562ed85779e1649b.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

0810bd77e5c0bcf107ff7db6b55a3b9f9aabbf5282bbf61343ba4ee6e040bb65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sat, 14 May 2022 04:30:23 GMT
server: nginx
etag: "627f305f-be75"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 48757
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H3 200 wz.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame DF29 415 B
836 B 68ms
27ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/wz.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc31830acac16cfe638e8304441ddf913c9650833babb08249d3500b6609fe1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7791
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 18:27:45 GMT
server: cloudflare
etag: W/"62868c21-19f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OAiwA5qfNutmFQigSShiOUwCM9nP51SmlYProyCUMrgfGavfCCmPSYlD6jBYzLUVyeQUgWsGnyPNq5bIEWjaJCstISHftuHpGlOKUh7R25qM3XCuoJE7o7T1tmwRRz%2FYZzWU0odWv4ei%2B%2FiwPfstujmn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 728d9d068c879bc8-FRA
expires: Mon, 11 Jul 2022 10:52:32 GMT

GET
H3 200 wz1.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame DF29 433 B
857 B 72ms
30ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/wz1.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70ffd71215ec938af9e1002b6bc6384bee7b19258ff5363f783fd516c6a1e3b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7767
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 18:27:45 GMT
server: cloudflare
etag: W/"62868c21-1b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVF0wUlg7xWkmvB1PX0t1aP1dYd%2Fd83DGC1OGwXPUa%2F7eUezDfw2WT%2F3qwzJXKZMuvWJrrnysSBGJCMFu0AqZ%2F22572ycFDwKikPJYa6LyCrhFuoR9Ln1J9imAoupyADaX1grYgF5P54G6XlN08nmbW7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 728d9d068c889bc8-FRA
expires: Mon, 11 Jul 2022 10:52:56 GMT

GET
H3 200 zylm.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame DF29 951 B
893 B 87ms
46ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/zylm.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5565f81db170d81799ef3af49c3de085a90ea310c3854387330f78dc25585f81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7791
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 15 Jun 2022 05:41:50 GMT
server: cloudflare
etag: W/"62a9711e-3b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1zLkSHrq4%2Fs%2FXldDdpK4d4m7UJiLqfEpolxmkmE0iILCxGyxZfTT0foE8cd0qxXCH5XoIL3owYMxKeXVBFjyjprwIqc0e6eSwWv8hIeB9P5FyEHrM6ElNYTCPqy4QoJ5U69F4rEglkSxGb%2BNlHYQpt9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 728d9d068c899bc8-FRA
expires: Mon, 11 Jul 2022 10:52:32 GMT

GET
H3 200 xx3.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame DF29 2 KB
1 KB 69ms
28ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 230a01af63bbad4a2c1f60b5f1a0336027feb4395cd127ab5a3b83fc38c1fa59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7398
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 10 Jul 2022 06:19:30 GMT
server: cloudflare
etag: W/"62ca6f72-945"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0h7j6nyV7UN0MybdqS5KuPiRqckVSTvxFOiWX1lgPOyvZzXd4F6ohbQANCsOzwhjQQfb1gkPPChk2aPvKHbPGa49W%2BEvTE0BlEEqgWjyalx6iC%2F2sj8QKYOgxuGncCRFHV%2B%2Bl7Ok1%2F4d9GWkDlpe6SB0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 728d9d068c8a9bc8-FRA
expires: Mon, 11 Jul 2022 10:59:05 GMT

GET
H3 200 foot.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame DF29 1 KB
1 KB 69ms
28ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/foot.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02ffc05b43e07d8552bbfda7a37a41f98c09756bf98a1a179df2192ef0b2a71b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11626
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Mar 2022 07:12:40 GMT
server: cloudflare
etag: W/"623976e8-445"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1AM2E9VnPPbXu9eLMwPs3UNOO3OPeuJ2kyMjNde5%2Fa5mTyGVq%2FagnlEj9jOVXmMGUdl%2Bd%2FJhcciYv0CZfUNTDJA2jTpI%2BBec9wNgiB9nOTlFBRQOanDHGgmr0UeubIM6cF86cr1SvwF56k0fhdZWqMf3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 728d9d068c839bc8-FRA
expires: Mon, 11 Jul 2022 09:48:37 GMT

GET
H/1.1 200
OK 21278765.js Show response
js.users.51.la/ Frame DF29 5 KB
3 KB 248ms
239ms Script
application/javascript 112.90.153.42
UNICOM-FUOSHAN-ID...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/21278765.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 112.90.153.42 , China, ASN136959 (UNICOM-FUOSHAN-IDC China Unicom Guangdong IP network, CN),
Reverse DNS
Software: openresty /
Resource Hash: 6223ea653b3ccdc2d5f9567a16a7225332905919ea00edde3fecc09aa0ba5461

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 01:02:23 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=360000
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 ate.css
klx42.zhgm8jglhk.com/template/m1938pc/css/ Frame CD3C 74 KB
5 KB 38ms
23ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klx42.zhgm8jglhk.com/template/m1938pc/css/ate.css
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3815
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 19 Dec 2021 02:38:44 GMT
server: cloudflare
etag: W/"61be9b34-126e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FI5MEH9CRAM8PMpp8LdCUlCxiukW5TJ%2FnJgzpadyryz1W3%2BlMNj7jzgqfSLbkJhbhCKaeV85LadwAwzNKDKzkBO5Z77SiJ08QKE6XxLolK%2FWCoiBpBzSLcuEoMZcmo4KXATHYxMhvgBmKmltMDgS8fCcgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 728d9d05a80b90e8-FRA
expires: Mon, 11 Jul 2022 11:58:48 GMT

GET
H2 200 zui.css
klx42.zhgm8jglhk.com/template/m1938pc/css/ Frame CD3C 84 KB
16 KB 40ms
26ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klx42.zhgm8jglhk.com/template/m1938pc/css/zui.css
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b9fe18cd6b61db8204b6200d359f5aaaba482641a9e0e787cbe8e04c59f585a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3565
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 26 Mar 2022 14:12:08 GMT
server: cloudflare
etag: W/"623f1f38-14f3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YkzfScb6OptsLvX17U9SXOcjVfEHTfk2hknKfydQaZy8yp9rEoUi5S0JzcuWuM%2BKUgCU385NKYdPKm3RnBNWVJBv0itKHu7kMcx5LXCfamRP0ngiU%2BU0dmsepnEVL02rPV%2Bhs3u0REDOpSY%2FOtjtCWis1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 728d9d05a80c90e8-FRA
expires: Mon, 11 Jul 2022 12:02:58 GMT

GET
H2 200 xx1.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame CD3C 3 KB
1 KB 108ms
26ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9919c48077207bb93df2ae5c47dadfe3d3db323d46702aa62ebcc093c93153bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7768
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 10 Jul 2022 06:19:19 GMT
server: cloudflare
etag: W/"62ca6f67-bfd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TbbOWNAUPgGQTFCMz4cNug3LnI9mYGxPLQzn0%2B7%2FtVqnXdkrY5TwRN%2FzGKCrSaje3L7NDvr8WA5a%2FSV2g%2BHdVJgDAzNvtrfbt50BfR41V3FDHDpimScpNTfT5jzIKamRwpGtLvtbuDainuY5Y4WpkeY3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 728d9d061a789259-FRA
expires: Mon, 11 Jul 2022 10:52:55 GMT

GET
H2 200 dh1.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame CD3C 2 KB
701 B 122ms
40ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/dh1.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb51712a1fc7b56a44972da5b4dabf950d9bdeee00f4f8b3d3be00939928907b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5645
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 18 Jun 2022 09:31:58 GMT
server: cloudflare
etag: W/"62ad9b8e-970"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZaIrqjs%2B%2FkwcgUw96XpSHUyCxvlfB%2BYFP%2FMucTQQpIj839Y%2BYiBPLB3SXPq1AsCI2FkCQJeURPrDp32616aoUpEVHYHdcYrvKe6hWQmlmPe7N90tIMNFm3cxrARySyqpEQoGKQW3w2YJgbtD2n3HdYwJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 728d9d062a8d9259-FRA
expires: Mon, 11 Jul 2022 11:28:18 GMT

GET
H2 200 dh.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame CD3C 11 KB
1 KB 121ms
39ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/dh.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9575baec4ff44eb2a9700beb0313456e2bd99d32dde705007eb8837d548917cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7488
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 06 Jul 2022 10:47:12 GMT
server: cloudflare
etag: W/"62c56830-2b77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rIMDIJJX%2BXbwZ5bOw7I3YXBBNaWk%2FoEHnGheys2WQ%2BR9TscfjteI7RZQ02%2FRoxZuvptn56NRxX2s%2Fds3suvZyOtY%2BAo27RK2bSUXRSe%2F7oJgVUGD9MIfUUIMHhMHtJH5Y%2BUYLOCuGZtrB7i1x%2FIqnzju"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 728d9d062a8c9259-FRA
expires: Mon, 11 Jul 2022 10:57:35 GMT

GET
H2 200 xx2.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame CD3C 2 KB
845 B 120ms
38ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 230a01af63bbad4a2c1f60b5f1a0336027feb4395cd127ab5a3b83fc38c1fa59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5644
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 10 Jul 2022 06:19:25 GMT
server: cloudflare
etag: W/"62ca6f6d-945"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8G6KUeM8G%2BUyWhvBbO34iv7Cu61adQNPF%2FBOcB8Jv0xphW6n7etA78%2FhOAIABxcc2R6fWXkl3ltG1Zj1yhMtAKT47VvTPn3TVkh13A4uxGgrzK8ZV2XRRb7RQG%2FwHl8j345jYjrvv%2B18DA5n5EzbLMX%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 728d9d062a8b9259-FRA
expires: Mon, 11 Jul 2022 11:28:18 GMT

GET
H2 200 xtb.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame CD3C 6 KB
1 KB 120ms
39ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xtb.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81e297c65d0e9f0ac54f129f69040e74c7c29c5b515f07377d77b61ea0e26e04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4839
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 06 Jul 2022 10:47:12 GMT
server: cloudflare
etag: W/"62c56830-1628"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Huc7p1H92ANMpEhpX9MyRNVORwg%2BIuU7Mt4PsiNDd0k6gPjukdt%2BS7berncoEA%2F2prdFkGw1sVGXaeq1slJHRraworbff6%2BScXDtp9KHni7a%2BYwXzHsgztIsK8rtbUtLCM2itjFnDra29%2BM66kdEhDcF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 728d9d062a889259-FRA
expires: Mon, 11 Jul 2022 11:41:44 GMT

GET
H2 200 250.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame CD3C 1 KB
961 B 105ms
24ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/250.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 382be919c25db8460cb8d031daf012683c1f318026787081de572170e6be003b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5644
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 06 Jul 2022 10:47:12 GMT
server: cloudflare
etag: W/"62c56830-425"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bj6Qfj7EtaBNrjsEn8JOoVA1q%2Bge7WzecSEmcA%2FX5Ern8kx8yjN7srXYRGFxT%2BGh8TeOl1hs84gMO0KS32yHrfS7n8X%2BdsnTFjd%2BZ5Nfpn1TIeSRWtqcA7SWy3%2Fq47LBqqKuIkpMWiDUZe4Ei55Fzr8B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 728d9d061a779259-FRA
expires: Mon, 11 Jul 2022 11:28:19 GMT

GET
H2 200 f3b3483baf724d42682f4838b5f5b5c6.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 10 KB
10 KB 1628ms
498ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/f3b3483baf724d42682f4838b5f5b5c6.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

12848eca8a8b499eff31128b20e1a760268b7891370f8f6b9accb56f9eff7c73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:06 GMT
server: nginx
etag: "62ca55ce-288b"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10379
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 eeafcab579d5ef795a8ff3eaaf2f28a1.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 9 KB
9 KB 1627ms
497ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/eeafcab579d5ef795a8ff3eaaf2f28a1.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

f5b3eb5923f88e39672d3be70f839230bbcdd1fbaa78b6a16b07d3dd43e7b2b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:06 GMT
server: nginx
etag: "62ca55ce-23be"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9150
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 17c82e72490fe25e24b49395686ead64.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 11 KB
11 KB 1625ms
496ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/17c82e72490fe25e24b49395686ead64.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

432d04d1f6e16570ce4f6127583834645c382c3e270b021d1576e8e713065ae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:06 GMT
server: nginx
etag: "62ca55ce-2b16"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11030
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 02e58fda7dfae5b7b54aba7e5c6886db.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 12 KB
12 KB 1624ms
496ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/02e58fda7dfae5b7b54aba7e5c6886db.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

e370c8d760ffe4dab5abc27ef3df543f0367e9caf9d636fe749778d9f9edb4e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:06 GMT
server: nginx
etag: "62ca55ce-2ead"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11949
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 5cfb2b72ea3af757242e98f3b24da38a.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 14 KB
14 KB 1460ms
331ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/5cfb2b72ea3af757242e98f3b24da38a.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

06a80d5dbb5d46db0047e23fa95032229a4a0bb3a548dbc1edaa4866bba22776

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:05 GMT
server: nginx
etag: "62ca55cd-366d"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13933
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 35f8b9f82638709f72b0e77a3db35d6d.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 23 KB
24 KB 1625ms
497ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/35f8b9f82638709f72b0e77a3db35d6d.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

e009fc04603e4ebdddd92a14479b41d96feec3e0fd7bb253f8c0514544f707fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Sun, 10 Jul 2022 04:30:05 GMT
server: nginx
etag: "62ca55cd-5dec"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 24044
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 98359bd8b97b19f8aef8d7dfc008358f.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 18 KB
18 KB 455ms
449ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/98359bd8b97b19f8aef8d7dfc008358f.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

82849ce6266621aedf79cf0f6aa7830c19b2f0143e8bc50d2336e1057bd438b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:05 GMT
server: nginx
etag: "62ca55cd-46f4"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18164
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 0b49fd2c9e8919d24095f9ae6654b75b.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 18 KB
18 KB 455ms
450ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/0b49fd2c9e8919d24095f9ae6654b75b.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

9f300557e18d586adc4f8f2ea5de5f2466df7797f5d00f810895809cde0b057c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:05 GMT
server: nginx
etag: "62ca55cd-473d"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18237
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 f4d1b5b438e75281f774ab93349009a3.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 12 KB
12 KB 455ms
450ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/f4d1b5b438e75281f774ab93349009a3.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

8735db91b8bb4f3d9b2b66bd6d0fa23d6edbf040c0a6681de0f2c99e9d4e96ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:04 GMT
server: nginx
etag: "62ca55cc-301b"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12315
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 bb44d753e51dce17b25c5d89d9f6868f.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 6 KB
7 KB 455ms
450ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/bb44d753e51dce17b25c5d89d9f6868f.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

ac0e9defaa47d1cfb006b2c9adc432657a78508733d0b87620af0cb24f103c80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:04 GMT
server: nginx
etag: "62ca55cc-1964"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6500
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H3 200 251.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame CD3C 1 KB
981 B 67ms
26ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/251.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cc273eaaec28a73c3d3adc6a8a0e8b92ea623cb0fa1eb9027a3dbc7a25a86be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7767
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 18 Jun 2022 09:31:58 GMT
server: cloudflare
etag: W/"62ad9b8e-40f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RmoUBjszpmHaEyBccA7PjXxcDkN2JhALaztFC1DFFKxl5HFe%2FYMxEJKezKTb6AiXkvpJ1ycjzv7c6E7SfdDoRtBiI4B1zN1r%2Bc%2B%2BQwpR1TFII%2FcN%2B393VR%2BKa2WV%2FbRbEehiNIotMwe4fBF2pHMrPsjJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 728d9d068c819bc8-FRA
expires: Mon, 11 Jul 2022 10:52:56 GMT

GET
H2 200 5650e8e8e9381e8f2fa387057b716661.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 15 KB
15 KB 455ms
450ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/5650e8e8e9381e8f2fa387057b716661.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

3ac3aad5ec7f8c52e9dea11498d74555fa160c761cd1a6d0483ebbec531e3bf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:11 GMT
server: nginx
etag: "62ca55d3-3afe"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15102
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 b0c59dad22d4f8625765e226e27121cd.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 11 KB
11 KB 455ms
450ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/b0c59dad22d4f8625765e226e27121cd.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

fe496755c594831ed259ad475844bd43cd64da748b551ca16b7cb2cfed2f73a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:11 GMT
server: nginx
etag: "62ca55d3-2bf5"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11253
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 bfcd179c56ea2205b1c650968af8a820.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 8 KB
8 KB 455ms
450ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/bfcd179c56ea2205b1c650968af8a820.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

800fc876f0c4117de57ac691f2b558740eeed29b6b1522721b20d3601d16cbdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:10 GMT
server: nginx
etag: "62ca55d2-20bb"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8379
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 af6c136461076bfd12e4793d4ba029d9.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 10 KB
10 KB 456ms
451ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/af6c136461076bfd12e4793d4ba029d9.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

b152cdbaa6d52c9dad37398233d5e3402b6b6572d9874341a80301da77bef65a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:10 GMT
server: nginx
etag: "62ca55d2-27a3"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10147
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 6eb3a7475eb61c48208a1f87eff1cc8e.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 12 KB
12 KB 456ms
451ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/6eb3a7475eb61c48208a1f87eff1cc8e.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

84b8e5e32e37501371faef98a425ebdbfb520288241e025736d3cb34aa1d6618

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:10 GMT
server: nginx
etag: "62ca55d2-3056"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12374
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 24c79f6406b8ef4a3e876163b9f1793d.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 11 KB
11 KB 456ms
451ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/24c79f6406b8ef4a3e876163b9f1793d.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

a51cc577da532ea4bd7809b31ee22a0085f713040b9b6539d606b4966d70ed05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:10 GMT
server: nginx
etag: "62ca55d2-2c5e"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11358
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 44862abc68e40a61bc9b5e644de99727.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 21 KB
21 KB 456ms
451ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/44862abc68e40a61bc9b5e644de99727.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

320e3871cd42eb21886cfc4069ea895cf691be0413263a046f1b12a75646f095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:10 GMT
server: nginx
etag: "62ca55d2-543d"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 21565
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 c145ef46837cfb9319ab01ee9af9ed7a.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 17 KB
17 KB 456ms
451ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/c145ef46837cfb9319ab01ee9af9ed7a.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

af83a1651a8c45650c53a7ea66b625afdea60ed1a3e67f5a2d7d51a562e7ed81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:09 GMT
server: nginx
etag: "62ca55d1-4254"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 16980
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 d8fc3566baed44683e9675e49cb483fa.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 11 KB
12 KB 456ms
451ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/d8fc3566baed44683e9675e49cb483fa.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

d49aaed32d580ad12a688f0d79a39e047335ea715677181851622ef6335a78c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:09 GMT
server: nginx
etag: "62ca55d1-2d60"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11616
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 449cc19519626c9bd3274f4a5c4768e1.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 8 KB
9 KB 457ms
452ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/449cc19519626c9bd3274f4a5c4768e1.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

0deceb48aff8e713f2eacfef80b4197b2be117a4ef3053429d3b5fe64a63b207

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:09 GMT
server: nginx
etag: "62ca55d1-216d"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8557
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H3 200 252.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame CD3C 1 KB
939 B 70ms
29ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/252.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58cbcba238140b4366da7b34c8fa11a5547c2f6ffa8a07c1106186bd119034df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7767
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 18 Jun 2022 09:31:58 GMT
server: cloudflare
etag: W/"62ad9b8e-40f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OvFbCDhe9T3omdBOeXpSceJg4Ltu%2BubnXottoCSciMZcbnRT8qE76nAbgKUfgCb3w1PKP313N%2BIGPFj04Cap2CitOYNIJTSuCgZBDx0l%2FWd%2BgjWckZ5qVsUQ93d3Syfgk9D4Cldkmi8TTAuJ1gjFIZ8m"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 728d9d068c829bc8-FRA
expires: Mon, 11 Jul 2022 10:52:56 GMT

GET
H2 200 7ac0cec07b76ff3b0850c4cea9c6a4b7.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 11 KB
11 KB 457ms
452ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/7ac0cec07b76ff3b0850c4cea9c6a4b7.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

1bbafb81b6ec00be79d17979ed4fce95ec049306c3836feaf66e552b4fcf595e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:24 GMT
server: nginx
etag: "62ca55e0-2bcd"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11213
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 d0c8206db19e6435222e5b22cdfe3415.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 11 KB
11 KB 457ms
452ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/d0c8206db19e6435222e5b22cdfe3415.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

824074f3bcb68d4f3139841bb3d04621e4fd4e153d86b839cc531f11d9321d26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:24 GMT
server: nginx
etag: "62ca55e0-2bd3"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11219
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 b841fec565042539e014dd6170dc12f4.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 12 KB
12 KB 457ms
452ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/b841fec565042539e014dd6170dc12f4.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

99d7d5953a3e93a0617381d8de374c3df78a7ab74e2b72f833f1b69ce08c0419

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:24 GMT
server: nginx
etag: "62ca55e0-30f9"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12537
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 5d969b45b2ed4ff2e4f57d1891343718.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 11 KB
11 KB 457ms
452ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/5d969b45b2ed4ff2e4f57d1891343718.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

e75726247b62381768e281afd8c815b43910dbc2bcf1f9702a552230fc4c9fac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:23 GMT
server: nginx
etag: "62ca55df-2af5"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10997
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 8642a2df64c98946c5684ad786e80765.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 11 KB
12 KB 500ms
495ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/8642a2df64c98946c5684ad786e80765.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

faffda3fa955b4e738adf6934c888fdcec87880a26857877aa3c8aeaf6b7c8a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:23 GMT
server: nginx
etag: "62ca55df-2db6"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11702
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 98dfd320b9a2699dd5cbceb00252504f.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 10 KB
10 KB 500ms
496ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/98dfd320b9a2699dd5cbceb00252504f.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e10fee6bf229960fe624dc46cdb5be700406911a31864bfb830b904bc0c736

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:23 GMT
server: nginx
etag: "62ca55df-26c4"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9924
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 66f345350bc84c92864d4df040bc3dc5.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 8 KB
8 KB 501ms
496ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/66f345350bc84c92864d4df040bc3dc5.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

35660a4103d23c526fd8b7c7ba1618368fb4f69c10039b515c4f4d3b6ff752d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:23 GMT
server: nginx
etag: "62ca55df-1e4d"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7757
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 a03b9d1a1dec74a1693afe1c19cbc9ef.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 12 KB
12 KB 501ms
496ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/a03b9d1a1dec74a1693afe1c19cbc9ef.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

d17972380b648eb2282b833ec849ca46ffb85d715b7f87e56e41cb991bacd9c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:22 GMT
server: nginx
etag: "62ca55de-310d"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12557
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 40944deef329e29f86a5a54fd33b92ba.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 9 KB
9 KB 501ms
496ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/40944deef329e29f86a5a54fd33b92ba.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

052407f8e59e225e051cd57823f3d81f3baea0fcc826814e3e865ae380124f7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:22 GMT
server: nginx
etag: "62ca55de-24a4"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9380
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 63b6fe0d73f68b5fbb45d192cedfe3f1.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 16 KB
16 KB 501ms
496ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/63b6fe0d73f68b5fbb45d192cedfe3f1.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

00a9acf2656bd5e695da4599930e72a98b74b00c7b944019135561fce8df64e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:22 GMT
server: nginx
etag: "62ca55de-3f37"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 16183
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H3 200 253.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame CD3C 1001 B
930 B 89ms
47ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/253.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19f9436703c1b5b718781093004ea368249bf0a0074d2b6516adc5765131a408

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7766
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 18:27:45 GMT
server: cloudflare
etag: W/"62868c21-3e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sw%2B4SByNAPrenL2JzAy6YC2mTq9jYGQl0CVP5%2FOrmuo%2FsNB%2BhpD8OrS0S7%2Fcz8TZdz7mKFY1IbtcCAC2GGfJr4ZEFD3FpW34uxAdkkqibg6cJSBVraovTkIu%2F171sw5YzHBT3k1rvBDSoIkHiEyLO%2Bpb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 728d9d068c939bc8-FRA
expires: Mon, 11 Jul 2022 10:52:56 GMT

GET
H2 200 c4096f4ae8d1d9483a11c231608fa66d.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 12 KB
12 KB 501ms
497ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/c4096f4ae8d1d9483a11c231608fa66d.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

d46b141505ab73ecec9d79295e8cdb2332944f50502144007e4a195b228427a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:14 GMT
server: nginx
etag: "62ca55d6-311c"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12572
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 9b01310e628dfab7bcd272fe4c568cd0.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 17 KB
18 KB 501ms
497ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/9b01310e628dfab7bcd272fe4c568cd0.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

63060f7715b504cc0d95a9bdc5598e4cf29927a259ad3e1f6ddb2463ea8fa2d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:14 GMT
server: nginx
etag: "62ca55d6-45c1"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 17857
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 6675001314ae36e6e1f18bd9c8e70744.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 15 KB
15 KB 501ms
497ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/6675001314ae36e6e1f18bd9c8e70744.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

8f50465e9570b638a1763935613b33cc543c25563e4199b8973bf69ed2cd18e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:14 GMT
server: nginx
etag: "62ca55d6-3ca1"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15521
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 bcaffd4830987bfb0722b410b27ddc87.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 15 KB
15 KB 501ms
497ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/bcaffd4830987bfb0722b410b27ddc87.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

544b35d43202d727d8a99c3f3d0e675cc534aacda03d8edd95fa7199c75e24d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:14 GMT
server: nginx
etag: "62ca55d6-3a78"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14968
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 87ab716b5b2a0e4d4583ae915832f2a9.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 11 KB
11 KB 502ms
497ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/87ab716b5b2a0e4d4583ae915832f2a9.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

c6986b3983434bd54c9a229705abbc137c607c1bf352bfe863a35d7dc8639920

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:14 GMT
server: nginx
etag: "62ca55d6-2ac1"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10945
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 1a807e840e552c8ce3a3ffb895c0bc61.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 12 KB
12 KB 502ms
497ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/1a807e840e552c8ce3a3ffb895c0bc61.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

4c181b1c63b5faa7f3eac7837e9bdae4042b681f2eae56f38c704f257e87ffcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:13 GMT
server: nginx
etag: "62ca55d5-2eb2"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11954
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 ffa014687e2c9a6c7d9dfa77a10171f7.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 11 KB
11 KB 502ms
498ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/ffa014687e2c9a6c7d9dfa77a10171f7.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

acc7ca3596dd546e1b6e146afe5ceb58525adbb7a51e0ae7e71c9f7ce7c3c6bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:13 GMT
server: nginx
etag: "62ca55d5-2abd"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10941
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 c4121759dc2447c9128ac43fc6c9c5cc.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 13 KB
13 KB 502ms
498ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/c4121759dc2447c9128ac43fc6c9c5cc.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

77d41f75f9667370277b6f3e3266f4abea6d5ed7966e06f65e3fad511477b953

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:13 GMT
server: nginx
etag: "62ca55d5-3232"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12850
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 08cfdbe19e035d19e95c4d42afe592a4.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 9 KB
10 KB 502ms
498ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/08cfdbe19e035d19e95c4d42afe592a4.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

d25d6737172533d10e54109bf263732076933e2e73c007717f405bbe8f6d0d86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:13 GMT
server: nginx
etag: "62ca55d5-25b5"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9653
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 f04fee3eec9e73242a2fe1a080c5532b.jpg
www.gg123456789gg.com//upload/vod/20220710-1/ Frame CD3C 10 KB
11 KB 502ms
498ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220710-1/f04fee3eec9e73242a2fe1a080c5532b.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

e40d9b49cb8659d53e49ec5115e0333b305e8d819ca6e0b2eb9b38482d4f86cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 10 Jul 2022 04:30:13 GMT
server: nginx
etag: "62ca55d5-2948"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10568
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H3 200 254.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame CD3C 1002 B
932 B 89ms
47ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/254.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4213ff4a5fe5cdf48179cc698ba23d974c451ebd7dd93448b49930c281ebfbd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10991
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 18:27:45 GMT
server: cloudflare
etag: W/"62868c21-3ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XwFNSxQrOvbJaF%2FsMvUUgE000WbvbkMb5fiy4Ky5RSlvLgWgYvxO2UvrdKvjL5AOAnxxP8%2FIZk72vxRlzFB0LuFgMOjBQu45M%2FWd3xNpoIrf9Wlz%2BXrOOe61CzWPz5bpwErm3dIBqPJieNfI6b%2BSfL1u"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 728d9d068c949bc8-FRA
expires: Mon, 11 Jul 2022 09:59:12 GMT

GET
H2 200 51c4873e0809d56be0fce8d3f67c389a.jpg
www.gg123456789gg.com//upload/vod/20220531-1/ Frame CD3C 12 KB
13 KB 502ms
498ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220531-1/51c4873e0809d56be0fce8d3f67c389a.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

385ace7701f1372da6741105a4657a1c7987ce3a5a699f472dc86b5dcc0dcd03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Mon, 30 May 2022 22:30:19 GMT
server: nginx
etag: "6295457b-3154"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12628
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 d7aae5cd95abf917a164034caf87219d.jpg
www.gg123456789gg.com//upload/vod/20220531-1/ Frame CD3C 14 KB
14 KB 502ms
498ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220531-1/d7aae5cd95abf917a164034caf87219d.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

b016d08b5926768cbb1dd91adc16a0f0302bd1d3b1fcbfbe4dd30f66cfe0a9eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Mon, 30 May 2022 22:30:19 GMT
server: nginx
etag: "6295457b-3741"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14145
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 bbedf0d044382a6f05172a4e45bc5752.jpg
www.gg123456789gg.com//upload/vod/20220531-1/ Frame CD3C 15 KB
15 KB 503ms
499ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220531-1/bbedf0d044382a6f05172a4e45bc5752.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

4638e1b3d37bcc0f7541ffd91879dc9f6bd069cdd76675562b6038a020925af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Mon, 30 May 2022 22:30:20 GMT
server: nginx
etag: "6295457c-3bfd"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15357
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 25b53882b68945b6ea9430cd4295982c.jpg
www.gg123456789gg.com//upload/vod/20220516-1/ Frame CD3C 32 KB
32 KB 503ms
499ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220516-1/25b53882b68945b6ea9430cd4295982c.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

a9189a3a524e8d0369e25ee5fe11e37f9730f4bf1860f33d082959ebece8a9aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Mon, 16 May 2022 04:30:15 GMT
server: nginx
etag: "6281d357-800a"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 32778
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 775ea27fcc79d57b47c0daa2231eeddf.jpg
www.gg123456789gg.com//upload/vod/20220516-1/ Frame CD3C 33 KB
33 KB 503ms
499ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220516-1/775ea27fcc79d57b47c0daa2231eeddf.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

e7388077486f760cc4b1ac6a8d84e7ba716cc74ffccd8b58bdce081a11994348

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Mon, 16 May 2022 04:30:15 GMT
server: nginx
etag: "6281d357-8362"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 33634
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 2c88d74092f9c5084b88232d74335828.jpg
www.gg123456789gg.com//upload/vod/20220516-1/ Frame CD3C 23 KB
23 KB 507ms
503ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220516-1/2c88d74092f9c5084b88232d74335828.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

95add14ccb4e022cf7194a6b5da42ab3e38bf171796f45a6d68733c6465dece9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Mon, 16 May 2022 04:30:15 GMT
server: nginx
etag: "6281d357-5ba6"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 23462
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 3e6a21934a0acf4dc40c6faaa80e31e4.jpg
www.gg123456789gg.com//upload/vod/20220515-1/ Frame CD3C 12 KB
12 KB 507ms
503ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220515-1/3e6a21934a0acf4dc40c6faaa80e31e4.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

d653222e02b0dfb70d11368109bcb69e8d2a1ec0c0d7831d947375b772df96c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 15 May 2022 04:30:18 GMT
server: nginx
etag: "628081da-3041"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12353
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 b4849c7ed812f3e4b1e6d9ca08467f8c.jpg
www.gg123456789gg.com//upload/vod/20220515-1/ Frame CD3C 18 KB
18 KB 507ms
503ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220515-1/b4849c7ed812f3e4b1e6d9ca08467f8c.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

35742e874e60b23deec883cd5179e7c350f334fde1f07e5f9f2c1a1a7f2f18f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 15 May 2022 04:30:18 GMT
server: nginx
etag: "628081da-46c7"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18119
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 10d13a7170bdc910487afba5201cbbb3.jpg
www.gg123456789gg.com//upload/vod/20220515-1/ Frame CD3C 75 KB
75 KB 508ms
504ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220515-1/10d13a7170bdc910487afba5201cbbb3.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

c10afccbf2eb99bc0f8f0b121ceaa6393f99ee707ec81d7b00d7ff7cb499c0c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sun, 15 May 2022 04:30:19 GMT
server: nginx
etag: "628081db-12a73"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76403
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 55f2e1214732097f562ed85779e1649b.jpg
www.gg123456789gg.com//upload/vod/20220514-1/ Frame CD3C 48 KB
48 KB 508ms
504ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220514-1/55f2e1214732097f562ed85779e1649b.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

0810bd77e5c0bcf107ff7db6b55a3b9f9aabbf5282bbf61343ba4ee6e040bb65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Sat, 14 May 2022 04:30:23 GMT
server: nginx
etag: "627f305f-be75"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 48757
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H3 200 wz.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame CD3C 415 B
832 B 89ms
47ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/wz.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc31830acac16cfe638e8304441ddf913c9650833babb08249d3500b6609fe1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7791
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 18:27:45 GMT
server: cloudflare
etag: W/"62868c21-19f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9xTer9ejkCUMPaqk8L128fAi0EgVjosSEanwGo6aVk3t8poqowZgYAXBvzlTiRS7uFsscKnrGxfTiBwQoFc483vsrxa5HHdVajDJRp7SwKJn4HNGljJBzqU0RbOMam2ASXK8TQtPRmP%2Bmwn0PchQG3gH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 728d9d068c959bc8-FRA
expires: Mon, 11 Jul 2022 10:52:32 GMT

GET
H3 200 wz1.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame CD3C 433 B
859 B 71ms
29ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/wz1.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70ffd71215ec938af9e1002b6bc6384bee7b19258ff5363f783fd516c6a1e3b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7767
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 18:27:45 GMT
server: cloudflare
etag: W/"62868c21-1b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xs6x4pSqxvNJMk1Xu64E9uFfySaYQKB4gaJ6UiILd5bGePLnf%2FnFxzlhGWp3gUbkOQ8JPC1XkOqnsG0SolKOTm%2BDAVbbv8tmznzD2OWFHSWoiSf%2FfWp5GKI8QebP%2BVBC8nbzx4CKCILmGIoUOrTyGrCO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 728d9d068c919bc8-FRA
expires: Mon, 11 Jul 2022 10:52:56 GMT

GET
H3 200 zylm.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame CD3C 951 B
894 B 88ms
46ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/zylm.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5565f81db170d81799ef3af49c3de085a90ea310c3854387330f78dc25585f81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7791
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 15 Jun 2022 05:41:50 GMT
server: cloudflare
etag: W/"62a9711e-3b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmr6SH8hziWXL0p23hA%2FxgziRKg276tOD4hAO9zjy7ZSyed4I9rU9hehN9X3RxkmE9R3yJLWPk3XFTmTs9uObRl%2FMuOP1gA3jXdw1BrVq3Xo%2ByPKSFZd%2FGuBoPCWNa5ex1GltK8iuvCKzTByb1DQh6oF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 728d9d068c929bc8-FRA
expires: Mon, 11 Jul 2022 10:52:32 GMT

GET
H3 200 xx3.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame CD3C 2 KB
1 KB 70ms
28ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 230a01af63bbad4a2c1f60b5f1a0336027feb4395cd127ab5a3b83fc38c1fa59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7398
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 10 Jul 2022 06:19:30 GMT
server: cloudflare
etag: W/"62ca6f72-945"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ur6fyQO4l3qcPrGXxQwmVmyGH5uzcuaZlXLLVsoG%2BdhbcSYlSjx3qdGbLPsaEUytLr3IKotH%2BV51UvAyr1QujBWvwwQOs2u8kDDM3S93HTWTAy7wcWY0YIOBA1Ur1%2BiW9OEtLMokIK66JWsOLcjxb8t2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 728d9d068c8c9bc8-FRA
expires: Mon, 11 Jul 2022 10:59:05 GMT

GET
H3 200 foot.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame CD3C 1 KB
1 KB 88ms
46ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/foot.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02ffc05b43e07d8552bbfda7a37a41f98c09756bf98a1a179df2192ef0b2a71b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11626
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Mar 2022 07:12:40 GMT
server: cloudflare
etag: W/"623976e8-445"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZTHqrdVYFctBayMpxfW9rt3GJAa5tV3gtEpc4yht0kOCh0stqgIqOGW5fYZCidVaQtvnKJauZUtD%2BaweIF2Du0aZ%2FuaU9C5NMI68irlj73Z7edYeqY8x8fVjLMQmi0%2BNsdLfO5zuoOGODlSmQwfZZWR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 728d9d068c8d9bc8-FRA
expires: Mon, 11 Jul 2022 09:48:37 GMT

GET
H/1.1 200
OK 21278765.js Show response
js.users.51.la/ Frame CD3C 5 KB
3 KB 266ms
256ms Script
application/javascript 112.90.153.42
UNICOM-FUOSHAN-ID...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/21278765.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 112.90.153.42 , China, ASN136959 (UNICOM-FUOSHAN-IDC China Unicom Guangdong IP network, CN),
Reverse DNS
Software: openresty /
Resource Hash: 6223ea653b3ccdc2d5f9567a16a7225332905919ea00edde3fecc09aa0ba5461

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 01:02:23 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=360000
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 75d4efb6638449ea9fffdc052aada918.gif
vecukb.com/ Frame CD3C 87 KB
87 KB 3556ms
459ms Image
image/gif 103.170.15.20
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vecukb.com/75d4efb6638449ea9fffdc052aada918.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.20 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: 51ddb10eda79f71da14cc3d379f7ecf743a102b01e32611cbb181d09b7d64998

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:29:02 GMT
last-modified: Sat, 09 Jul 2022 11:27:44 GMT
server: nginx
etag: "62c96630-15a52"
x-cache: HIT from yd11_02-cdn-g01-la2-10
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 88658

GET
H/1.1 200
OK b0fe210a8cec4dc898ee32a88f3ed602.gif
n0477.com/ Frame CD3C 280 KB
278 KB 1112ms
408ms Image
image/gif 20.239.77.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0477.com/b0fe210a8cec4dc898ee32a88f3ed602.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.239.77.42 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: f6e4778de943e27dc198c39f45c6e896803077f99c6f2e3a55e61177d8a3ed05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 01:02:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 09:29:26 GMT
Server: WAF/2.4-12.1
ETag: W/"62a1bd76-45f67"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 2a97558cb3ea4b6e8e016d5f897eb40b.gif
32653562.com/ Frame CD3C 205 KB
205 KB 931ms
408ms Image
image/gif 20.239.153.86
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://32653562.com/2a97558cb3ea4b6e8e016d5f897eb40b.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.239.153.86 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: f8f90ef68b126f23c4be949a416d29675d7323090f2527e31659adffc4256071

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 01:02:24 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 May 2022 14:06:12 GMT
Server: WAF/2.4-12.1
ETag: W/"62937dd4-333cb"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 1213de108655403cab1dc3254bda4411.gif
bob4915.com/ Frame CD3C 414 KB
414 KB 2480ms
168ms Image
image/gif 103.170.15.96
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bob4915.com/1213de108655403cab1dc3254bda4411.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.96 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: b26d4de107c13bfceff216d745f7fa588dfe81e1908d392934e69ac5d4b1f15b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 07 Jul 2022 22:21:05 GMT
Last-Modified: Fri, 10 Jun 2022 15:35:32 GMT
Server: nginx
ETag: "62a364c4-6783d"
X-Cache: HIT from yd11_13-cdn-g01-la2-26
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 423997

GET
H/1.1 200
OK 8b9a23d1c8af49788664b4308135ce77.gif
jcyunk2.com/ Frame CD3C 351 KB
351 KB 1931ms
157ms Image
image/gif 45.61.212.125
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jcyunk2.com/8b9a23d1c8af49788664b4308135ce77.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.125 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 68ba4c4b15565431cb3eb04e98b176db6634fd9b9f881689f9c07ee5ea1dae65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 07 Jul 2022 17:55:33 GMT
Last-Modified: Sun, 22 May 2022 10:05:27 GMT
Server: nginx
ETag: "628a0ae7-57a3a"
X-Cache: HIT from cloud-us2-cdnb-25
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 358970

GET
H/1.1 200
OK 480282301bc04f7bb5fac99ecabe23e8.gif
xox8863.com/ Frame CD3C 634 KB
634 KB 876ms
161ms Image
image/gif 45.61.212.125
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xox8863.com/480282301bc04f7bb5fac99ecabe23e8.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.125 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: dd7f9817063b80223fbc5175c1f5aa392227784b5ba2d61cf168dad0ecf43881

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 10 Jul 2022 06:28:56 GMT
Last-Modified: Sat, 09 Jul 2022 15:14:41 GMT
Server: nginx
ETag: "62c99b61-9e7ea"
X-Cache: HIT from cloud-us2-cdnb-25
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 649194

GET
H2 200 anim55648e4baa6ation.gif
yyzbtg01.cc/img/ Frame CD3C 175 KB
176 KB 1786ms
915ms Image
image/gif 118.107.46.234
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yyzbtg01.cc/img/anim55648e4baa6ation.gif

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.107.46.234 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

7b4fb840d83d5735a8ce746a307a80020a46b21e300c2f0fd7a44645f2c09cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Fri, 27 May 2022 07:35:56 GMT
server: nginx
etag: "62907f5c-2bdfc"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 179708
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 960240.gif
taiwtp1.com/img/ Frame CD3C 219 KB
219 KB 1623ms
1324ms Image
image/gif 220.128.218.220
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://taiwtp1.com/img/960240.gif

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

220.128.218.220 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

220-128-218-220.hinet-ip.hinet.net

Software

nginx /

Resource Hash

269a642190139efcc044a53f3194f196e79d8e981d3e8cf0184ce4e8eb134020

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:01:26 GMT
last-modified: Wed, 09 Mar 2022 04:06:14 GMT
server: nginx
etag: "622827b6-36a87"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 223879
expires: Wed, 10 Aug 2022 01:01:26 GMT

GET
H2 200 75d4efb6638449ea9fffdc052aada918.gif
vecukb.com/ Frame DF29 87 KB
87 KB 3608ms
515ms Image
image/gif 103.170.15.20
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vecukb.com/75d4efb6638449ea9fffdc052aada918.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.20 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: 51ddb10eda79f71da14cc3d379f7ecf743a102b01e32611cbb181d09b7d64998

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:29:02 GMT
last-modified: Sat, 09 Jul 2022 11:27:44 GMT
server: nginx
etag: "62c96630-15a52"
x-cache: HIT from yd11_02-cdn-g01-la2-10
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 88658

GET
H/1.1 200
OK b0fe210a8cec4dc898ee32a88f3ed602.gif
n0477.com/ Frame DF29 280 KB
278 KB 1118ms
413ms Image
image/gif 20.239.77.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0477.com/b0fe210a8cec4dc898ee32a88f3ed602.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.239.77.42 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: f6e4778de943e27dc198c39f45c6e896803077f99c6f2e3a55e61177d8a3ed05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 01:02:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 09:29:26 GMT
Server: WAF/2.4-12.1
ETag: W/"62a1bd76-45f67"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 2a97558cb3ea4b6e8e016d5f897eb40b.gif
32653562.com/ Frame DF29 205 KB
205 KB 1054ms
401ms Image
image/gif 20.239.153.86
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://32653562.com/2a97558cb3ea4b6e8e016d5f897eb40b.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.239.153.86 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: f8f90ef68b126f23c4be949a416d29675d7323090f2527e31659adffc4256071

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 01:02:24 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 May 2022 14:06:12 GMT
Server: WAF/2.4-12.1
ETag: W/"62937dd4-333cb"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 1213de108655403cab1dc3254bda4411.gif
bob4915.com/ Frame DF29 414 KB
414 KB 2614ms
169ms Image
image/gif 103.170.15.96
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bob4915.com/1213de108655403cab1dc3254bda4411.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.96 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: b26d4de107c13bfceff216d745f7fa588dfe81e1908d392934e69ac5d4b1f15b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 07 Jul 2022 22:21:05 GMT
Last-Modified: Fri, 10 Jun 2022 15:35:32 GMT
Server: nginx
ETag: "62a364c4-6783d"
X-Cache: HIT from yd11_13-cdn-g01-la2-26
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 423997

GET
H/1.1 200
OK 8b9a23d1c8af49788664b4308135ce77.gif
jcyunk2.com/ Frame DF29 351 KB
351 KB 2182ms
157ms Image
image/gif 45.61.212.125
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jcyunk2.com/8b9a23d1c8af49788664b4308135ce77.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.125 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 68ba4c4b15565431cb3eb04e98b176db6634fd9b9f881689f9c07ee5ea1dae65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 07 Jul 2022 17:55:33 GMT
Last-Modified: Sun, 22 May 2022 10:05:27 GMT
Server: nginx
ETag: "628a0ae7-57a3a"
X-Cache: HIT from cloud-us2-cdnb-25
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 358970

GET
H/1.1 200
OK 480282301bc04f7bb5fac99ecabe23e8.gif
xox8863.com/ Frame DF29 634 KB
634 KB 1128ms
161ms Image
image/gif 45.61.212.125
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xox8863.com/480282301bc04f7bb5fac99ecabe23e8.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.125 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: dd7f9817063b80223fbc5175c1f5aa392227784b5ba2d61cf168dad0ecf43881

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 10 Jul 2022 06:28:56 GMT
Last-Modified: Sat, 09 Jul 2022 15:14:41 GMT
Server: nginx
ETag: "62c99b61-9e7ea"
X-Cache: HIT from cloud-us2-cdnb-25
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 649194

GET
H2 200 anim55648e4baa6ation.gif
yyzbtg01.cc/img/ Frame DF29 175 KB
176 KB 1353ms
231ms Image
image/gif 118.107.46.234
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yyzbtg01.cc/img/anim55648e4baa6ation.gif

Requested by

Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.107.46.234 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

7b4fb840d83d5735a8ce746a307a80020a46b21e300c2f0fd7a44645f2c09cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Fri, 27 May 2022 07:35:56 GMT
server: nginx
etag: "62907f5c-2bdfc"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 179708
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 960240.gif
taiwtp1.com/img/ Frame DF29 219 KB
219 KB 1344ms
794ms Image
image/gif 220.128.218.220
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://taiwtp1.com/img/960240.gif

Requested by

Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

220.128.218.220 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

220-128-218-220.hinet-ip.hinet.net

Software

nginx /

Resource Hash

269a642190139efcc044a53f3194f196e79d8e981d3e8cf0184ce4e8eb134020

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:01:26 GMT
last-modified: Wed, 09 Mar 2022 04:06:14 GMT
server: nginx
etag: "622827b6-36a87"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 223879
expires: Wed, 10 Aug 2022 01:01:26 GMT

GET
H2 200 gg.css
sb.learning8808.com/yPS7hqfHgkFauS2djb/ Frame DF29 3 KB
1 KB 196ms
25ms Stylesheet
text/css 2606:4700:3030::6815:12ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.learning8808.com/yPS7hqfHgkFauS2djb/gg.css
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xtb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:12ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bb4ec00d22758bd6f9960202619821782a2c88ebd0997582582b00f015642fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17743
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 29 Jun 2022 09:41:11 GMT
server: cloudflare
etag: W/"62bc1e37-c63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTZsiQvUssptlHwN%2BEN4llgl1oUVC7NLMJZluLEqJOft7PIxijhI7PcRYK39pt5dep1IstDOFWnyXBBloXHwRhkdddTPTwC1AGAXHnDK27AC5Gz9tN%2BNuxoaw7FGNsFQn%2F2KAErJC5DN1n%2F9dAnaJAn6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 728d9d079f4a8ffe-FRA
expires: Mon, 11 Jul 2022 08:06:39 GMT

GET 8e1e9034b4a54c10bcdc828a830c011c.png
n0404.com/ Frame DF29 0
0

GET 80c8a3886e5e4885b9ceb421172edb63.png
n0404.com/ Frame DF29 0
0

GET 370fe18fce95412383ca14e44a0d41f5.png
n0399.com/ Frame DF29 0
0

GET 2a66afb62ca745c3868530fdc02492b3.gif
bob4942.com/ Frame DF29 0
0

GET ad57239e363d4a2f96c2e91f27d2aefb.gif
bob5379.com/ Frame DF29 0
0

GET ffa0f10f31964f75a6d8ab82391c4868.gif
xox8889.com/ Frame DF29 0
0

GET b54fabb21dcf461696483c00e563d773.gif
xox8956.com/ Frame DF29 0
0

GET anim55648e4baa6ation-zb-3.gif
yyzbtg01.cc/img/ Frame DF29 0
0

GET 200200.gif
taiwtp1.com/img/ Frame DF29 0
0

GET zbcpa2.png
tk.learning8808.com/images/ Frame DF29 0
0

GET 200x200.gif
701.oss-cn-hongkong.aliyuncs.com/gg/ Frame DF29 0
0

GET %E7%88%B1%E6%B5%AA.gif
sdjigd56c.com/tu/ Frame DF29 0
0

GET
H2 200 75d4efb6638449ea9fffdc052aada918.gif
vecukb.com/ Frame CD3C 87 KB
87 KB 3685ms
860ms Image
image/gif 103.170.15.20
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vecukb.com/75d4efb6638449ea9fffdc052aada918.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.20 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: 51ddb10eda79f71da14cc3d379f7ecf743a102b01e32611cbb181d09b7d64998

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:29:02 GMT
last-modified: Sat, 09 Jul 2022 11:27:44 GMT
server: nginx
etag: "62c96630-15a52"
x-cache: HIT from yd11_02-cdn-g01-la2-10
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 88658

GET
H/1.1 200
OK b0fe210a8cec4dc898ee32a88f3ed602.gif
n0477.com/ Frame CD3C 280 KB
278 KB 835ms
404ms Image
image/gif 20.239.77.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0477.com/b0fe210a8cec4dc898ee32a88f3ed602.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.239.77.42 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: f6e4778de943e27dc198c39f45c6e896803077f99c6f2e3a55e61177d8a3ed05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 01:02:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 09:29:26 GMT
Server: WAF/2.4-12.1
ETag: W/"62a1bd76-45f67"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 2a97558cb3ea4b6e8e016d5f897eb40b.gif
32653562.com/ Frame CD3C 205 KB
205 KB 652ms
401ms Image
image/gif 20.239.153.86
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://32653562.com/2a97558cb3ea4b6e8e016d5f897eb40b.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.239.153.86 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: f8f90ef68b126f23c4be949a416d29675d7323090f2527e31659adffc4256071

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 01:02:24 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 May 2022 14:06:12 GMT
Server: WAF/2.4-12.1
ETag: W/"62937dd4-333cb"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 1213de108655403cab1dc3254bda4411.gif
bob4915.com/ Frame CD3C 414 KB
414 KB 2360ms
166ms Image
image/gif 103.170.15.96
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bob4915.com/1213de108655403cab1dc3254bda4411.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.96 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: b26d4de107c13bfceff216d745f7fa588dfe81e1908d392934e69ac5d4b1f15b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 07 Jul 2022 22:21:05 GMT
Last-Modified: Fri, 10 Jun 2022 15:35:32 GMT
Server: nginx
ETag: "62a364c4-6783d"
X-Cache: HIT from yd11_13-cdn-g01-la2-26
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 423997

GET
H/1.1 200
OK 8b9a23d1c8af49788664b4308135ce77.gif
jcyunk2.com/ Frame CD3C 351 KB
351 KB 1931ms
156ms Image
image/gif 45.61.212.125
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jcyunk2.com/8b9a23d1c8af49788664b4308135ce77.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.125 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 68ba4c4b15565431cb3eb04e98b176db6634fd9b9f881689f9c07ee5ea1dae65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 07 Jul 2022 17:55:33 GMT
Last-Modified: Sun, 22 May 2022 10:05:27 GMT
Server: nginx
ETag: "628a0ae7-57a3a"
X-Cache: HIT from cloud-us2-cdnb-25
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 358970

GET
H/1.1 200
OK 480282301bc04f7bb5fac99ecabe23e8.gif
xox8863.com/ Frame CD3C 634 KB
634 KB 877ms
161ms Image
image/gif 45.61.212.125
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xox8863.com/480282301bc04f7bb5fac99ecabe23e8.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.125 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: dd7f9817063b80223fbc5175c1f5aa392227784b5ba2d61cf168dad0ecf43881

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 10 Jul 2022 06:28:56 GMT
Last-Modified: Sat, 09 Jul 2022 15:14:41 GMT
Server: nginx
ETag: "62c99b61-9e7ea"
X-Cache: HIT from cloud-us2-cdnb-25
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 649194

GET
H2 200 anim55648e4baa6ation.gif
yyzbtg01.cc/img/ Frame CD3C 175 KB
176 KB 1786ms
915ms Image
image/gif 118.107.46.234
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yyzbtg01.cc/img/anim55648e4baa6ation.gif

Requested by

Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.107.46.234 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

7b4fb840d83d5735a8ce746a307a80020a46b21e300c2f0fd7a44645f2c09cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Fri, 27 May 2022 07:35:56 GMT
server: nginx
etag: "62907f5c-2bdfc"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 179708
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 960240.gif
taiwtp1.com/img/ Frame CD3C 219 KB
219 KB 1623ms
1324ms Image
image/gif 220.128.218.220
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://taiwtp1.com/img/960240.gif

Requested by

Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

220.128.218.220 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

220-128-218-220.hinet-ip.hinet.net

Software

nginx /

Resource Hash

269a642190139efcc044a53f3194f196e79d8e981d3e8cf0184ce4e8eb134020

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:01:26 GMT
last-modified: Wed, 09 Mar 2022 04:06:14 GMT
server: nginx
etag: "622827b6-36a87"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 223879
expires: Wed, 10 Aug 2022 01:01:26 GMT

GET
H2 200 gg.css
sb.learning8808.com/yPS7hqfHgkFauS2djb/ Frame CD3C 3 KB
1 KB 189ms
27ms Stylesheet
text/css 2606:4700:3030::6815:12ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.learning8808.com/yPS7hqfHgkFauS2djb/gg.css
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xtb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:12ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bb4ec00d22758bd6f9960202619821782a2c88ebd0997582582b00f015642fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17743
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 29 Jun 2022 09:41:11 GMT
server: cloudflare
etag: W/"62bc1e37-c63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WbJrPFAGCsUYR8rhJcdvalA5AmO3jBBf0WsZyN5w%2B8LBCXdgXJhDQU7LWnZ0VfP4WCI2BF2l84xrJFzv9GjbiiZ7TWoGl7Z5nuBt%2FdGX86LpUFDzaTZqbVuYMMJ3CUpiRiH1rXlqav%2BeF6%2F1TEvOL1MD"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 728d9d079f4c8ffe-FRA
expires: Mon, 11 Jul 2022 08:06:39 GMT

GET 8e1e9034b4a54c10bcdc828a830c011c.png
n0404.com/ Frame CD3C 0
0

GET 80c8a3886e5e4885b9ceb421172edb63.png
n0404.com/ Frame CD3C 0
0

GET 370fe18fce95412383ca14e44a0d41f5.png
n0399.com/ Frame CD3C 0
0

GET 2a66afb62ca745c3868530fdc02492b3.gif
bob4942.com/ Frame CD3C 0
0

GET ad57239e363d4a2f96c2e91f27d2aefb.gif
bob5379.com/ Frame CD3C 0
0

GET ffa0f10f31964f75a6d8ab82391c4868.gif
xox8889.com/ Frame CD3C 0
0

GET b54fabb21dcf461696483c00e563d773.gif
xox8956.com/ Frame CD3C 0
0

GET anim55648e4baa6ation-zb-3.gif
yyzbtg01.cc/img/ Frame CD3C 0
0

GET 200200.gif
taiwtp1.com/img/ Frame CD3C 0
0

GET zbcpa2.png
tk.learning8808.com/images/ Frame CD3C 0
0

GET 200x200.gif
701.oss-cn-hongkong.aliyuncs.com/gg/ Frame CD3C 0
0

GET %E7%88%B1%E6%B5%AA.gif
sdjigd56c.com/tu/ Frame CD3C 0
0

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 416ms
416ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=554861836&si=10e44e3c6edee82d823051e24349004b&v=1.2.95&lv=1&sn=55659&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.sagitco.com%2F&tt=%E4%B8%89%E4%BA%9A%E7%BC%86%E9%AD%84%E5%8C%BB%E7%96%97%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

Requested by

Host: www.sagitco.com
URL: http://www.sagitco.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.sagitco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Jul 2022 01:02:24 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK 8e1e9034b4a54c10bcdc828a830c011c.png
n0404.com/ Frame DF29 39 KB
39 KB 905ms
470ms Image
image/png 52.253.108.99
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0404.com/8e1e9034b4a54c10bcdc828a830c011c.png
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.253.108.99 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: 09424bf279c942aa70ce86abbb4ec994a50d62e001f9f69d5737fd8508e7e823

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 01:02:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 10:29:05 GMT
Server: WAF/2.4-12.1
ETag: W/"62bc2971-9c77"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 80c8a3886e5e4885b9ceb421172edb63.png
n0404.com/ Frame DF29 27 KB
27 KB 908ms
472ms Image
image/png 52.253.108.99
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0404.com/80c8a3886e5e4885b9ceb421172edb63.png
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.253.108.99 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: b1b94bcc3d698ccd417845c7c02ee591f61f325048ed0b6658a0fe3bacfbf045

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 01:02:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 10:29:37 GMT
Server: WAF/2.4-12.1
ETag: W/"62bc2991-6a00"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 370fe18fce95412383ca14e44a0d41f5.png
n0399.com/ Frame DF29 50 KB
50 KB 916ms
471ms Image
image/png 52.253.108.99
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0399.com/370fe18fce95412383ca14e44a0d41f5.png
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.253.108.99 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: 7dac5e0a6b8487b5bcdab06810beb4ce6f7c418d17456b5a466d5572e5772eff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 01:02:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 10:29:58 GMT
Server: WAF/2.4-12.1
ETag: W/"62bc29a6-c7f8"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 2a66afb62ca745c3868530fdc02492b3.gif
bob4942.com/ Frame DF29 189 KB
190 KB 3528ms
463ms Image
image/gif 103.170.15.111
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bob4942.com/2a66afb62ca745c3868530fdc02492b3.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.111 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: 78b2b06ff170a2f683a8b26b743a387b4d807e5bd9fd056b1f214f91446d300a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 11:05:11 GMT
Last-Modified: Wed, 29 Jun 2022 10:21:40 GMT
Server: nginx
ETag: "62bc27b4-2f5d2"
X-Cache: HIT from yd11_13-cdn-g01-la2-41
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 194002

GET
H/1.1 200
OK ad57239e363d4a2f96c2e91f27d2aefb.gif
bob5379.com/ Frame DF29 118 KB
118 KB 2985ms
156ms Image
image/gif 45.61.212.125
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bob5379.com/ad57239e363d4a2f96c2e91f27d2aefb.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.125 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: f21b17add2b5dc734217cfa6c6c2a2d277e17ca9f939cc0af2cadef672cbc68f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 10 Jul 2022 23:30:30 GMT
Last-Modified: Wed, 29 Jun 2022 10:22:11 GMT
Server: nginx
ETag: "62bc27d3-1d869"
X-Cache: HIT from cloud-us2-cdnb-25
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 120937

GET
H/1.1 200
OK ffa0f10f31964f75a6d8ab82391c4868.gif
xox8889.com/ Frame DF29 29 KB
29 KB 4595ms
452ms Image
image/gif 45.61.212.225
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xox8889.com/ffa0f10f31964f75a6d8ab82391c4868.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.225 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 2ca8007b97da4aa8dfe8e89950cd97d6c804f17d4d9cb51e0f7492335412724c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 12:09:24 GMT
Last-Modified: Wed, 29 Jun 2022 14:31:29 GMT
Server: nginx
ETag: "62bc6241-748c"
X-Cache: HIT from cloud-us3-cdnb-25
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 29836

GET
H/1.1 200
OK b54fabb21dcf461696483c00e563d773.gif
xox8956.com/ Frame DF29 13 KB
13 KB 2657ms
164ms Image
image/gif 103.170.15.71
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xox8956.com/b54fabb21dcf461696483c00e563d773.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.71 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: 87d507ded968cf229b266f383bd32b19c73a3d4636e88f177e8188e66a68a6b8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 15:18:51 GMT
Last-Modified: Wed, 29 Jun 2022 07:09:12 GMT
Server: nginx
ETag: "62bbfa98-34d1"
X-Cache: HIT from yd11_13-cdn-g01-la2-01
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 13521

GET
H2 200 anim55648e4baa6ation-zb-3.gif
yyzbtg01.cc/img/ Frame DF29 268 KB
268 KB 1791ms
915ms Image
image/gif 118.107.46.234
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yyzbtg01.cc/img/anim55648e4baa6ation-zb-3.gif

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.107.46.234 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

8742cbc5071fd4166eb2a6a7bb6f0862aec57ef87d2fb0e4c0de668f79ad219d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Fri, 01 Jul 2022 11:37:12 GMT
server: nginx
etag: "62bedc68-42fd9"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 274393
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 200200.gif
taiwtp1.com/img/ Frame DF29 73 KB
74 KB 1627ms
1323ms Image
image/gif 220.128.218.220
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://taiwtp1.com/img/200200.gif

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

220.128.218.220 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

220-128-218-220.hinet-ip.hinet.net

Software

nginx /

Resource Hash

0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:01:26 GMT
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
server: nginx
etag: "6228323e-125fb"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 75259
expires: Wed, 10 Aug 2022 01:01:26 GMT

GET
H2 200 zbcpa2.png
tk.learning8808.com/images/ Frame DF29 158 KB
158 KB 44ms
25ms Image
image/png 2606:4700:3030::6815:12ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/zbcpa2.png
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:12ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca5ada5bab699078f3ecdb2a2b569bcef9b8b34f6773d2197c0658a55fad5d25

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1132593
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 161572
last-modified: Wed, 27 Apr 2022 12:03:23 GMT
server: cloudflare
etag: "6269310b-27724"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZCcCwhC3TeyKtkRKLgpTnfOUInxSm5jcnDi%2BLaOEi9e7nFksexbA3AhgupPFmQ0c6mDoR8BDh0HwecSyJxGF7d1icpBbcCX11Nvcc%2F3aOjoZ7%2B4Nm01lZH7zfr0N6kTRmNmTvzrT6NuEcl%2BSNNpW7a%2Fr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 728d9d080fa98ffe-FRA
expires: Wed, 27 Jul 2022 22:25:53 GMT

GET
H/1.1 200
OK 200x200.gif
701.oss-cn-hongkong.aliyuncs.com/gg/ Frame DF29 292 KB
292 KB 990ms
269ms Image
image/gif 47.75.19.38
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://701.oss-cn-hongkong.aliyuncs.com/gg/200x200.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.19.38 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: d41138a2f786edf66c084dc7465925fe47e70690d04c7264eeea9af1f34714e5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Mon, 11 Jul 2022 01:02:24 GMT
x-oss-request-id: 62CB76A0F27FBE3037B2E91D
Last-Modified: Tue, 21 Jun 2022 08:13:56 GMT
Server: AliyunOSS
Content-MD5: nDumakHJn/7gFAWoN2EMyg==
ETag: "9C3BA66A41C99FFEE01405A837610CCA"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 8250722550151430017
Content-Length: 298536
x-oss-server-time: 1

GET
H2 200 %E7%88%B1%E6%B5%AA.gif
sdjigd56c.com/tu/ Frame DF29 160 KB
160 KB 643ms
313ms Image
image/gif 162.209.201.60
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sdjigd56c.com/tu/%E7%88%B1%E6%B5%AA.gif

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.209.201.60 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

d9cc8d94dacb652181d48272239677cd8ceb3808dbd11c1f8b9360de504fa5cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Mon, 26 Apr 2021 12:13:41 GMT
server: nginx
etag: "6086ae75-27f7b"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 163707
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 xt12.gif
tk.learning8808.com/images/ Frame DF29 732 KB
733 KB 66ms
48ms Image
image/gif 2606:4700:3030::6815:12ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt12.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:12ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea0a19f999b329c2bfbf1d2147109c6ddd90ad772d209b86229f0412324b0d47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1238726
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 749706
last-modified: Wed, 27 Apr 2022 12:03:08 GMT
server: cloudflare
etag: "626930fc-b708a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JpHEs%2BjXnFEvIVDMkufEQHirKC7cS1nGwi09lohi%2F1wZSjs4b1TYf3JKfcrjKONSG2tTcdO5Z5vT6OPH11W7Z%2BculDjlJP2bLo%2BKj86aOD9c1btQzLuiZsAYbNxO85xtKiMJQTxNjFcV297UnsYRYBVR"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 728d9d080fad8ffe-FRA
expires: Tue, 26 Jul 2022 16:57:00 GMT

GET
H2 200 xt10.gif
tk.learning8808.com/images/ Frame DF29 609 KB
610 KB 66ms
48ms Image
image/gif 2606:4700:3030::6815:12ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt10.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:12ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9dfe27cd3c4cfd68f0deb55a593bcac7f77494883c5dc7dbe6f1301e150ab9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1243330
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 623748
last-modified: Wed, 27 Apr 2022 12:03:04 GMT
server: cloudflare
etag: "626930f8-98484"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YBfItuqES2M8NzJk3IL5llKQptadbbxzp%2F76NYKtQcJwPtM5KaVu6L0xaxOvlNfJrN1%2FV%2FlwwmyhvCAmp5sm5LfiOElqjWnOPQFxuKFmrOwAcjLJlj%2BkEHTMPNBKpxrMaO%2BWcqH8YFsRQkefwxNu1IB"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 728d9d080faa8ffe-FRA
expires: Tue, 26 Jul 2022 15:40:16 GMT

GET
H2 200 xt1.gif
tk.learning8808.com/images/ Frame DF29 433 KB
434 KB 65ms
47ms Image
image/gif 2606:4700:3030::6815:12ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt1.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:12ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c01d665a1abb0e10e3ac90119e3674db0363a112da7f8322c12bbafbe0bd88dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1238538
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 443705
last-modified: Wed, 27 Apr 2022 12:03:03 GMT
server: cloudflare
etag: "626930f7-6c539"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lr6vOXRXfXhbnLI9UQbcvZxzL2%2F6AD6J%2BH9tBd29MqQfyNRmPxT3MXAi%2BKexuOe8xDVLw7MCrAqVJTqpddGuE2PKIJKrG8ihOq2bXTzaTcLTuzndK2QMVZXXBhxqnnb3mMxOs0I2D3Yb8dtOJWZNw7TW"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 728d9d080fac8ffe-FRA
expires: Tue, 26 Jul 2022 17:00:08 GMT

GET
H2 200 xt2.gif
tk.learning8808.com/images/ Frame DF29 368 KB
369 KB 67ms
49ms Image
image/gif 2606:4700:3030::6815:12ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt2.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:12ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c0afb20158289f63a2b8a9d57502a932cbaabb4b255babeacac3bf0a6534d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1527296
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 376694
last-modified: Wed, 27 Apr 2022 12:03:09 GMT
server: cloudflare
etag: "626930fd-5bf76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YA8Z6375gKzzW4V6i2LjqyskxapwagoolUfh4b9YtCo68BYK22rdl8duLOHzX7UNztvpbeNJVa%2BkXWgX02FHx6tE7CXNhrxwwJJsuC%2BvXy6fZmrctm0H3d8EnthhDQ5HAaLcaK66%2BGbDcJuyFyY5LB7"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 728d9d080fab8ffe-FRA
expires: Sat, 23 Jul 2022 08:47:30 GMT

GET
H3 200 video-play.png
klx42.zhgm8jglhk.com/template/m1938pc/images/ Frame DF29 2 KB
2 KB 26ms
26ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://klx42.zhgm8jglhk.com/template/m1938pc/images/video-play.png
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/template/m1938pc/css/zui.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/template/m1938pc/css/zui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1517717
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1567
last-modified: Sun, 19 Dec 2021 02:38:52 GMT
server: cloudflare
etag: "61be9b3c-61f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ufgEHxLi4%2Bi0ah84whSvYtWmqzPlht%2BKWYaJ7Vjby%2BgDRZ3M7DMBiva%2BafXmq1q32MYJsYa0Fv3mjFRWUoV9bdEsO8S%2FKm80NZ9VFSERGANmqK3Oh3yR5L%2FNDmdJ%2BxeUbBH7JNhDJicx8RoSzhRrO2Zs%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 728d9d07cecb9be0-FRA
expires: Sat, 23 Jul 2022 11:27:06 GMT

GET
H3 200 xt3.gif
tk.learning8808.com/images/ Frame DF29 189 KB
189 KB 329ms
329ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt3.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac04d049696b8e58a9d9ccc2c2e90f480ad925f796df8ddb5a87f10250bc39e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1239954
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 193237
last-modified: Wed, 27 Apr 2022 12:03:11 GMT
server: cloudflare
etag: "626930ff-2f2d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3i9hFJxqb2tuyaTXYUyqYakAkxXhNv4IX6EmjVbP5bvhtS1ljqZEjfzOgtHJWxBDYjTe%2B1e2%2BCqYuyndMmxWFOm0NjF3MasX56mDJZtrQ7xgU0b9eZZ%2FuhZN8umLMW%2FadWBjdkM497oP3a%2BfPakMB9v"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 728d9d08fe086901-FRA
expires: Tue, 26 Jul 2022 16:36:32 GMT

GET
H3 200 xt5.gif
tk.learning8808.com/images/ Frame DF29 2 MB
2 MB 338ms
337ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt5.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ce2e990e0e3d34b9c049d12bdd691163c668d93a1fcfc52c91336a227b3dc94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1393600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1693315
last-modified: Wed, 27 Apr 2022 12:03:15 GMT
server: cloudflare
etag: "62693103-19d683"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C0PdGfNaVJgOSn9H1eDCuR6K4JDTav%2Bhb6OQWo56TKXAjPjxVFYKO81CXaotgUrsqn57le873l1CmF34hEshW88gk1kK6msIoaqyOjwEEFSL9CrJmVlJbfOCR2fiMleNOjWXSnYyx5gJtrnv2C0rQwI9"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 728d9d08fe0a6901-FRA
expires: Sun, 24 Jul 2022 21:55:47 GMT

GET
H3 200 xt6.gif
tk.learning8808.com/images/ Frame DF29 2 MB
2 MB 372ms
371ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt6.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a6920701b78e0d28ab0d1bc646ccb7a82f93eaf66399a435b55788356d594eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1241983
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2168710
last-modified: Wed, 27 Apr 2022 12:03:17 GMT
server: cloudflare
etag: "62693105-211786"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95akq8Djb20pZRtwojRZutU7UYYTYUklk1d5dkj51bHUZ8clWvAMR1oEQ30U3yvgskpHXk9O3RqsPuIHx73MfkC11xbd3g1e1yIfvtbCA4ckJjbUD8ioU5%2FuvVfwJoLbqEmFzUCdOqPew1bpP9PgSMBZ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 728d9d08fe0b6901-FRA
expires: Tue, 26 Jul 2022 16:02:43 GMT

GET
H3 200 xt7.gif
tk.learning8808.com/images/ Frame DF29 263 KB
263 KB 415ms
414ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt7.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59c730a313db642dd842aad1586e7d3a29dabe14be7404a1cd0a0d25138e669c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1239666
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 269177
last-modified: Wed, 27 Apr 2022 12:03:19 GMT
server: cloudflare
etag: "62693107-41b79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mqEMNo6vawZzrQwU66SITtrx8X5hHIDmeWQpDCVGihx%2F7BIa0HGfO4dy93624lIIXfNpZBo%2F7DNdASoLwcbfirmuHoA7hM5i7ilE2NwFqsx%2B%2BuGfI6dwQ2rNddhjl3kfnh0eGM%2FmQSYCYQQiGYx%2Fxlie"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 728d9d08fe0c6901-FRA
expires: Tue, 26 Jul 2022 16:41:20 GMT

GET
H/1.1 200
OK 8e1e9034b4a54c10bcdc828a830c011c.png
n0404.com/ Frame CD3C 39 KB
39 KB 900ms
473ms Image
image/png 52.253.108.99
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0404.com/8e1e9034b4a54c10bcdc828a830c011c.png
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.253.108.99 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: 09424bf279c942aa70ce86abbb4ec994a50d62e001f9f69d5737fd8508e7e823

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 01:02:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 10:29:05 GMT
Server: WAF/2.4-12.1
ETag: W/"62bc2971-9c77"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 80c8a3886e5e4885b9ceb421172edb63.png
n0404.com/ Frame CD3C 27 KB
27 KB 932ms
491ms Image
image/png 52.253.108.99
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0404.com/80c8a3886e5e4885b9ceb421172edb63.png
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.253.108.99 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: b1b94bcc3d698ccd417845c7c02ee591f61f325048ed0b6658a0fe3bacfbf045

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 01:02:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 10:29:37 GMT
Server: WAF/2.4-12.1
ETag: W/"62bc2991-6a00"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 370fe18fce95412383ca14e44a0d41f5.png
n0399.com/ Frame CD3C 50 KB
50 KB 901ms
473ms Image
image/png 52.253.108.99
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0399.com/370fe18fce95412383ca14e44a0d41f5.png
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.253.108.99 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: 7dac5e0a6b8487b5bcdab06810beb4ce6f7c418d17456b5a466d5572e5772eff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 01:02:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 10:29:58 GMT
Server: WAF/2.4-12.1
ETag: W/"62bc29a6-c7f8"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 2a66afb62ca745c3868530fdc02492b3.gif
bob4942.com/ Frame CD3C 189 KB
190 KB 3478ms
464ms Image
image/gif 103.170.15.111
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bob4942.com/2a66afb62ca745c3868530fdc02492b3.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.111 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: 78b2b06ff170a2f683a8b26b743a387b4d807e5bd9fd056b1f214f91446d300a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 11:05:11 GMT
Last-Modified: Wed, 29 Jun 2022 10:21:40 GMT
Server: nginx
ETag: "62bc27b4-2f5d2"
X-Cache: HIT from yd11_13-cdn-g01-la2-41
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 194002

GET
H/1.1 200
OK ad57239e363d4a2f96c2e91f27d2aefb.gif
bob5379.com/ Frame CD3C 118 KB
118 KB 2898ms
157ms Image
image/gif 45.61.212.125
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bob5379.com/ad57239e363d4a2f96c2e91f27d2aefb.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.125 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: f21b17add2b5dc734217cfa6c6c2a2d277e17ca9f939cc0af2cadef672cbc68f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 10 Jul 2022 23:30:30 GMT
Last-Modified: Wed, 29 Jun 2022 10:22:11 GMT
Server: nginx
ETag: "62bc27d3-1d869"
X-Cache: HIT from cloud-us2-cdnb-25
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 120937

GET
H/1.1 200
OK ffa0f10f31964f75a6d8ab82391c4868.gif
xox8889.com/ Frame CD3C 29 KB
29 KB 4511ms
453ms Image
image/gif 45.61.212.225
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xox8889.com/ffa0f10f31964f75a6d8ab82391c4868.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.225 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 2ca8007b97da4aa8dfe8e89950cd97d6c804f17d4d9cb51e0f7492335412724c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 12:09:24 GMT
Last-Modified: Wed, 29 Jun 2022 14:31:29 GMT
Server: nginx
ETag: "62bc6241-748c"
X-Cache: HIT from cloud-us3-cdnb-25
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 29836

GET
H/1.1 200
OK b54fabb21dcf461696483c00e563d773.gif
xox8956.com/ Frame CD3C 13 KB
13 KB 2589ms
170ms Image
image/gif 103.170.15.71
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xox8956.com/b54fabb21dcf461696483c00e563d773.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.71 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: 87d507ded968cf229b266f383bd32b19c73a3d4636e88f177e8188e66a68a6b8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 15:18:51 GMT
Last-Modified: Wed, 29 Jun 2022 07:09:12 GMT
Server: nginx
ETag: "62bbfa98-34d1"
X-Cache: HIT from yd11_13-cdn-g01-la2-01
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 13521

GET
H2 200 anim55648e4baa6ation-zb-3.gif
yyzbtg01.cc/img/ Frame CD3C 268 KB
268 KB 1701ms
915ms Image
image/gif 118.107.46.234
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yyzbtg01.cc/img/anim55648e4baa6ation-zb-3.gif

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.107.46.234 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

8742cbc5071fd4166eb2a6a7bb6f0862aec57ef87d2fb0e4c0de668f79ad219d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Fri, 01 Jul 2022 11:37:12 GMT
server: nginx
etag: "62bedc68-42fd9"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 274393
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H2 200 200200.gif
taiwtp1.com/img/ Frame CD3C 73 KB
74 KB 1537ms
1323ms Image
image/gif 220.128.218.220
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://taiwtp1.com/img/200200.gif

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

220.128.218.220 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

220-128-218-220.hinet-ip.hinet.net

Software

nginx /

Resource Hash

0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:01:26 GMT
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
server: nginx
etag: "6228323e-125fb"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 75259
expires: Wed, 10 Aug 2022 01:01:26 GMT

GET
H3 200 zbcpa2.png
tk.learning8808.com/images/ Frame CD3C 158 KB
158 KB 264ms
257ms Image
image/png 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/zbcpa2.png
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca5ada5bab699078f3ecdb2a2b569bcef9b8b34f6773d2197c0658a55fad5d25

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1045953
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 161572
last-modified: Wed, 27 Apr 2022 12:03:23 GMT
server: cloudflare
etag: "6269310b-27724"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y1IgajzSVHss8Mh7w3qi89hErDUEmG3h0AIZLhYQmzcMyrn%2BP8Be44T9%2ByT%2Bg5JtAuKgQ8vwScyTLBSALhtBbUUyHf39pW2AX2UWxmsfxQ1decT0A35U6wsSVs5ZWUW7gMkruTmuCJT8cNXbyVa%2F25ou"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 728d9d088db76901-FRA
expires: Thu, 28 Jul 2022 22:29:53 GMT

GET
H/1.1 200
OK 200x200.gif
701.oss-cn-hongkong.aliyuncs.com/gg/ Frame CD3C 292 KB
292 KB 912ms
280ms Image
image/gif 47.75.19.38
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://701.oss-cn-hongkong.aliyuncs.com/gg/200x200.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.19.38 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: d41138a2f786edf66c084dc7465925fe47e70690d04c7264eeea9af1f34714e5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Mon, 11 Jul 2022 01:02:24 GMT
x-oss-request-id: 62CB76A0FC567C3239D37F0A
Last-Modified: Tue, 21 Jun 2022 08:13:56 GMT
Server: AliyunOSS
Content-MD5: nDumakHJn/7gFAWoN2EMyg==
ETag: "9C3BA66A41C99FFEE01405A837610CCA"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 8250722550151430017
Content-Length: 298536
x-oss-server-time: 1

GET
H2 200 %E7%88%B1%E6%B5%AA.gif
sdjigd56c.com/tu/ Frame CD3C 160 KB
160 KB 711ms
469ms Image
image/gif 162.209.201.60
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sdjigd56c.com/tu/%E7%88%B1%E6%B5%AA.gif

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.209.201.60 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

d9cc8d94dacb652181d48272239677cd8ceb3808dbd11c1f8b9360de504fa5cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
last-modified: Mon, 26 Apr 2021 12:13:41 GMT
server: nginx
etag: "6086ae75-27f7b"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 163707
expires: Wed, 10 Aug 2022 01:02:24 GMT

GET
H3 200 xt12.gif
tk.learning8808.com/images/ Frame CD3C 732 KB
733 KB 155ms
150ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt12.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/250.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea0a19f999b329c2bfbf1d2147109c6ddd90ad772d209b86229f0412324b0d47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1237633
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 749706
last-modified: Wed, 27 Apr 2022 12:03:08 GMT
server: cloudflare
etag: "626930fc-b708a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zsFj%2FoVfH12pdh2Vfa5St6NQwgqFzvBOIZ8UL04VouP7kCzfi9zQR1UgHmcNMhc%2FqhBU3x6Ocy5F1qPgRl2td04h9pCosHQVo1X13cArYyar1bGjd%2B68kO1CdNbhkQJrl2f8A%2BLczgmbim%2BoeXrjCq8q"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 728d9d088db26901-FRA
expires: Tue, 26 Jul 2022 17:15:13 GMT

GET
H3 200 xt10.gif
tk.learning8808.com/images/ Frame CD3C 609 KB
610 KB 228ms
222ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt10.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/250.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9dfe27cd3c4cfd68f0deb55a593bcac7f77494883c5dc7dbe6f1301e150ab9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1242598
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 623748
last-modified: Wed, 27 Apr 2022 12:03:04 GMT
server: cloudflare
etag: "626930f8-98484"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HfVnZ99XWlVZzQw4WCHzhZelJJduNRm0%2FU7Sq9LEJ20g0rLQn93X3CoZnF4s1mSu0znb5DF5MzHOCnOvsJqV7UokjiU%2BdywGWzeYA2wFcLUjUuxU3htNs7pFjvAp4pKfy1nKBpNPaWqWtLTcTS4fj0kO"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 728d9d088db36901-FRA
expires: Tue, 26 Jul 2022 15:52:28 GMT

GET
H3 200 xt11.gif
tk.learning8808.com/images/ Frame DF29 2 MB
2 MB 420ms
419ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt11.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c64028fba849ecf81cae46173194457736017f36066493ba9241fc6717bb7ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1242596
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1639812
last-modified: Wed, 27 Apr 2022 12:03:06 GMT
server: cloudflare
etag: "626930fa-190584"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=it3Ys1%2B%2BKvcUxqAk9V0%2BJsyXsTIn8uBo4ueZ%2B8184AlfZqoPg%2BA8WZUCYSbfPsTC4yBZJL83NyqqTPKDPvsthkUivb3%2FkInaoTzu9d95MgkGXQzVTd48GPRpBxPp5YWVyQ8BLFP0kZHYhbs6aIzbhmRl"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 728d9d08fe0d6901-FRA
expires: Tue, 26 Jul 2022 15:52:30 GMT

GET
H3 200 xt9.gif
tk.learning8808.com/images/ Frame DF29 322 KB
322 KB 457ms
456ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt9.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd96321466d68dddabbc45cf7d72821ab7801de184f638a382b6a6681fba949d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1242595
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 329331
last-modified: Wed, 27 Apr 2022 12:03:21 GMT
server: cloudflare
etag: "62693109-50673"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XCPsO6uYJe1cidcJAOtwBYftulIyqw5I1f%2BL4seHq4H23cn1U2OFfyf4yVwEerVpoRWKjMrkM0%2BNsB%2BXFrThq%2BzdLBzR50O4DTcjYoEaFDWm9763Gwl571MoN9eaBtSIeDt6h8nPyvNYOP5e7qjUlRf"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 728d9d08fe0f6901-FRA
expires: Tue, 26 Jul 2022 15:52:31 GMT

GET
H3 200 xt1.gif
tk.learning8808.com/images/ Frame CD3C 433 KB
434 KB 31ms
25ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt1.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/251.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c01d665a1abb0e10e3ac90119e3674db0363a112da7f8322c12bbafbe0bd88dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1242597
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 443705
last-modified: Wed, 27 Apr 2022 12:03:03 GMT
server: cloudflare
etag: "626930f7-6c539"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bzabS1dA7XEXTtAINzZr2gZeV1NucHRPUp%2BLBaFgoaG41z5Mc9hH5J7yclkQ4%2FJXEJ5976We1VtRAFGVP79gwTQzU11mh7tioZLWUa2hn2EY64JAeRg65p9kPun7vLBfswquHmGzLnHNwsFsCSGDfXe5"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 728d9d088db56901-FRA
expires: Tue, 26 Jul 2022 15:52:29 GMT

GET
H3 200 xt2.gif
tk.learning8808.com/images/ Frame CD3C 368 KB
368 KB 130ms
124ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt2.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/251.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c0afb20158289f63a2b8a9d57502a932cbaabb4b255babeacac3bf0a6534d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1237932
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 376694
last-modified: Wed, 27 Apr 2022 12:03:09 GMT
server: cloudflare
etag: "626930fd-5bf76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJ6oUsPr9ZAgJie9%2ByqUwWMWBe1kktJSZci7VC9hK0DPZAjCxiauBEVNQQSbgZP%2BMrTcMUxHLZ66s5wrHj7J862VX9h7f561o5hUn1LVM1p5RCKthr3akHe6vZ%2BYanTvch06DeaNMrYJY12PZITKIn9l"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 728d9d088db66901-FRA
expires: Tue, 26 Jul 2022 17:10:14 GMT

GET
H2 200 75d4efb6638449ea9fffdc052aada918.gif
vecukb.com/ Frame DF29 87 KB
87 KB 3572ms
906ms Image
image/gif 103.170.15.20
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vecukb.com/75d4efb6638449ea9fffdc052aada918.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.20 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: 51ddb10eda79f71da14cc3d379f7ecf743a102b01e32611cbb181d09b7d64998

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:29:02 GMT
last-modified: Sat, 09 Jul 2022 11:27:44 GMT
server: nginx
etag: "62c96630-15a52"
x-cache: HIT from yd11_02-cdn-g01-la2-10
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 88658

GET
H/1.1 200
OK b0fe210a8cec4dc898ee32a88f3ed602.gif
n0477.com/ Frame DF29 280 KB
278 KB 809ms
403ms Image
image/gif 20.239.77.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0477.com/b0fe210a8cec4dc898ee32a88f3ed602.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.239.77.42 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: f6e4778de943e27dc198c39f45c6e896803077f99c6f2e3a55e61177d8a3ed05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 01:02:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 09:29:26 GMT
Server: WAF/2.4-12.1
ETag: W/"62a1bd76-45f67"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 2a97558cb3ea4b6e8e016d5f897eb40b.gif
32653562.com/ Frame DF29 205 KB
205 KB 733ms
408ms Image
image/gif 20.239.153.86
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://32653562.com/2a97558cb3ea4b6e8e016d5f897eb40b.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.239.153.86 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: f8f90ef68b126f23c4be949a416d29675d7323090f2527e31659adffc4256071

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 01:02:24 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 May 2022 14:06:12 GMT
Server: WAF/2.4-12.1
ETag: W/"62937dd4-333cb"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 1213de108655403cab1dc3254bda4411.gif
bob4915.com/ Frame DF29 414 KB
414 KB 2203ms
172ms Image
image/gif 103.170.15.96
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bob4915.com/1213de108655403cab1dc3254bda4411.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.96 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: b26d4de107c13bfceff216d745f7fa588dfe81e1908d392934e69ac5d4b1f15b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 07 Jul 2022 22:21:05 GMT
Last-Modified: Fri, 10 Jun 2022 15:35:32 GMT
Server: nginx
ETag: "62a364c4-6783d"
X-Cache: HIT from yd11_13-cdn-g01-la2-26
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 423997

GET
H/1.1 200
OK 8b9a23d1c8af49788664b4308135ce77.gif
jcyunk2.com/ Frame DF29 351 KB
351 KB 854ms
157ms Image
image/gif 45.61.212.125
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jcyunk2.com/8b9a23d1c8af49788664b4308135ce77.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.125 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 68ba4c4b15565431cb3eb04e98b176db6634fd9b9f881689f9c07ee5ea1dae65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 07 Jul 2022 17:55:33 GMT
Last-Modified: Sun, 22 May 2022 10:05:27 GMT
Server: nginx
ETag: "628a0ae7-57a3a"
X-Cache: HIT from cloud-us2-cdnb-25
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 358970

GET
H/1.1 200
OK 480282301bc04f7bb5fac99ecabe23e8.gif
xox8863.com/ Frame DF29 634 KB
634 KB 438ms
156ms Image
image/gif 45.61.212.125
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xox8863.com/480282301bc04f7bb5fac99ecabe23e8.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.125 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: dd7f9817063b80223fbc5175c1f5aa392227784b5ba2d61cf168dad0ecf43881

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 10 Jul 2022 06:28:56 GMT
Last-Modified: Sat, 09 Jul 2022 15:14:41 GMT
Server: nginx
ETag: "62c99b61-9e7ea"
X-Cache: HIT from cloud-us2-cdnb-25
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 649194

GET
H2 200 anim55648e4baa6ation.gif
yyzbtg01.cc/img/ Frame DF29 175 KB
176 KB 1333ms
1326ms Image
image/gif 118.107.46.234
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yyzbtg01.cc/img/anim55648e4baa6ation.gif

Requested by

Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.107.46.234 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

7b4fb840d83d5735a8ce746a307a80020a46b21e300c2f0fd7a44645f2c09cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Fri, 27 May 2022 07:35:56 GMT
server: nginx
etag: "62907f5c-2bdfc"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 179708
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 960240.gif
taiwtp1.com/img/ Frame DF29 219 KB
219 KB 710ms
703ms Image
image/gif 220.128.218.220
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://taiwtp1.com/img/960240.gif

Requested by

Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

220.128.218.220 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

220-128-218-220.hinet-ip.hinet.net

Software

nginx /

Resource Hash

269a642190139efcc044a53f3194f196e79d8e981d3e8cf0184ce4e8eb134020

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:01:28 GMT
last-modified: Wed, 09 Mar 2022 04:06:14 GMT
server: nginx
etag: "622827b6-36a87"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 223879
expires: Wed, 10 Aug 2022 01:01:28 GMT

GET
H/1.1 200 go1
ia.51.la/ Frame DF29 0
215 B 1653ms
299ms Image
text/plain 183.131.207.66
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ia.51.la/go1?id=21278765&rt=1657501344010&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1657501344010&tt=lubiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx42.zhgm8jglhk.com%252F&pu=http%253A%252F%252Fwww.sagitco.com%252F
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 01:02:26 GMT
Server: CloudWAF
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ Frame DF29 30 KB
11 KB 409ms
407ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?1138ebd140b7eb3f7d7147d4a8915456

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

aab491ce9c87416bf3bd80854d60b0678c1a627cc7d9f51f71474e15ff3f5db4

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 01:02:25 GMT
Content-Encoding: gzip
Server: apache
Etag: 8b24b48ba512ecd23fbdfa5be8f99c0a
Strict-Transport-Security: max-age=172800
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11334

GET
H3 200 xt3.gif
tk.learning8808.com/images/ Frame CD3C 189 KB
189 KB 268ms
262ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt3.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/252.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac04d049696b8e58a9d9ccc2c2e90f480ad925f796df8ddb5a87f10250bc39e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1239954
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 193237
last-modified: Wed, 27 Apr 2022 12:03:11 GMT
server: cloudflare
etag: "626930ff-2f2d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0h2GYuXCSrJjbvIt3ECQyyVzJuKAAVNfZFbbaLvgcacdBLz4jAlCS0NEt3Ut0JydcEAdtQJwI7dT6QTkrHplvRPXnTJyEgZ3%2Fs%2Fwhe2z5c0Uur1I2%2FmfHW%2FQNFmcX2hEeJGmpw6wzgvYKXOul%2B6FvsM"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 728d9d088db86901-FRA
expires: Tue, 26 Jul 2022 16:36:32 GMT

GET
H3 200 xt5.gif
tk.learning8808.com/images/ Frame CD3C 2 MB
2 MB 48ms
42ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt5.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/252.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ce2e990e0e3d34b9c049d12bdd691163c668d93a1fcfc52c91336a227b3dc94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1393600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1693315
last-modified: Wed, 27 Apr 2022 12:03:15 GMT
server: cloudflare
etag: "62693103-19d683"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTefjfIHN5t%2BnXZkkOcsjGsJXcewGkXRrJ4hmlONQQNGOuC%2FiuI%2F%2FkJqb8NMyWb%2BkF9vTQB4TSEop8Aag7bMiReQClCAIJyInWlxSlP7NWWdw%2F38UrJ1VM8IYIVep5rB2OxMJvwLTq7fDraYdguaYxOl"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 728d9d088db96901-FRA
expires: Sun, 24 Jul 2022 21:55:47 GMT

GET
H3 200 xt6.gif
tk.learning8808.com/images/ Frame CD3C 2 MB
2 MB 317ms
311ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt6.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/253.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a6920701b78e0d28ab0d1bc646ccb7a82f93eaf66399a435b55788356d594eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1241983
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2168710
last-modified: Wed, 27 Apr 2022 12:03:17 GMT
server: cloudflare
etag: "62693105-211786"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RGz8uk5Z%2Bn5TBvIcWaXmfFWDsbUBkU7ZVGJj5HLLltID%2Fey8nAlUJjJ79%2FKIHtAd4IWBsPBv3teDrkXIzs0miks10AYdqcVJ4uiNP0YI2B1L4Osi4j8p2TTedOSF%2FaxleUTVbMas5Zh4qjIMWamQYsGt"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 728d9d088dba6901-FRA
expires: Tue, 26 Jul 2022 16:02:43 GMT

GET
H3 200 xt7.gif
tk.learning8808.com/images/ Frame CD3C 263 KB
263 KB 383ms
377ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt7.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/253.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59c730a313db642dd842aad1586e7d3a29dabe14be7404a1cd0a0d25138e669c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1239666
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 269177
last-modified: Wed, 27 Apr 2022 12:03:19 GMT
server: cloudflare
etag: "62693107-41b79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LgAnOsX%2BZNJ%2FI3lLSAS5nAD6dNm9JdW50oQ5x8AQUBNjU45DL7z4OQJc9Ehu6lDbSeml5SAoIfprMHix3kMLrQbWIscBWCv040tUvorm6Uk%2FzGURWQwkmG8dce2eP7f8nwedcHnqtqpcXwJs7z4Ju7xM"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 728d9d088dbb6901-FRA
expires: Tue, 26 Jul 2022 16:41:20 GMT

GET
H3 200 xt11.gif
tk.learning8808.com/images/ Frame CD3C 2 MB
2 MB 183ms
143ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt11.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/254.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c64028fba849ecf81cae46173194457736017f36066493ba9241fc6717bb7ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1242596
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1639812
last-modified: Wed, 27 Apr 2022 12:03:06 GMT
server: cloudflare
etag: "626930fa-190584"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8me3ntssauv780Hbqu0S1mWqjAXdfO3oYkcwSYxKrwaouZpQD64mCd2aOnUVHSQUtZzlSbxvENGoHQsMVK3zdnyiHBtZ97eVrOU24o%2FCxOgjIxTW5863yd2QQT0ZFGdLxM17Le9pykOkV7eU%2FFw3OcFC"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 728d9d088db06901-FRA
expires: Tue, 26 Jul 2022 15:52:30 GMT

GET
H3 200 xt9.gif
tk.learning8808.com/images/ Frame CD3C 322 KB
322 KB 429ms
388ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt9.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/254.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd96321466d68dddabbc45cf7d72821ab7801de184f638a382b6a6681fba949d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1242595
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 329331
last-modified: Wed, 27 Apr 2022 12:03:21 GMT
server: cloudflare
etag: "62693109-50673"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CCTpLvurgbuYzFsdoCp931dnFsfRKwBziCX7luhCLnQ7fWUeong1iluQWkrYwjJPqcrNrZkIQZckXE8itL5IPO8bphIS6Kx1qeqtWs7iohCcg1lEU1u8YcnNsAwGoylVQqMb%2F%2B3SROnkDf%2FErMvAK6We"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 728d9d088dbd6901-FRA
expires: Tue, 26 Jul 2022 15:52:31 GMT

GET
H2 200 75d4efb6638449ea9fffdc052aada918.gif
vecukb.com/ Frame CD3C 87 KB
87 KB 3685ms
945ms Image
image/gif 103.170.15.20
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vecukb.com/75d4efb6638449ea9fffdc052aada918.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.20 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: 51ddb10eda79f71da14cc3d379f7ecf743a102b01e32611cbb181d09b7d64998

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 12:29:02 GMT
last-modified: Sat, 09 Jul 2022 11:27:44 GMT
server: nginx
etag: "62c96630-15a52"
x-cache: HIT from yd11_02-cdn-g01-la2-10
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 88658

GET
H/1.1 200
OK b0fe210a8cec4dc898ee32a88f3ed602.gif
n0477.com/ Frame CD3C 280 KB
278 KB 829ms
413ms Image
image/gif 20.239.77.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0477.com/b0fe210a8cec4dc898ee32a88f3ed602.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.239.77.42 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: f6e4778de943e27dc198c39f45c6e896803077f99c6f2e3a55e61177d8a3ed05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 01:02:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 09:29:26 GMT
Server: WAF/2.4-12.1
ETag: W/"62a1bd76-45f67"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 2a97558cb3ea4b6e8e016d5f897eb40b.gif
32653562.com/ Frame CD3C 205 KB
205 KB 737ms
410ms Image
image/gif 20.239.153.86
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://32653562.com/2a97558cb3ea4b6e8e016d5f897eb40b.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.239.153.86 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: f8f90ef68b126f23c4be949a416d29675d7323090f2527e31659adffc4256071

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 01:02:24 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 May 2022 14:06:12 GMT
Server: WAF/2.4-12.1
ETag: W/"62937dd4-333cb"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 1213de108655403cab1dc3254bda4411.gif
bob4915.com/ Frame CD3C 414 KB
414 KB 2282ms
167ms Image
image/gif 103.170.15.96
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bob4915.com/1213de108655403cab1dc3254bda4411.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.96 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: b26d4de107c13bfceff216d745f7fa588dfe81e1908d392934e69ac5d4b1f15b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 07 Jul 2022 22:21:05 GMT
Last-Modified: Fri, 10 Jun 2022 15:35:32 GMT
Server: nginx
ETag: "62a364c4-6783d"
X-Cache: HIT from yd11_13-cdn-g01-la2-26
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 423997

GET
H/1.1 200
OK 8b9a23d1c8af49788664b4308135ce77.gif
jcyunk2.com/ Frame CD3C 351 KB
351 KB 855ms
158ms Image
image/gif 45.61.212.125
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jcyunk2.com/8b9a23d1c8af49788664b4308135ce77.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.125 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 68ba4c4b15565431cb3eb04e98b176db6634fd9b9f881689f9c07ee5ea1dae65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 07 Jul 2022 17:55:33 GMT
Last-Modified: Sun, 22 May 2022 10:05:27 GMT
Server: nginx
ETag: "628a0ae7-57a3a"
X-Cache: HIT from cloud-us2-cdnb-25
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 358970

GET
H/1.1 200
OK 480282301bc04f7bb5fac99ecabe23e8.gif
xox8863.com/ Frame CD3C 634 KB
634 KB 510ms
156ms Image
image/gif 45.61.212.125
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xox8863.com/480282301bc04f7bb5fac99ecabe23e8.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.125 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: dd7f9817063b80223fbc5175c1f5aa392227784b5ba2d61cf168dad0ecf43881

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 10 Jul 2022 06:28:56 GMT
Last-Modified: Sat, 09 Jul 2022 15:14:41 GMT
Server: nginx
ETag: "62c99b61-9e7ea"
X-Cache: HIT from cloud-us2-cdnb-25
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 649194

GET
H2 200 anim55648e4baa6ation.gif
yyzbtg01.cc/img/ Frame CD3C 175 KB
176 KB 523ms
522ms Image
image/gif 118.107.46.234
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yyzbtg01.cc/img/anim55648e4baa6ation.gif

Requested by

Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.107.46.234 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

7b4fb840d83d5735a8ce746a307a80020a46b21e300c2f0fd7a44645f2c09cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:25 GMT
last-modified: Fri, 27 May 2022 07:35:56 GMT
server: nginx
etag: "62907f5c-2bdfc"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 179708
expires: Wed, 10 Aug 2022 01:02:25 GMT

GET
H2 200 960240.gif
taiwtp1.com/img/ Frame CD3C 219 KB
219 KB 782ms
781ms Image
image/gif 220.128.218.220
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://taiwtp1.com/img/960240.gif

Requested by

Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

220.128.218.220 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

220-128-218-220.hinet-ip.hinet.net

Software

nginx /

Resource Hash

269a642190139efcc044a53f3194f196e79d8e981d3e8cf0184ce4e8eb134020

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:01:27 GMT
last-modified: Wed, 09 Mar 2022 04:06:14 GMT
server: nginx
etag: "622827b6-36a87"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 223879
expires: Wed, 10 Aug 2022 01:01:27 GMT

GET
H/1.1 200 go1
ia.51.la/ Frame CD3C 0
215 B 1842ms
283ms Image
text/plain 183.131.207.66
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ia.51.la/go1?id=21278765&rt=1657501344043&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1657501344043&tt=lubiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx42.zhgm8jglhk.com%252F&pu=http%253A%252F%252Fwww.sagitco.com%252F
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 01:02:27 GMT
Server: CloudWAF
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ Frame CD3C 30 KB
11 KB 417ms
416ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?1138ebd140b7eb3f7d7147d4a8915456

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

aab491ce9c87416bf3bd80854d60b0678c1a627cc7d9f51f71474e15ff3f5db4

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 01:02:25 GMT
Content-Encoding: gzip
Server: apache
Etag: 8b24b48ba512ecd23fbdfa5be8f99c0a
Strict-Transport-Security: max-age=172800
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11334

GET
H3 200 video-play.png
klx42.zhgm8jglhk.com/template/m1938pc/images/ Frame CD3C 2 KB
2 KB 25ms
25ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://klx42.zhgm8jglhk.com/template/m1938pc/images/video-play.png
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/template/m1938pc/css/zui.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/template/m1938pc/css/zui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:02:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1517718
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1567
last-modified: Sun, 19 Dec 2021 02:38:52 GMT
server: cloudflare
etag: "61be9b3c-61f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S61F0HSA%2BDmSjOXqxM%2B%2B7299rzX%2B0u2aHIA6tLwoeHOi%2FOo9lbz6NUjiWcij0hpMaEOK%2BkrrrQImhO%2BCRCbHurAkhQyGv5%2FaRgiVqv%2FlAegN2brSy6TOGb4SJjQeN1UImGyHYcH64bohXWalIX%2FSzYg%2Bew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 728d9d085f589be0-FRA
expires: Sat, 23 Jul 2022 11:27:06 GMT

GET
H/1.1 200
OK s.gif
api.share.baidu.com/ 0
116 B 1111ms
202ms Image
text/plain 182.61.201.93
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://api.share.baidu.com/s.gif?l=http://www.sagitco.com/
Requested by: Host: www.sagitco.com
URL: http://www.sagitco.com/
Protocol: HTTP/1.1
Server: 182.61.201.93 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.sagitco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 01:02:25 GMT
Content-Length: 0
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ Frame CD3C 43 B
299 B 410ms
410ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=403160816&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.sagitco.com%2F&v=1.2.95&lv=1&sn=55661&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fklx42.zhgm8jglhk.com%2F&tt=lubiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Jul 2022 01:02:25 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ Frame DF29 43 B
299 B 411ms
410ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&lt=1657501346&rnd=1106955561&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.sagitco.com%2F&v=1.2.95&lv=2&sn=55661&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fklx42.zhgm8jglhk.com%2F&tt=lubiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Jul 2022 01:02:26 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: js.users.51.la
URL: https://js.users.51.la/21279169.js

Domain: n0404.com
URL: https://n0404.com/8e1e9034b4a54c10bcdc828a830c011c.png

Domain: n0404.com
URL: https://n0404.com/80c8a3886e5e4885b9ceb421172edb63.png

Domain: n0399.com
URL: https://n0399.com/370fe18fce95412383ca14e44a0d41f5.png

Domain: bob4942.com
URL: https://bob4942.com/2a66afb62ca745c3868530fdc02492b3.gif

Domain: bob5379.com
URL: https://bob5379.com/ad57239e363d4a2f96c2e91f27d2aefb.gif

Domain: xox8889.com
URL: https://xox8889.com/ffa0f10f31964f75a6d8ab82391c4868.gif

Domain: xox8956.com
URL: https://xox8956.com/b54fabb21dcf461696483c00e563d773.gif

Domain: yyzbtg01.cc
URL: https://yyzbtg01.cc/img/anim55648e4baa6ation-zb-3.gif

Domain: taiwtp1.com
URL: https://taiwtp1.com/img/200200.gif

Domain: tk.learning8808.com
URL: https://tk.learning8808.com/images/zbcpa2.png

Domain: 701.oss-cn-hongkong.aliyuncs.com
URL: https://701.oss-cn-hongkong.aliyuncs.com/gg/200x200.gif

Domain: sdjigd56c.com
URL: https://sdjigd56c.com/tu/%E7%88%B1%E6%B5%AA.gif

Domain: n0404.com
URL: https://n0404.com/8e1e9034b4a54c10bcdc828a830c011c.png

Domain: n0404.com
URL: https://n0404.com/80c8a3886e5e4885b9ceb421172edb63.png

Domain: n0399.com
URL: https://n0399.com/370fe18fce95412383ca14e44a0d41f5.png

Domain: bob4942.com
URL: https://bob4942.com/2a66afb62ca745c3868530fdc02492b3.gif

Domain: bob5379.com
URL: https://bob5379.com/ad57239e363d4a2f96c2e91f27d2aefb.gif

Domain: xox8889.com
URL: https://xox8889.com/ffa0f10f31964f75a6d8ab82391c4868.gif

Domain: xox8956.com
URL: https://xox8956.com/b54fabb21dcf461696483c00e563d773.gif

Domain: yyzbtg01.cc
URL: https://yyzbtg01.cc/img/anim55648e4baa6ation-zb-3.gif

Domain: taiwtp1.com
URL: https://taiwtp1.com/img/200200.gif

Domain: tk.learning8808.com
URL: https://tk.learning8808.com/images/zbcpa2.png

Domain: 701.oss-cn-hongkong.aliyuncs.com
URL: https://701.oss-cn-hongkong.aliyuncs.com/gg/200x200.gif

Domain: sdjigd56c.com
URL: https://sdjigd56c.com/tu/%E7%88%B1%E6%B5%AA.gif

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.sagitco.com/	1970-01-20 04:25:01	Name: Cookies_KL Value: 1
.hm.baidu.com/	1970-01-25 20:29:45	Name: HMACCOUNT_BFESS Value: 7A6BF44F1D88612D
.www.sagitco.com/	1970-01-20 13:10:37	Name: Hm_lvt_10e44e3c6edee82d823051e24349004b Value: 1657501344
.www.sagitco.com/	1969-12-31 23:59:59	Name: Hm_lpvt_10e44e3c6edee82d823051e24349004b Value: 1657501344

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://www.sagitco.com/tj.js(Line 8) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/21279169.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.sagitco.com/tj.js(Line 8) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/21279169.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

32653562.com
701.oss-cn-hongkong.aliyuncs.com
api.share.baidu.com
bob4915.com
bob4942.com
bob5379.com
hm.baidu.com
ia.51.la
jcyunk2.com
js.users.51.la
klx42.zhgm8jglhk.com
lb.learning8809.com
n0399.com
n0404.com
n0477.com
push.zhanzhang.baidu.com
sagitco.com
sb.learning8808.com
sdjigd56c.com
taiwtp1.com
tk.learning8808.com
vecukb.com
www.gg123456789gg.com
www.sagitco.com
xox8863.com
xox8889.com
xox8956.com
yyzbtg01.cc
701.oss-cn-hongkong.aliyuncs.com
bob4942.com
bob5379.com
js.users.51.la
n0399.com
n0404.com
sdjigd56c.com
taiwtp1.com
tk.learning8808.com
xox8889.com
xox8956.com
yyzbtg01.cc
103.170.15.111
103.170.15.20
103.170.15.71
103.170.15.96
103.235.46.191
112.90.153.42
118.107.46.234
136.0.141.3
136.0.141.5
162.209.201.60
182.61.201.93
183.131.207.66
20.239.153.86
20.239.77.42
220.128.218.220
2606:4700:3030::6815:12ae
2606:4700:3030::ac43:b6cf
2a06:98c1:3121::3
38.63.1.109
39.156.68.163
45.61.212.125
45.61.212.225
47.75.19.38
52.253.108.99
00a9acf2656bd5e695da4599930e72a98b74b00c7b944019135561fce8df64e1
02ffc05b43e07d8552bbfda7a37a41f98c09756bf98a1a179df2192ef0b2a71b
052407f8e59e225e051cd57823f3d81f3baea0fcc826814e3e865ae380124f7f
06a80d5dbb5d46db0047e23fa95032229a4a0bb3a548dbc1edaa4866bba22776
0810bd77e5c0bcf107ff7db6b55a3b9f9aabbf5282bbf61343ba4ee6e040bb65
09424bf279c942aa70ce86abbb4ec994a50d62e001f9f69d5737fd8508e7e823
0bb4ec00d22758bd6f9960202619821782a2c88ebd0997582582b00f015642fb
0c0afb20158289f63a2b8a9d57502a932cbaabb4b255babeacac3bf0a6534d80
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
0deceb48aff8e713f2eacfef80b4197b2be117a4ef3053429d3b5fe64a63b207
12848eca8a8b499eff31128b20e1a760268b7891370f8f6b9accb56f9eff7c73
19f9436703c1b5b718781093004ea368249bf0a0074d2b6516adc5765131a408
1bbafb81b6ec00be79d17979ed4fce95ec049306c3836feaf66e552b4fcf595e
1c64028fba849ecf81cae46173194457736017f36066493ba9241fc6717bb7ab
230a01af63bbad4a2c1f60b5f1a0336027feb4395cd127ab5a3b83fc38c1fa59
269a642190139efcc044a53f3194f196e79d8e981d3e8cf0184ce4e8eb134020
2ca8007b97da4aa8dfe8e89950cd97d6c804f17d4d9cb51e0f7492335412724c
320e3871cd42eb21886cfc4069ea895cf691be0413263a046f1b12a75646f095
35660a4103d23c526fd8b7c7ba1618368fb4f69c10039b515c4f4d3b6ff752d8
35742e874e60b23deec883cd5179e7c350f334fde1f07e5f9f2c1a1a7f2f18f6
382be919c25db8460cb8d031daf012683c1f318026787081de572170e6be003b
385ace7701f1372da6741105a4657a1c7987ce3a5a699f472dc86b5dcc0dcd03
3ac3aad5ec7f8c52e9dea11498d74555fa160c761cd1a6d0483ebbec531e3bf4
3b9fe18cd6b61db8204b6200d359f5aaaba482641a9e0e787cbe8e04c59f585a
4213ff4a5fe5cdf48179cc698ba23d974c451ebd7dd93448b49930c281ebfbd9
432d04d1f6e16570ce4f6127583834645c382c3e270b021d1576e8e713065ae2
4638e1b3d37bcc0f7541ffd91879dc9f6bd069cdd76675562b6038a020925af9
4c181b1c63b5faa7f3eac7837e9bdae4042b681f2eae56f38c704f257e87ffcd
4ed98c7de211fde8b21e4d6b7cc0990c5f9690b348674fae73593aa6ef6cd8ab
51ddb10eda79f71da14cc3d379f7ecf743a102b01e32611cbb181d09b7d64998
544b35d43202d727d8a99c3f3d0e675cc534aacda03d8edd95fa7199c75e24d7
5565f81db170d81799ef3af49c3de085a90ea310c3854387330f78dc25585f81
58cbcba238140b4366da7b34c8fa11a5547c2f6ffa8a07c1106186bd119034df
59c730a313db642dd842aad1586e7d3a29dabe14be7404a1cd0a0d25138e669c
6223ea653b3ccdc2d5f9567a16a7225332905919ea00edde3fecc09aa0ba5461
63060f7715b504cc0d95a9bdc5598e4cf29927a259ad3e1f6ddb2463ea8fa2d7
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
68ba4c4b15565431cb3eb04e98b176db6634fd9b9f881689f9c07ee5ea1dae65
6ce2e990e0e3d34b9c049d12bdd691163c668d93a1fcfc52c91336a227b3dc94
70ffd71215ec938af9e1002b6bc6384bee7b19258ff5363f783fd516c6a1e3b6
77d41f75f9667370277b6f3e3266f4abea6d5ed7966e06f65e3fad511477b953
78b2b06ff170a2f683a8b26b743a387b4d807e5bd9fd056b1f214f91446d300a
7b4fb840d83d5735a8ce746a307a80020a46b21e300c2f0fd7a44645f2c09cb1
7cc273eaaec28a73c3d3adc6a8a0e8b92ea623cb0fa1eb9027a3dbc7a25a86be
7dac5e0a6b8487b5bcdab06810beb4ce6f7c418d17456b5a466d5572e5772eff
800fc876f0c4117de57ac691f2b558740eeed29b6b1522721b20d3601d16cbdc
81e297c65d0e9f0ac54f129f69040e74c7c29c5b515f07377d77b61ea0e26e04
824074f3bcb68d4f3139841bb3d04621e4fd4e153d86b839cc531f11d9321d26
82849ce6266621aedf79cf0f6aa7830c19b2f0143e8bc50d2336e1057bd438b6
84b8e5e32e37501371faef98a425ebdbfb520288241e025736d3cb34aa1d6618
860b3b34607079cc4092b537b77998403d7eda0e0ca004c5977d569bcc519443
8735db91b8bb4f3d9b2b66bd6d0fa23d6edbf040c0a6681de0f2c99e9d4e96ce
8742cbc5071fd4166eb2a6a7bb6f0862aec57ef87d2fb0e4c0de668f79ad219d
87d507ded968cf229b266f383bd32b19c73a3d4636e88f177e8188e66a68a6b8
8a6920701b78e0d28ab0d1bc646ccb7a82f93eaf66399a435b55788356d594eb
8f50465e9570b638a1763935613b33cc543c25563e4199b8973bf69ed2cd18e5
9575baec4ff44eb2a9700beb0313456e2bd99d32dde705007eb8837d548917cb
95add14ccb4e022cf7194a6b5da42ab3e38bf171796f45a6d68733c6465dece9
9919c48077207bb93df2ae5c47dadfe3d3db323d46702aa62ebcc093c93153bf
99d585f6806983ff7bb2661d2faf828373656603eb9188d0ced326515b9b4d08
99d7d5953a3e93a0617381d8de374c3df78a7ab74e2b72f833f1b69ce08c0419
9aafeaa03b44b57673f1ec6b07714da2831c33afa8803c6abdc45cd44c8d9650
9f300557e18d586adc4f8f2ea5de5f2466df7797f5d00f810895809cde0b057c
a0e10fee6bf229960fe624dc46cdb5be700406911a31864bfb830b904bc0c736
a51cc577da532ea4bd7809b31ee22a0085f713040b9b6539d606b4966d70ed05
a9189a3a524e8d0369e25ee5fe11e37f9730f4bf1860f33d082959ebece8a9aa
a9dfe27cd3c4cfd68f0deb55a593bcac7f77494883c5dc7dbe6f1301e150ab9d
aab491ce9c87416bf3bd80854d60b0678c1a627cc7d9f51f71474e15ff3f5db4
ac0e9defaa47d1cfb006b2c9adc432657a78508733d0b87620af0cb24f103c80
acc7ca3596dd546e1b6e146afe5ceb58525adbb7a51e0ae7e71c9f7ce7c3c6bc
af83a1651a8c45650c53a7ea66b625afdea60ed1a3e67f5a2d7d51a562e7ed81
b016d08b5926768cbb1dd91adc16a0f0302bd1d3b1fcbfbe4dd30f66cfe0a9eb
b152cdbaa6d52c9dad37398233d5e3402b6b6572d9874341a80301da77bef65a
b1b94bcc3d698ccd417845c7c02ee591f61f325048ed0b6658a0fe3bacfbf045
b26d4de107c13bfceff216d745f7fa588dfe81e1908d392934e69ac5d4b1f15b
b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d
bd96321466d68dddabbc45cf7d72821ab7801de184f638a382b6a6681fba949d
c01d665a1abb0e10e3ac90119e3674db0363a112da7f8322c12bbafbe0bd88dc
c10afccbf2eb99bc0f8f0b121ceaa6393f99ee707ec81d7b00d7ff7cb499c0c1
c3a4d6defb0807c524acbcd4843ce8eade9b4763818f2b6984e92e3a04b10662
c6986b3983434bd54c9a229705abbc137c607c1bf352bfe863a35d7dc8639920
ca5ada5bab699078f3ecdb2a2b569bcef9b8b34f6773d2197c0658a55fad5d25
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d17972380b648eb2282b833ec849ca46ffb85d715b7f87e56e41cb991bacd9c4
d25d6737172533d10e54109bf263732076933e2e73c007717f405bbe8f6d0d86
d26298e53439e37511c0fb08df9a0924244d8f75ea898de79d9ae215d38898f5
d41138a2f786edf66c084dc7465925fe47e70690d04c7264eeea9af1f34714e5
d46b141505ab73ecec9d79295e8cdb2332944f50502144007e4a195b228427a4
d49aaed32d580ad12a688f0d79a39e047335ea715677181851622ef6335a78c4
d653222e02b0dfb70d11368109bcb69e8d2a1ec0c0d7831d947375b772df96c7
d9cc8d94dacb652181d48272239677cd8ceb3808dbd11c1f8b9360de504fa5cd
dac04d049696b8e58a9d9ccc2c2e90f480ad925f796df8ddb5a87f10250bc39e
dc31830acac16cfe638e8304441ddf913c9650833babb08249d3500b6609fe1d
dd7f9817063b80223fbc5175c1f5aa392227784b5ba2d61cf168dad0ecf43881
e009fc04603e4ebdddd92a14479b41d96feec3e0fd7bb253f8c0514544f707fc
e370c8d760ffe4dab5abc27ef3df543f0367e9caf9d636fe749778d9f9edb4e2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40d9b49cb8659d53e49ec5115e0333b305e8d819ca6e0b2eb9b38482d4f86cb
e7388077486f760cc4b1ac6a8d84e7ba716cc74ffccd8b58bdce081a11994348
e75726247b62381768e281afd8c815b43910dbc2bcf1f9702a552230fc4c9fac
ea0a19f999b329c2bfbf1d2147109c6ddd90ad772d209b86229f0412324b0d47
f21b17add2b5dc734217cfa6c6c2a2d277e17ca9f939cc0af2cadef672cbc68f
f5b3eb5923f88e39672d3be70f839230bbcdd1fbaa78b6a16b07d3dd43e7b2b6
f6e4778de943e27dc198c39f45c6e896803077f99c6f2e3a55e61177d8a3ed05
f8f90ef68b126f23c4be949a416d29675d7323090f2527e31659adffc4256071
faffda3fa955b4e738adf6934c888fdcec87880a26857877aa3c8aeaf6b7c8a2
fb51712a1fc7b56a44972da5b4dabf950d9bdeee00f4f8b3d3be00939928907b
fe496755c594831ed259ad475844bd43cd64da748b551ca16b7cb2cfed2f73a6

www.sagitco.com Open in urlscan Pro 38.63.1.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

266 Requests

88 %HTTPS

13 %IPv6

23 Domains

28 Subdomains

25 IPs

6 Countries

32962 kBTransfer

33363 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

266 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.sagitco.com Open in urlscan Pro
38.63.1.109 Public Scan

Screenshot
Live screenshot

Full Image

266
Requests

88 %
HTTPS

13 %
IPv6

23
Domains

28
Subdomains

25
IPs

6
Countries

32962 kB
Transfer

33363 kB
Size

4
Cookies

266 HTTP transactions
0 data transactions