www.sagitco.com Open in urlscan Pro
38.63.1.109 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sagitco.com/
Effective URL:
http://www.sagitco.com/
Submission: On July 06 via api (July 6th 2022, 1:02:45 am UTC) from US — Scanned from DE

Summary HTTP 281 Redirects Behaviour Indicators

Summary

This website contacted 25 IPs in 6 countries across 24 domains to perform 281 HTTP transactions. The main IP is 38.63.1.109, located in United States and belongs to PEGTECHINC, US. The main domain is www.sagitco.com.

This is the only time www.sagitco.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	38.63.1.109 38.63.1.109	54600 (PEGTECHINC) (PEGTECHINC)
1	180.101.212.103 180.101.212.103	134770 (CHINANET-...) (CHINANET-JIANGSU-SUZHOU-TAIHU-IDC CHINANET Jiangsu province Suzhou taihu IDC network)
2	136.0.141.3 136.0.141.3	18779 (EGIHOSTING) (EGIHOSTING)
7	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
38	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
98	136.0.141.5 136.0.141.5	18779 (EGIHOSTING) (EGIHOSTING)
2	112.90.153.42 112.90.153.42	136959 (UNICOM-FU...) (UNICOM-FUOSHAN-IDC China Unicom Guangdong IP network)
12	52.140.195.15 52.140.195.15	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	20.222.126.63 20.222.126.63	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
12	45.61.212.119 45.61.212.119	53587 (AZT) (AZT)
8	45.61.212.54 45.61.212.54	53587 (AZT) (AZT)
8	103.170.15.92 103.170.15.92	7483 (SKYCLOUD-...) (SKYCLOUD-NET Skycloud Computing co.)
8	118.107.46.234 118.107.46.234	64050 (BCPL-SG B...) (BCPL-SG BGPNET Global ASN)
8	220.128.218.220 220.128.218.220	3462 (HINET Dat...) (HINET Data Communication Business Group)
12	2606:4700:303... 2606:4700:3030::ac43:b6cf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.208.85.134 104.208.85.134	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	20.210.89.45 20.210.89.45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	45.61.212.223 45.61.212.223	53587 (AZT) (AZT)
2	103.170.15.107 103.170.15.107	7483 (SKYCLOUD-...) (SKYCLOUD-NET Skycloud Computing co.)
2	47.75.19.85 47.75.19.85	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
2	162.209.201.60 162.209.201.60	40065 (CNSERVERS) (CNSERVERS)
12	2606:4700:303... 2606:4700:3030::6815:12ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	183.131.207.66 183.131.207.66	136190 (CHINATELE...) (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA)
1	182.61.201.93 182.61.201.93	38365 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
281	25

4 38.63.1.109 (United States) 1 redirects

ASN54600 (PEGTECHINC, US)

sagitco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.sagitco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 180.101.212.103 (China)

ASN134770 (CHINANET-JIANGSU-SUZHOU-TAIHU-IDC CHINANET Jiangsu province Suzhou taihu IDC network, CN)

push.zhanzhang.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.0.141.3 (United States)

ASN18779 (EGIHOSTING, US)

136.0.141.3	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

klx42.zhgm8jglhk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lb.learning8809.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

98 136.0.141.5 (United States)

ASN18779 (EGIHOSTING, US)

www.gg123456789gg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 112.90.153.42 (China)

ASN136959 (UNICOM-FUOSHAN-IDC China Unicom Guangdong IP network, CN)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.140.195.15 (Tokyo, Japan)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

n0355.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
32653562.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 20.222.126.63 (Tokyo, Japan)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

n0477.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 45.61.212.119 (United States)

ASN53587 (AZT, US)

xox8995.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 45.61.212.54 (United States)

ASN53587 (AZT, US)

bob4915.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bob5379.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 103.170.15.92 (Taiwan)

ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW)

jcyunk2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xox8956.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 118.107.46.234 (Singapore)

ASN64050 (BCPL-SG BGPNET Global ASN, SG)

yyzbtg01.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 220.128.218.220 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 220-128-218-220.hinet-ip.hinet.net

taiwtp1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3030::ac43:b6cf (United States)

ASN13335 (CLOUDFLARENET, US)

sb.learning8808.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tk.learning8808.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.208.85.134 (Central, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

n0404.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.210.89.45 (Tokyo, Japan)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

n0399.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.61.212.223 (United States)

ASN53587 (AZT, US)

bob4942.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.170.15.107 (Taiwan)

ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW)

xox8889.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 47.75.19.85 (Central, Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

701.oss-cn-hongkong.aliyuncs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.209.201.60 (United States)

ASN40065 (CNSERVERS, US)

sdjigd56c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3030::6815:12ae (United States)

ASN13335 (CLOUDFLARENET, US)

tk.learning8808.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 183.131.207.66 (China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)

ia.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.61.201.93 (China)

ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

api.share.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
98	gg123456789gg.com www.gg123456789gg.com	1 MB
30	learning8809.com lb.learning8809.com	29 KB
24	learning8808.com sb.learning8808.com tk.learning8808.com Failed	17 MB
12	xox8995.com xox8995.com — Cisco Umbrella Rank: 928632	5 MB
9	baidu.com push.zhanzhang.baidu.com — Cisco Umbrella Rank: 66055 hm.baidu.com — Cisco Umbrella Rank: 7790 api.share.baidu.com — Cisco Umbrella Rank: 48124	36 KB
8	taiwtp1.com taiwtp1.com — Cisco Umbrella Rank: 284371	1 MB
8	yyzbtg01.cc yyzbtg01.cc	2 MB
8	zhgm8jglhk.com klx42.zhgm8jglhk.com	61 KB
6	jcyunk2.com jcyunk2.com — Cisco Umbrella Rank: 740474	2 MB
6	bob4915.com bob4915.com — Cisco Umbrella Rank: 613326	2 MB
6	32653562.com 32653562.com	1 MB
6	n0477.com n0477.com — Cisco Umbrella Rank: 655012	2 MB
6	n0355.com n0355.com	705 KB
4	n0404.com n0404.com Failed	132 KB
4	51.la js.users.51.la — Cisco Umbrella Rank: 60541 Failed ia.51.la — Cisco Umbrella Rank: 53210	6 KB
4	sagitco.com 1 redirects sagitco.com www.sagitco.com	4 KB
2	sdjigd56c.com sdjigd56c.com Failed	320 KB
2	aliyuncs.com 701.oss-cn-hongkong.aliyuncs.com Failed	584 KB
2	xox8956.com xox8956.com Failed	27 KB
2	xox8889.com xox8889.com — Cisco Umbrella Rank: 345039 Failed	59 KB
2	bob5379.com bob5379.com — Cisco Umbrella Rank: 674509 Failed	237 KB
2	bob4942.com bob4942.com Failed	379 KB
2	n0399.com n0399.com Failed	100 KB
0	lbbf9.com Failed fw.lbbf9.com Failed
281	24

	Domain	Requested by
98	www.gg123456789gg.com	klx42.zhgm8jglhk.com
30	lb.learning8809.com	klx42.zhgm8jglhk.com
22	tk.learning8808.com	lb.learning8809.com klx42.zhgm8jglhk.com
12	xox8995.com	klx42.zhgm8jglhk.com lb.learning8809.com
8	taiwtp1.com	klx42.zhgm8jglhk.com lb.learning8809.com
8	yyzbtg01.cc	klx42.zhgm8jglhk.com lb.learning8809.com
8	klx42.zhgm8jglhk.com	www.sagitco.com klx42.zhgm8jglhk.com
7	hm.baidu.com	www.sagitco.com klx42.zhgm8jglhk.com hm.baidu.com
6	jcyunk2.com	klx42.zhgm8jglhk.com lb.learning8809.com
6	bob4915.com	klx42.zhgm8jglhk.com lb.learning8809.com
6	32653562.com	klx42.zhgm8jglhk.com lb.learning8809.com
6	n0477.com	klx42.zhgm8jglhk.com lb.learning8809.com
6	n0355.com	klx42.zhgm8jglhk.com lb.learning8809.com
4	n0404.com	lb.learning8809.com klx42.zhgm8jglhk.com
3	www.sagitco.com	www.sagitco.com
2	ia.51.la	klx42.zhgm8jglhk.com
2	sdjigd56c.com	lb.learning8809.com klx42.zhgm8jglhk.com
2	701.oss-cn-hongkong.aliyuncs.com	lb.learning8809.com klx42.zhgm8jglhk.com
2	xox8956.com	lb.learning8809.com klx42.zhgm8jglhk.com
2	xox8889.com	lb.learning8809.com klx42.zhgm8jglhk.com
2	bob5379.com	lb.learning8809.com klx42.zhgm8jglhk.com
2	bob4942.com	lb.learning8809.com klx42.zhgm8jglhk.com
2	n0399.com	lb.learning8809.com klx42.zhgm8jglhk.com
2	sb.learning8808.com	lb.learning8809.com
2	js.users.51.la	www.sagitco.com klx42.zhgm8jglhk.com
1	api.share.baidu.com	www.sagitco.com
1	push.zhanzhang.baidu.com	www.sagitco.com
1	sagitco.com	1 redirects
0	fw.lbbf9.com Failed	klx42.zhgm8jglhk.com
281	29

This site contains no links.

Subject Issuer	Validity	Valid
baidu.com GlobalSign RSA OV SSL CA 2018	`2021-11-15` - `2022-08-02`	9 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-23` - `2023-06-22`	a year	crt.sh
*.learning8809.com E1	`2022-06-17` - `2022-09-15`	3 months	crt.sh
www.gg123456789gg.com R3	`2022-04-25` - `2022-07-24`	3 months	crt.sh
*.users.51.la GlobalSign GCC R3 DV TLS CA 2020	`2022-03-29` - `2023-04-30`	a year	crt.sh
n0355.com R3	`2022-06-17` - `2022-09-15`	3 months	crt.sh
n0477.com R3	`2022-06-17` - `2022-09-15`	3 months	crt.sh
32653562.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-18` - `2023-03-18`	a year	crt.sh
xox8995.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-08`	a year	crt.sh
bob4915.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-08`	a year	crt.sh
jcyunk2.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-21` - `2023-03-21`	a year	crt.sh
www.yyzbtg01.cc R3	`2022-05-26` - `2022-08-24`	3 months	crt.sh
taiwtp1.com R3	`2022-04-10` - `2022-07-09`	3 months	crt.sh
*.learning8808.com E1	`2022-06-17` - `2022-09-15`	3 months	crt.sh
n0404.com R3	`2022-06-17` - `2022-09-15`	3 months	crt.sh
n0399.com R3	`2022-06-17` - `2022-09-15`	3 months	crt.sh
bob4942.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-08`	a year	crt.sh
bob5379.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-08`	a year	crt.sh
xox8889.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-08`	a year	crt.sh
xox8956.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-08`	a year	crt.sh
*.oss-cn-hongkong.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-01-20` - `2023-02-21`	a year	crt.sh
dsiauhf22.com Sectigo RSA Domain Validation Secure Server CA	`2021-08-10` - `2022-08-10`	a year	crt.sh
*.51.la GlobalSign GCC R3 DV TLS CA 2020	`2022-04-19` - `2023-05-21`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://www.sagitco.com/
Frame ID: E0E1BAF04C25964E7193907CABA4156B
Requests: 10 HTTP requests in this frame

Frame: https://klx42.zhgm8jglhk.com/
Frame ID: 3E3C0E9948AB3B196AC94F75128544C4
Requests: 135 HTTP requests in this frame

Frame: https://klx42.zhgm8jglhk.com/
Frame ID: F2C2388698635F4CC03EEBB377F8F48D
Requests: 136 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

三亚缆魄医疗科技有限公司三亚缆魄医疗科技有限公司

Page URL History Show full URLs

http://sagitco.com/ HTTP 301
http://www.sagitco.com/ Page URL

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Page Statistics

281
Requests

88 %
HTTPS

13 %
IPv6

24
Domains

29
Subdomains

25
IPs

6
Countries

36811 kB
Transfer

37212 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sagitco.com/ HTTP 301
http://www.sagitco.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

281 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.sagitco.com/
Redirect Chain

http://sagitco.com/
http://www.sagitco.com/

3 KB
1 KB

574ms
155ms

Document
text/html

38.63.1.109
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://www.sagitco.com/
Protocol: HTTP/1.1
Server: 38.63.1.109 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: 860b3b34607079cc4092b537b77998403d7eda0e0ca004c5977d569bcc519443

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 06 Jul 2022 01:02:13 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html
Date: Wed, 06 Jul 2022 01:02:13 GMT
Location: http://www.sagitco.com/
Server: nginx

GET
H/1.1 200
OK common.js Show response
www.sagitco.com/ 4 KB
2 KB 154ms
154ms Script
application/x-javascript 38.63.1.109
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://www.sagitco.com/common.js
Requested by: Host: www.sagitco.com
URL: http://www.sagitco.com/
Protocol: HTTP/1.1
Server: 38.63.1.109 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: d26298e53439e37511c0fb08df9a0924244d8f75ea898de79d9ae215d38898f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.sagitco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:14 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/x-javascript

GET
H/1.1 200
OK tj.js Show response
www.sagitco.com/ 364 B
520 B 302ms
152ms Script
application/x-javascript 38.63.1.109
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://www.sagitco.com/tj.js
Requested by: Host: www.sagitco.com
URL: http://www.sagitco.com/
Protocol: HTTP/1.1
Server: 38.63.1.109 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: 99d585f6806983ff7bb2661d2faf828373656603eb9188d0ced326515b9b4d08

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.sagitco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:14 GMT
Server: nginx
Connection: keep-alive
Content-Length: 364
Content-Type: application/x-javascript

GET
H/1.1 200
OK push.js Show response
push.zhanzhang.baidu.com/ 281 B
752 B 2494ms
267ms Script
text/javascript 180.101.212.103
CHINANET-JIANGSU-...

General

Check archive.org

Show headers Download Go to

Full URL: http://push.zhanzhang.baidu.com/push.js
Requested by: Host: www.sagitco.com
URL: http://www.sagitco.com/
Protocol: HTTP/1.1
Server: 180.101.212.103 , China, ASN134770 (CHINANET-JIANGSU-SUZHOU-TAIHU-IDC CHINANET Jiangsu province Suzhou taihu IDC network, CN),
Reverse DNS
Software: apache /
Resource Hash: 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.sagitco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
Server: apache
Etag: "4078521116"
Vary: Accept-Encoding
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 227
Expires: Thu, 06 Jul 2023 01:02:11 GMT

GET
H/1.1 200
OK chabi-common.php Show response
136.0.141.3/ 69 B
535 B 297ms
149ms XHR
text/html 136.0.141.3
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: http://136.0.141.3/chabi-common.php?val=chabi4&t=0.9307830376237958?v=03776779286267453
Requested by: Host: www.sagitco.com
URL: http://www.sagitco.com/common.js
Protocol: HTTP/1.1
Server: 136.0.141.3 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ed98c7de211fde8b21e4d6b7cc0990c5f9690b348674fae73593aa6ef6cd8ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.sagitco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:09 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE
Content-Type: text/html;charset=utf-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin

GET
H/1.1 200
OK chabi-common.php Show response
136.0.141.3/ 69 B
535 B 307ms
154ms XHR
text/html 136.0.141.3
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: http://136.0.141.3/chabi-common.php?val=chabi4&t=0.5345891742960969?v=014845762329869405
Requested by: Host: www.sagitco.com
URL: http://www.sagitco.com/common.js
Protocol: HTTP/1.1
Server: 136.0.141.3 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ed98c7de211fde8b21e4d6b7cc0990c5f9690b348674fae73593aa6ef6cd8ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.sagitco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:09 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE
Content-Type: text/html;charset=utf-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 30 KB
12 KB 1672ms
404ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?10e44e3c6edee82d823051e24349004b

Requested by

Host: www.sagitco.com
URL: http://www.sagitco.com/tj.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cb7981feb9e63291bbf5d44ecfa021908b513189d4e38a1710dbac83209175f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.sagitco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:10 GMT
Content-Encoding: gzip
Server: apache
Etag: 99ea5764d1cd21b5df2998a69cd7ec80
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11342

GET 21279169.js
js.users.51.la/ 0
0

GET
H2 200 / Show response
klx42.zhgm8jglhk.com/ Frame 3E3C 43 KB
7 KB 401ms
347ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klx42.zhgm8jglhk.com/
Requested by: Host: www.sagitco.com
URL: http://www.sagitco.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fed0f858a427119e98307e60d40ab365046664c0073a62ba5f1b922d69eb346

Request headers

Referer: http://www.sagitco.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 726469ceab059c01-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 06 Jul 2022 01:02:10 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=76lQqXi51yhtXsshsf7NWSG5MQHSj9V%2B%2B4iqlPuzgeFqf4%2BUkxwVUGyQ1yiAiO2hRHqdZiavSD7G3VzIRrK9tqvlLG9R8BPmPHh%2BkbfeGJTTZ693W1FUWuQ0AbEEEsvKnbakadTwLTJMPocfo2Nh0BOc4w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 / Show response
klx42.zhgm8jglhk.com/ Frame F2C2 43 KB
6 KB 525ms
485ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klx42.zhgm8jglhk.com/
Requested by: Host: www.sagitco.com
URL: http://www.sagitco.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fed0f858a427119e98307e60d40ab365046664c0073a62ba5f1b922d69eb346

Request headers

Referer: http://www.sagitco.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 726469ceab069c01-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 06 Jul 2022 01:02:10 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVRBpruOS212qgaExoj7CuKQINs87InrAnyqDl%2FsCsoo7%2Bwx%2FyxSBUboP1cGiE4dgmzaHAImAvRyzPk4IKRo4jIeo9kZcyyv0LGMLFb63WNTIAaQU0s4tgO5X2KWxCbWMQl3EIWuKGJXpEfPMrKKUnHiOA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 ate.css
klx42.zhgm8jglhk.com/template/m1938pc/css/ Frame 3E3C 74 KB
5 KB 18ms
15ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klx42.zhgm8jglhk.com/template/m1938pc/css/ate.css
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4234
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 19 Dec 2021 02:38:44 GMT
server: cloudflare
etag: W/"61be9b34-126e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2MYrqdziHHFiAk3D6AlaYPY5doZHv6PokMUmxBj1Evdrhl8yYwvsXQdUthEifS1wzdE3D74GIECvu269Gkbn%2BiRF1yT3Z4IbnQ%2BuHch5SOFt3BzMCjlmJKzgWQHmPpU9ultLbEA5FSK20OUvnFVXLQSrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 726469d0fce79c01-FRA
expires: Wed, 06 Jul 2022 11:51:36 GMT

GET
H2 200 zui.css
klx42.zhgm8jglhk.com/template/m1938pc/css/ Frame 3E3C 84 KB
16 KB 18ms
16ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klx42.zhgm8jglhk.com/template/m1938pc/css/zui.css
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b9fe18cd6b61db8204b6200d359f5aaaba482641a9e0e787cbe8e04c59f585a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4085
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 26 Mar 2022 14:12:08 GMT
server: cloudflare
etag: W/"623f1f38-14f3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lim19lRq4IWvGSzWHK13y%2B0Ip27rJPK3oIKGBVW4EngWdzNiQdsBZv%2FzTJ7cVqP68tZLloY0QKrm%2Frfnvy6QXiOajoCaOWiqtEUWOt%2F7FWBWPTR5lRAfQAVy0YKUynRy0km2eubb75R0ZvWme94gnT%2Fxfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 726469d0fce99c01-FRA
expires: Wed, 06 Jul 2022 11:54:04 GMT

GET
H2 200 xx1.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 3E3C 3 KB
1 KB 200ms
14ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b2abb7a7f617b00663793c14e0ab02ada1d9bbbd33eece9f00502c3b79763ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28360
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 28 Jun 2022 05:17:40 GMT
server: cloudflare
etag: W/"62ba8ef4-d27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2BWqYBg9pJ5aiTqYVC5pHJRcm4bQuvAsUZ%2BmN2v%2B4hVtAqT5gR%2FYg7jCyQ0CnNFi9tii%2FTXcisd8ol52JK9IME5hNUn2jIsKRCi9Zin8vXsVsdQcLhcwuGEtY64Af9VTqos1%2BbLkGBGH8Aj%2BAImffVbd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 726469d21adf905e-FRA
expires: Wed, 06 Jul 2022 05:09:30 GMT

GET
H2 200 dh1.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 3E3C 2 KB
705 B 204ms
18ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/dh1.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb51712a1fc7b56a44972da5b4dabf950d9bdeee00f4f8b3d3be00939928907b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3392
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 18 Jun 2022 09:31:58 GMT
server: cloudflare
etag: W/"62ad9b8e-970"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PhwGU908VROViuIUme%2BJ1MZzIHut8oujfyj%2FSTUCvXkroEFYeB44hPH6uEr6U%2FkRImqKRlNlXksbZRj3n3MRJKLtvUgIX36wGhyFaZjWSRyqjDRSjlhX7Wd0vfcr4HE7%2Bo%2By2SLFZX%2BJSIsXUF5Rrxd4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 726469d21ae0905e-FRA
expires: Wed, 06 Jul 2022 12:05:38 GMT

GET
H2 200 dh.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 3E3C 11 KB
1 KB 204ms
19ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/dh.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a10767e7f0217734697d6d907d95936dc5be955ba28cd7e311deda7573ff5e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28360
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 30 Jun 2022 15:58:58 GMT
server: cloudflare
etag: W/"62bdc842-2a9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RyfE9ZxqqryWSDyyAYzVDojtOjftVJdhfQt%2FyyAt66xFa1oUYeajPLDkJL8rfAVvTrNspDkb9iu3uGbga9Cf1yzzzUh8c8JFYlWFchmPB9o9ohubuUI613DRbdlEKo5BrHxAAd0s6dnmKZFprEYvXQq8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 726469d21ae1905e-FRA
expires: Wed, 06 Jul 2022 05:09:30 GMT

GET
H2 200 xx2.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 3E3C 3 KB
913 B 201ms
15ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e8d4dd0943c25974a96510cfb34e333351b9939d9431c4482e27bc204ef09bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28360
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 28 Jun 2022 05:17:50 GMT
server: cloudflare
etag: W/"62ba8efe-a6f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=48aivE8AT1CVPzkGcPpW8t%2BXuWYGVU%2ByGwBJzTJvOQ4b99S4x2krUcSnfgCFVk5j8ok0EjnIZdVjRz6eb1Wgq2oVuntTL3Ikv4G%2BC0JhhJNtms7%2BgC4UNJTSNUQl9eOQ7%2BxkiWeHfFV0Ml%2FFwhmVUeko"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 726469d21ae2905e-FRA
expires: Wed, 06 Jul 2022 05:09:30 GMT

GET
H2 200 xtb.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 3E3C 6 KB
2 KB 198ms
13ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xtb.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4824a36f16498eb62aff9bab3a8544714401c86ddcf72a4c6ecccde0355633a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29018
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 01 Jul 2022 11:42:07 GMT
server: cloudflare
etag: W/"62bedd8f-1624"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wVxeqfIv60etAI6mn6yWssKjvhFNGFWcEalLrQzcz%2F3xBQndiz4a%2FCmqOfS7mLNsVIJEQ7Hu4FbCYjGL%2B%2Ftlk91e6PSm9vMhHJEdGhbBrHoyBfMFp%2FX3dahRj0hM86m6o8J33D7WX7jlxM7p85sLODEf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 726469d21ae3905e-FRA
expires: Wed, 06 Jul 2022 04:58:32 GMT

GET
H2 200 250.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 3E3C 1 KB
660 B 202ms
16ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/250.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07b32fc9b4985f3e7a35071bddad0ac6fef555f105476df6733c188383d76f9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29018
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 30 Jun 2022 15:58:58 GMT
server: cloudflare
etag: W/"62bdc842-415"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qqsKq7oTtRtk3o5O8J9OuX2hkMNW%2FRu9vxlwVaRfc22kztmm4P75sJc195N9HyTq7JRXjUj2hnJ%2FlYtugvCIJQ9bpKKVQ6N0%2BsmhN3N%2FyMPnKOM73x55OLS38i16Dy5fHNgYv1oarJP8nP5YMaYfBjMx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 726469d21ae4905e-FRA
expires: Wed, 06 Jul 2022 04:58:32 GMT

GET
H2 200 e6d2e2da48d6b17b83273e29f6011baa.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 13 KB
13 KB 1759ms
301ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/e6d2e2da48d6b17b83273e29f6011baa.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

1b9a65581d315f2a00351beb076371cd1bcc04e2e70027ffd71c9eb9af760fb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:06 GMT
server: nginx
etag: "62c3be4e-3211"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12817
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 1a4ef8ec8330ad46a87654ec0c4fb800.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 11 KB
11 KB 1911ms
453ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/1a4ef8ec8330ad46a87654ec0c4fb800.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

a9ff173d33aa8c7937d7b1285c32e765926a8cdba28838d1b370e0d16846ef2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:06 GMT
server: nginx
etag: "62c3be4e-2b78"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11128
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 bdc5edba581953462e07246c82aed6a6.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 12 KB
12 KB 1910ms
452ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/bdc5edba581953462e07246c82aed6a6.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

8256dda7c0e10aa129d11f5293b881a3ae33fdfd2efa3587dfe7e1411b8dd2c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:06 GMT
server: nginx
etag: "62c3be4e-3047"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12359
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 3aa60b989dbbf640f88c9d02023cb3df.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 13 KB
13 KB 1910ms
453ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/3aa60b989dbbf640f88c9d02023cb3df.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

1bc7aa17c05e4f11524f726f795fc67af7829eac385742ddab7a1130e519c18b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:06 GMT
server: nginx
etag: "62c3be4e-343f"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13375
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 8e5667465306170da84ac5c258f220d5.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 11 KB
11 KB 1910ms
454ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/8e5667465306170da84ac5c258f220d5.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

7932bde6be3efbf6b896b7bc23eb9edce826f29758fa58678d1bf779415c5215

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:06 GMT
server: nginx
etag: "62c3be4e-2cf8"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11512
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 fec072b1a00c1bf7c1c50a7e5c79598b.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 9 KB
9 KB 1910ms
453ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/fec072b1a00c1bf7c1c50a7e5c79598b.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

6ec5344f5c44a6167edff3fa3b8108ad2903537afce117449e56913393f3d645

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:05 GMT
server: nginx
etag: "62c3be4d-2416"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9238
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 560af84e631c871b3682196b8a891974.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 8 KB
9 KB 435ms
430ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/560af84e631c871b3682196b8a891974.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

2822c5810e10ca718db95e5373226c23a6e781dabc9e4b59ff86656fa9e8f499

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:05 GMT
server: nginx
etag: "62c3be4d-2170"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8560
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 8d431f8f5832a9e015fcf723ffd3e360.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 12 KB
12 KB 435ms
430ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/8d431f8f5832a9e015fcf723ffd3e360.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

8ea78aee5e582e98a1f4650a6f9228a2177728a2b03489a97e20697711f5d2e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:05 GMT
server: nginx
etag: "62c3be4d-2e20"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11808
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 cfe0f63360deb9472d40ffc3d46a2f03.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 9 KB
9 KB 435ms
431ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/cfe0f63360deb9472d40ffc3d46a2f03.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

fecc5094c2866c46cb33d93d81130c566c9b9be2a93ac45d9f5dd411f7ca0cd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:05 GMT
server: nginx
etag: "62c3be4d-2266"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8806
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 4e946f3514eaef8c2ba3c288ab8da2f4.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 11 KB
11 KB 436ms
431ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/4e946f3514eaef8c2ba3c288ab8da2f4.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

70b570eb494e3019c66ce23436eb6db207eb6119c812e6d7df319fe602bb8566

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:04 GMT
server: nginx
etag: "62c3be4c-2bba"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11194
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H3 200 251.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 3E3C 1 KB
943 B 39ms
17ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/251.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cc273eaaec28a73c3d3adc6a8a0e8b92ea623cb0fa1eb9027a3dbc7a25a86be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 18 Jun 2022 09:31:58 GMT
server: cloudflare
etag: W/"62ad9b8e-40f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kPapy3yfG1J3mj0ctO34MOEpmemsuxh1dI5M38BBfvOR9%2BjfRCF3fk33F7x%2BQXBQULtTDLOZYchNZj0buBeyo0CINoT3iahHDEKqqRIV1vx%2BnrL8OJgvTr%2FAePMVxMjdkx20j4Rn4hP7qhXNeLDCAq%2By"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 726469d26ba75b50-FRA
expires: Wed, 06 Jul 2022 08:52:10 GMT

GET
H2 200 c5b2c0b15a1a8660cee30d9124434226.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 7 KB
7 KB 436ms
431ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/c5b2c0b15a1a8660cee30d9124434226.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

f43e757bcb1dfcc9dd7e3385322a1459d33d102964538feec44cebe288d878ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:11 GMT
server: nginx
etag: "62c3be53-1c27"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7207
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 cab6319888271508db34191b4cfd6d7c.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 9 KB
10 KB 436ms
431ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/cab6319888271508db34191b4cfd6d7c.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

8823c51a5f4da046c2b4d0806ad0ba8ac9cd627690d96c2e846e1f27cac4db34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:11 GMT
server: nginx
etag: "62c3be53-25cc"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9676
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 e8990b1e8d32a8ac31f553912fe51882.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 11 KB
12 KB 436ms
432ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/e8990b1e8d32a8ac31f553912fe51882.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

d0236a0095bbc27b2afcaac11165de2da041fb9f07ea773cbd1e78ec55eb97d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:11 GMT
server: nginx
etag: "62c3be53-2d5f"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11615
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 f887429bbf5dbaf8c03c476c0aebdae0.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 9 KB
9 KB 437ms
432ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/f887429bbf5dbaf8c03c476c0aebdae0.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

5a1dc1d9b38028fd41625f1149571dc6b0fdce8b709df26d611a711c62929dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:10 GMT
server: nginx
etag: "62c3be52-24ee"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9454
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 b94feea33462e9a641b8226a996fa7f9.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 8 KB
8 KB 437ms
432ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/b94feea33462e9a641b8226a996fa7f9.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

51e946229fa30a4e380fece0b73688f5c0dc91dfb0e70ccdd1ee7718c6d24564

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:10 GMT
server: nginx
etag: "62c3be52-1f6e"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8046
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 dd845107ef80821e18d918ca9d6e6dac.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 11 KB
11 KB 437ms
432ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/dd845107ef80821e18d918ca9d6e6dac.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

323166a54c5cbc8fe5628ca0ac050c55cad3cd054fcdebe7a4ba95982817d2f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:10 GMT
server: nginx
etag: "62c3be52-2c84"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11396
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 4caf92054f2d9e699422109306f84742.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 13 KB
13 KB 437ms
433ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/4caf92054f2d9e699422109306f84742.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

f33f7dd576d4074af0a303991ac4eba81aef8baf33afa563c09592afda187af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:10 GMT
server: nginx
etag: "62c3be52-32e1"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13025
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 b596e2c2b7ec6f7d93c5bce8cd1d65d7.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 11 KB
11 KB 438ms
433ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/b596e2c2b7ec6f7d93c5bce8cd1d65d7.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

66b5a20eaf9b570ac60d43b4709317d58f6017578462585d7e3ef45c238f0fea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:09 GMT
server: nginx
etag: "62c3be51-2ab4"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10932
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 c27dcec7fc74e3215076c262ebd1ef45.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 8 KB
8 KB 438ms
433ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/c27dcec7fc74e3215076c262ebd1ef45.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

6feced2f487ed34a4b6d7141169de06637f15aed4c52aaf7872458040ae70c6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:09 GMT
server: nginx
etag: "62c3be51-2005"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8197
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 59fdc1e63826454c0caccd57f5b3612b.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 11 KB
11 KB 438ms
433ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/59fdc1e63826454c0caccd57f5b3612b.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

efec6af41c7d62477fea38dc132ca4966926592aeddd95cd78708f62e6f940ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:09 GMT
server: nginx
etag: "62c3be51-2b45"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11077
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H3 200 252.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 3E3C 1 KB
946 B 43ms
23ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/252.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58cbcba238140b4366da7b34c8fa11a5547c2f6ffa8a07c1106186bd119034df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 40325
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 18 Jun 2022 09:31:58 GMT
server: cloudflare
etag: W/"62ad9b8e-40f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okCmH1ys8%2BvpkCqRoyusfRcVvxWsqYIX944AG%2BkmAtwCEBdnbvSHNexx6aKW%2Bmj%2FZDNY%2BHqq5R%2FW4nvKTofwcFkk7KX5jKfKxP4mcxYpaEfAKQi6bJ1eEdSDpXLxDrtu7pt9q9cOt5I%2BEkIKWjqsfVwg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 726469d26b9d5b50-FRA
expires: Wed, 06 Jul 2022 01:50:05 GMT

GET
H2 200 5ae8ab70f08dd6ee5bc071f3c7b78f02.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 11 KB
11 KB 438ms
434ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/5ae8ab70f08dd6ee5bc071f3c7b78f02.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

2c374dee3ba8c9eff4cf02fca22a47dd138988b6059fb7ca712f6425df515275

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:24 GMT
server: nginx
etag: "62c3be60-2bd1"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11217
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 b9d7b51dfa748ca691b5ae36f4749a1d.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 11 KB
11 KB 438ms
434ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/b9d7b51dfa748ca691b5ae36f4749a1d.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

66a46af46c14ee8db8b069c7f5dc6e3854f860bf3a29e40ce2f2d394d9a499c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:24 GMT
server: nginx
etag: "62c3be60-2b03"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11011
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 2890342d3a034262ca27818b857dc453.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 10 KB
11 KB 439ms
434ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/2890342d3a034262ca27818b857dc453.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

a7f5fafaee61f31774e0b7709f92bdcc45237f937e6690f903d431b1ff9ab064

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:24 GMT
server: nginx
etag: "62c3be60-29de"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10718
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 de47d271a384e36fe7827ed243ed590c.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 7 KB
7 KB 439ms
435ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/de47d271a384e36fe7827ed243ed590c.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

eefdec112dbde7aae86afa8def477e7cb6c12afbe0fda0776b671c2fcd9f6d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:24 GMT
server: nginx
etag: "62c3be60-1c6b"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7275
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 85f42185059c56b1a020fa92a1bf0664.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 8 KB
8 KB 439ms
435ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/85f42185059c56b1a020fa92a1bf0664.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

0aca9b4439594523a9bb6d8dfe97718c4e91379d44b9c2478ebff76ce705e063

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:23 GMT
server: nginx
etag: "62c3be5f-1e37"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7735
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET 1.jpg
fw.lbbf9.com//20200417/m0uMGVom/ Frame 3E3C 0
0

GET
H2 200 ea5380763456e3d486aa17ebbd34ca33.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 13 KB
13 KB 440ms
435ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/ea5380763456e3d486aa17ebbd34ca33.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

992a6796af71f08f10c38805a69e234a96f45cae6071a6aaf1e792ee3f357716

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:23 GMT
server: nginx
etag: "62c3be5f-33d2"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13266
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 678637f04eabbfa87a0a45a153c36850.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 14 KB
14 KB 440ms
435ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/678637f04eabbfa87a0a45a153c36850.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

77720b3e2e0cbd28e49c289c4a135efb52d1a938d47f3a3e65ae7634d54492b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:23 GMT
server: nginx
etag: "62c3be5f-3835"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14389
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 a0571c8c531145d19ae9a3bdb3a1f1d9.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 14 KB
14 KB 440ms
436ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/a0571c8c531145d19ae9a3bdb3a1f1d9.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

c4431d5b9fbcd58aa8035364941bcb59c0ce4c601f4dee03110d2c907051ba5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:23 GMT
server: nginx
etag: "62c3be5f-38a1"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14497
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 a37558ceb48bf99f0c66073fbfdb081e.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 12 KB
12 KB 440ms
436ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/a37558ceb48bf99f0c66073fbfdb081e.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

daa0108b940ac24602a833d71c9da1355b62fa0a4266432bdb316b2649851733

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:22 GMT
server: nginx
etag: "62c3be5e-2ef1"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12017
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H3 200 253.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 3E3C 1001 B
932 B 36ms
16ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/253.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19f9436703c1b5b718781093004ea368249bf0a0074d2b6516adc5765131a408

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18276
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 18:27:45 GMT
server: cloudflare
etag: W/"62868c21-3e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U7NE8dnCq5FZ51Sd9cdlgKlr38lLIsThp55%2FmaPGjY2%2B5jENxeqlLmLr4xdrpBFky1Fy9U7LOQEf%2FxMVcrrOInMVcitP6VIGLtBX%2FjjLSpJHNWcYuSCTrpbkv8DQbIG%2FH%2F6R0nftwzJsgGh%2FOvPZIx%2B8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 726469d26b9e5b50-FRA
expires: Wed, 06 Jul 2022 07:57:34 GMT

GET
H2 200 e3af58ec4ebf1a229e4737b3c7f8739d.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 13 KB
13 KB 441ms
436ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/e3af58ec4ebf1a229e4737b3c7f8739d.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

27768dd2b31fd1d64f33d6625a7584bdfcc90dbeaf8457e26856d4eb00fb3619

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:16 GMT
server: nginx
etag: "62c3be58-33bc"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13244
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 3c5c898713d59c19a0564f64454a5734.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 12 KB
13 KB 441ms
437ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/3c5c898713d59c19a0564f64454a5734.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

0056cc36dee5a76974a4e416a313ff5f09d6268171faafc939496438e4161e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:16 GMT
server: nginx
etag: "62c3be58-319a"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12698
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 7aa7a722b694066a5b75827a516edde4.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 14 KB
15 KB 441ms
437ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/7aa7a722b694066a5b75827a516edde4.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

2e39bff3d6e2d90366b74930724bf65adf90875fdf1d2672ab2412a68084ffe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:15 GMT
server: nginx
etag: "62c3be57-39b7"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14775
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 ba47b55a7da7e0fd5497dd414e190fdb.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 10 KB
10 KB 441ms
437ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/ba47b55a7da7e0fd5497dd414e190fdb.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

63beba70a969d813ac36a9065098f77e3dca1d485e96b1dce04c069a60421c16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:15 GMT
server: nginx
etag: "62c3be57-27e8"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10216
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 f2105c814c73b6782f874c5ceb0c8963.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 12 KB
13 KB 442ms
437ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/f2105c814c73b6782f874c5ceb0c8963.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

49b843e9a2a2c23c997b523779f038d188d816dc8d7e454e6bb1f94c68d96fa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:15 GMT
server: nginx
etag: "62c3be57-312b"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12587
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 73fa9460efa7959414e46c0185b6cc42.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 10 KB
10 KB 442ms
437ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/73fa9460efa7959414e46c0185b6cc42.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

934327e898ed908ca9cd5449ce2c14255c449b7b7d0581f86e664d0dc70433ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:15 GMT
server: nginx
etag: "62c3be57-2866"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10342
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 684cf68eabc51a2e910bef7401cadc30.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 12 KB
12 KB 442ms
438ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/684cf68eabc51a2e910bef7401cadc30.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

e3a43def176bfbf1b908ba64094cbbb737c4fc3190ac21f8cc831ce01e270bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:14 GMT
server: nginx
etag: "62c3be56-2ea8"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11944
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 73274b379c7585098537d8e5798a4abd.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 11 KB
11 KB 444ms
440ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/73274b379c7585098537d8e5798a4abd.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

ad7cdc4e6afc36ac4ad930e804984b16c80584e67e665992bd6a74e5cfb0d957

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:14 GMT
server: nginx
etag: "62c3be56-2b51"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11089
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 3adf8640c97ca624ac3ae1e96dccd798.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 11 KB
11 KB 444ms
440ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/3adf8640c97ca624ac3ae1e96dccd798.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

1497a3f9f862fee68b149f8dccb052c01a3f84595bd3ddb8abc875da2c6846ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:14 GMT
server: nginx
etag: "62c3be56-2c0e"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11278
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 df172dd319b50b801845ea5e12f63814.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame 3E3C 13 KB
13 KB 445ms
440ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/df172dd319b50b801845ea5e12f63814.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

579cc45d45fdef6b59083c501cbe457ac315c57b2e6343ad67555c27ec3e5ba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:14 GMT
server: nginx
etag: "62c3be56-322b"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12843
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H3 200 254.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 3E3C 1002 B
966 B 35ms
15ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/254.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4213ff4a5fe5cdf48179cc698ba23d974c451ebd7dd93448b49930c281ebfbd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14999
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 18:27:45 GMT
server: cloudflare
etag: W/"62868c21-3ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HvTVmk7um%2B7jm28uED5TZiwgTt8JBYJQR9Of4N1GUpeaU%2Fel18LpYA3Q40jNznLIdDn66SXa07ZSnm2GdUQuiF%2BW3d0JDuyDhwyG%2BL0DNUrQY43wcdLo9qvn8cC0Ib1g1M%2BOK3l2S6kta6MCVxIQkZRI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 726469d26b995b50-FRA
expires: Wed, 06 Jul 2022 08:52:11 GMT

GET
H2 200 51c4873e0809d56be0fce8d3f67c389a.jpg
www.gg123456789gg.com//upload/vod/20220531-1/ Frame 3E3C 12 KB
13 KB 445ms
441ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220531-1/51c4873e0809d56be0fce8d3f67c389a.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

385ace7701f1372da6741105a4657a1c7987ce3a5a699f472dc86b5dcc0dcd03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Mon, 30 May 2022 22:30:19 GMT
server: nginx
etag: "6295457b-3154"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12628
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 d7aae5cd95abf917a164034caf87219d.jpg
www.gg123456789gg.com//upload/vod/20220531-1/ Frame 3E3C 14 KB
14 KB 445ms
441ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220531-1/d7aae5cd95abf917a164034caf87219d.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

b016d08b5926768cbb1dd91adc16a0f0302bd1d3b1fcbfbe4dd30f66cfe0a9eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Mon, 30 May 2022 22:30:19 GMT
server: nginx
etag: "6295457b-3741"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14145
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 bbedf0d044382a6f05172a4e45bc5752.jpg
www.gg123456789gg.com//upload/vod/20220531-1/ Frame 3E3C 15 KB
15 KB 445ms
441ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220531-1/bbedf0d044382a6f05172a4e45bc5752.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

4638e1b3d37bcc0f7541ffd91879dc9f6bd069cdd76675562b6038a020925af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Mon, 30 May 2022 22:30:20 GMT
server: nginx
etag: "6295457c-3bfd"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15357
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 25b53882b68945b6ea9430cd4295982c.jpg
www.gg123456789gg.com//upload/vod/20220516-1/ Frame 3E3C 32 KB
32 KB 446ms
441ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220516-1/25b53882b68945b6ea9430cd4295982c.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

a9189a3a524e8d0369e25ee5fe11e37f9730f4bf1860f33d082959ebece8a9aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Mon, 16 May 2022 04:30:15 GMT
server: nginx
etag: "6281d357-800a"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 32778
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 775ea27fcc79d57b47c0daa2231eeddf.jpg
www.gg123456789gg.com//upload/vod/20220516-1/ Frame 3E3C 33 KB
33 KB 446ms
441ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220516-1/775ea27fcc79d57b47c0daa2231eeddf.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

e7388077486f760cc4b1ac6a8d84e7ba716cc74ffccd8b58bdce081a11994348

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Mon, 16 May 2022 04:30:15 GMT
server: nginx
etag: "6281d357-8362"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 33634
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 2c88d74092f9c5084b88232d74335828.jpg
www.gg123456789gg.com//upload/vod/20220516-1/ Frame 3E3C 23 KB
23 KB 446ms
441ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220516-1/2c88d74092f9c5084b88232d74335828.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

95add14ccb4e022cf7194a6b5da42ab3e38bf171796f45a6d68733c6465dece9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Mon, 16 May 2022 04:30:15 GMT
server: nginx
etag: "6281d357-5ba6"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 23462
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 3e6a21934a0acf4dc40c6faaa80e31e4.jpg
www.gg123456789gg.com//upload/vod/20220515-1/ Frame 3E3C 12 KB
12 KB 446ms
441ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220515-1/3e6a21934a0acf4dc40c6faaa80e31e4.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

d653222e02b0dfb70d11368109bcb69e8d2a1ec0c0d7831d947375b772df96c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Sun, 15 May 2022 04:30:18 GMT
server: nginx
etag: "628081da-3041"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12353
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 b4849c7ed812f3e4b1e6d9ca08467f8c.jpg
www.gg123456789gg.com//upload/vod/20220515-1/ Frame 3E3C 18 KB
18 KB 447ms
442ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220515-1/b4849c7ed812f3e4b1e6d9ca08467f8c.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

35742e874e60b23deec883cd5179e7c350f334fde1f07e5f9f2c1a1a7f2f18f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Sun, 15 May 2022 04:30:18 GMT
server: nginx
etag: "628081da-46c7"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18119
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 10d13a7170bdc910487afba5201cbbb3.jpg
www.gg123456789gg.com//upload/vod/20220515-1/ Frame 3E3C 75 KB
75 KB 447ms
442ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220515-1/10d13a7170bdc910487afba5201cbbb3.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

c10afccbf2eb99bc0f8f0b121ceaa6393f99ee707ec81d7b00d7ff7cb499c0c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Sun, 15 May 2022 04:30:19 GMT
server: nginx
etag: "628081db-12a73"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76403
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 55f2e1214732097f562ed85779e1649b.jpg
www.gg123456789gg.com//upload/vod/20220514-1/ Frame 3E3C 48 KB
48 KB 447ms
442ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220514-1/55f2e1214732097f562ed85779e1649b.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

0810bd77e5c0bcf107ff7db6b55a3b9f9aabbf5282bbf61343ba4ee6e040bb65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Sat, 14 May 2022 04:30:23 GMT
server: nginx
etag: "627f305f-be75"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 48757
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H3 200 wz.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 3E3C 415 B
836 B 42ms
21ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/wz.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc31830acac16cfe638e8304441ddf913c9650833babb08249d3500b6609fe1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 37309
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 18:27:45 GMT
server: cloudflare
etag: W/"62868c21-19f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Va5AynIolTDViI1RWPnXlRvVeAP1rlpiDnrtJvIFwk4qT%2BFIu4SogeiQRv5WLAuxLx59w0opqOd4KnbD%2BpfUBpi2MrcTOa6lUQNfdWW9ZEgBRaeiR%2Ff5Dl%2BKRNVbisqclhUvk8KWBA5jBn6ws03cl91c"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 726469d26bac5b50-FRA
expires: Wed, 06 Jul 2022 02:40:21 GMT

GET
H3 200 wz1.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 3E3C 433 B
862 B 40ms
19ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/wz1.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70ffd71215ec938af9e1002b6bc6384bee7b19258ff5363f783fd516c6a1e3b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18276
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 18:27:45 GMT
server: cloudflare
etag: W/"62868c21-1b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mExQQJ2ziisWoaxAY92OzhayA6eVPAspgvRroZ%2FIZkzL%2BQhCh4TpIEJnyECOjuMEd4zD21CnLzEDWvb1Kh6xLU2FcHAN5VQSRSMp3NN7DJWIm25%2F%2FQc%2B%2BfLEwiWNqBQVW1oPKHfCdN43LdczJcSqp0X5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 726469d26bab5b50-FRA
expires: Wed, 06 Jul 2022 07:57:34 GMT

GET
H3 200 zylm.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 3E3C 951 B
896 B 47ms
27ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/zylm.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5565f81db170d81799ef3af49c3de085a90ea310c3854387330f78dc25585f81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18276
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 15 Jun 2022 05:41:50 GMT
server: cloudflare
etag: W/"62a9711e-3b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BZDAo4MeRSZQNK8wjwvSwYycGwcR2d4JntMhI981ELdIuE%2FBDHcXJlxsDKi7Hm55PWldXzC55cn4qAqGT9ZG59EGSn2fB6XhjwlOcx1OFMrmQg0FCwzihbNXyTW%2Bi%2BjjaB8XZOabn3ZQN8vp695L6RSn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 726469d26ba95b50-FRA
expires: Wed, 06 Jul 2022 07:57:34 GMT

GET
H3 200 xx3.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 3E3C 3 KB
1 KB 39ms
18ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e8d4dd0943c25974a96510cfb34e333351b9939d9431c4482e27bc204ef09bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12431
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 28 Jun 2022 05:17:54 GMT
server: cloudflare
etag: W/"62ba8f02-a6f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5DvgGPcJIU6nCwaT8jZgswDrVDgeZkW19GBSzm%2FhjHK2%2BG9WKRvxQh%2FnHsFkNlD6vmaRzLKn7fRQFK5vgiUn9VktRwpDOg7NtjYelPSdUAvFcaMFWMiQkyrGw1UXhw5dOGUGouBqo71vVLH45GPJzfan"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 726469d26baa5b50-FRA
expires: Wed, 06 Jul 2022 09:34:59 GMT

GET
H3 200 foot.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame 3E3C 1 KB
1 KB 40ms
20ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/foot.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02ffc05b43e07d8552bbfda7a37a41f98c09756bf98a1a179df2192ef0b2a71b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38460
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Mar 2022 07:12:40 GMT
server: cloudflare
etag: W/"623976e8-445"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x3n3yeas%2B%2FL9AWwDFtH%2FK5%2F1mBu74YqtJOVl9ISCH3GhhzYRGvKuw6RTar8BBlefomEzxwMT%2F4HjAxpfNPHLEKzDH3X502L8Ad60d7pom3mhCb4QwwZoYBoFsv4C2VX%2FZZV247kDJc5TH5YbyK5zJ6TE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 726469d26ba85b50-FRA
expires: Wed, 06 Jul 2022 02:21:10 GMT

GET
H/1.1 200
OK 21278765.js Show response
js.users.51.la/ Frame 3E3C 5 KB
3 KB 204ms
187ms Script
application/javascript 112.90.153.42
UNICOM-FUOSHAN-ID...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/21278765.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 112.90.153.42 , China, ASN136959 (UNICOM-FUOSHAN-IDC China Unicom Guangdong IP network, CN),
Reverse DNS
Software: openresty /
Resource Hash: 6223ea653b3ccdc2d5f9567a16a7225332905919ea00edde3fecc09aa0ba5461

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:10 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=360000
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H3 200 ate.css
klx42.zhgm8jglhk.com/template/m1938pc/css/ Frame F2C2 74 KB
5 KB 19ms
19ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klx42.zhgm8jglhk.com/template/m1938pc/css/ate.css
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4234
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 19 Dec 2021 02:38:44 GMT
server: cloudflare
etag: W/"61be9b34-126e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8futXZfWU2Dulxi9uJTasMQTLi2CHygtuXE7%2BAXeL3i5e7uteJrVMbkhLJun5FxYauSsZs7BJM1KdMwq3vPXZoMWi8SnPorMW0qXb50ohNS%2FjtvuVNLFRtuRe6FgrLcuc%2FtsEkJdAG2uh%2Fb1RjnQJWXMqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 726469d1cde09143-FRA
expires: Wed, 06 Jul 2022 11:51:36 GMT

GET
H3 200 zui.css
klx42.zhgm8jglhk.com/template/m1938pc/css/ Frame F2C2 84 KB
16 KB 20ms
18ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://klx42.zhgm8jglhk.com/template/m1938pc/css/zui.css
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b9fe18cd6b61db8204b6200d359f5aaaba482641a9e0e787cbe8e04c59f585a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4085
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 26 Mar 2022 14:12:08 GMT
server: cloudflare
etag: W/"623f1f38-14f3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RiXBQ%2FmjKy7Us7DAItC2bBkFCHn1ocvaie2sATxQEEpxaRmVoxmKoOWp%2BN%2FKK8NrUTmHs56byoSn%2BeooCndwbJWTOKS%2F7Xp7g0JPBPEwxQF0PSmL5WHOD4MjwIRtqiVzjBYWAgTUD2TaNueQNbuHYCVdGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 726469d1cde29143-FRA
expires: Wed, 06 Jul 2022 11:54:04 GMT

GET
H2 200 xx1.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame F2C2 3 KB
1 KB 80ms
22ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b2abb7a7f617b00663793c14e0ab02ada1d9bbbd33eece9f00502c3b79763ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28360
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 28 Jun 2022 05:17:40 GMT
server: cloudflare
etag: W/"62ba8ef4-d27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KNP7b6cuKlu%2FD34BOPlPz6cYg8%2BiREFMRwGpajAMZUo5hX%2FJZG73WzAHdFLac4%2Fl5Riom1Uatl8QjkebCw1DLLeVpLm%2FdbPmpgZL%2FXlVuyVi0NqhzvoB9g%2FMpl8YXZ7KIyS8qU8vZM%2BwmrXufkmz%2FU5H"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 726469d22af4905e-FRA
expires: Wed, 06 Jul 2022 05:09:30 GMT

GET
H2 200 dh1.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame F2C2 2 KB
838 B 78ms
21ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/dh1.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb51712a1fc7b56a44972da5b4dabf950d9bdeee00f4f8b3d3be00939928907b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3392
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 18 Jun 2022 09:31:58 GMT
server: cloudflare
etag: W/"62ad9b8e-970"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BDEojai3qkcHfmeEdf7CIXgjLxAlua9CeDmcn3%2F7zVcUSM4D7fBdMVMqEgEGeKOGcxCc3j4vK0Gak3AddZ1pmzOjHZG6KyVJ4LM1oJuteL18Yz2w4FG%2BlpDb6SD7wsXTpxvOdQTCO7YnOfA03jHLNgqT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 726469d22af2905e-FRA
expires: Wed, 06 Jul 2022 12:05:38 GMT

GET
H2 200 dh.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame F2C2 11 KB
1 KB 77ms
20ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/dh.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a10767e7f0217734697d6d907d95936dc5be955ba28cd7e311deda7573ff5e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28360
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 30 Jun 2022 15:58:58 GMT
server: cloudflare
etag: W/"62bdc842-2a9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jY81NBJ7YMR4tEhXkqxkOHRvktbaysgfhGNxdwkVXrxFX7jJRfxfY55Capdr0nfmSKviKgSK5SyC97yTB4mJltIkfjGM78%2B6yuaCbNHGnBtHzcDYIzwmKkX%2Bz1PAOsVcNBMjj8Qz6KeoT2fGzh%2FLdccJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 726469d21ae6905e-FRA
expires: Wed, 06 Jul 2022 05:09:30 GMT

GET
H2 200 xx2.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame F2C2 3 KB
881 B 80ms
23ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e8d4dd0943c25974a96510cfb34e333351b9939d9431c4482e27bc204ef09bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28360
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 28 Jun 2022 05:17:50 GMT
server: cloudflare
etag: W/"62ba8efe-a6f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cTXVbJ%2BDQcpo8A%2B4PtwPXyEHIm%2Bn8AYz9lRXZZ9oFMDRRr18N0SyeOOqgLQE6p08jjMRX%2FE4V3ujq%2BE3BGkoqfXSc%2BkW%2FU2uiUOsoR%2FHXGtAXof%2FGUv9TOs2s5wY7rHvRWPQi5cH94w7ju1LgwuFFVTL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 726469d22af7905e-FRA
expires: Wed, 06 Jul 2022 05:09:30 GMT

GET
H2 200 xtb.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame F2C2 6 KB
1 KB 71ms
14ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xtb.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4824a36f16498eb62aff9bab3a8544714401c86ddcf72a4c6ecccde0355633a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29018
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 01 Jul 2022 11:42:07 GMT
server: cloudflare
etag: W/"62bedd8f-1624"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9IjxmOrIJnwCmJtQMCj%2FWfN6KYjCpDRG6XZ0WbWa4lH6MXv6jEEIpSCmLEqx80xEJxSpRdd5%2FIR6jzB%2Bx%2FrKCXNBYTAFGsyo0h5g6FZj%2BSlz7dlsyrB6tqfek9c%2FNh8CHUM%2FJCTpJNcX%2BOZTndlE7%2F%2Fl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 726469d21ae5905e-FRA
expires: Wed, 06 Jul 2022 04:58:32 GMT

GET
H2 200 250.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame F2C2 1 KB
650 B 81ms
24ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/250.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07b32fc9b4985f3e7a35071bddad0ac6fef555f105476df6733c188383d76f9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29018
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 30 Jun 2022 15:58:58 GMT
server: cloudflare
etag: W/"62bdc842-415"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8BfEdbAVTlwjg5yg%2Ba4DXyx%2FkJY5Oruf161BVfp%2BUdT%2F53a73ZzgacrCTA9PG2Ndd7AsQ3086q1CBMnQFOLCkheeYDesCwmRoawH4OOH%2FoarEFZhsTU567y4uJXeraOrcthHfv7ssekGvt30OS6oYk6y"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 726469d22af5905e-FRA
expires: Wed, 06 Jul 2022 04:58:32 GMT

GET
H2 200 e6d2e2da48d6b17b83273e29f6011baa.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 13 KB
13 KB 1779ms
449ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/e6d2e2da48d6b17b83273e29f6011baa.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

1b9a65581d315f2a00351beb076371cd1bcc04e2e70027ffd71c9eb9af760fb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:06 GMT
server: nginx
etag: "62c3be4e-3211"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12817
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 1a4ef8ec8330ad46a87654ec0c4fb800.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 11 KB
11 KB 1631ms
301ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/1a4ef8ec8330ad46a87654ec0c4fb800.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

a9ff173d33aa8c7937d7b1285c32e765926a8cdba28838d1b370e0d16846ef2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:06 GMT
server: nginx
etag: "62c3be4e-2b78"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11128
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 bdc5edba581953462e07246c82aed6a6.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 12 KB
12 KB 1782ms
452ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/bdc5edba581953462e07246c82aed6a6.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

8256dda7c0e10aa129d11f5293b881a3ae33fdfd2efa3587dfe7e1411b8dd2c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:06 GMT
server: nginx
etag: "62c3be4e-3047"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12359
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 3aa60b989dbbf640f88c9d02023cb3df.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 13 KB
13 KB 1781ms
452ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/3aa60b989dbbf640f88c9d02023cb3df.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

1bc7aa17c05e4f11524f726f795fc67af7829eac385742ddab7a1130e519c18b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:06 GMT
server: nginx
etag: "62c3be4e-343f"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13375
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 8e5667465306170da84ac5c258f220d5.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 11 KB
11 KB 1781ms
451ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/8e5667465306170da84ac5c258f220d5.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

7932bde6be3efbf6b896b7bc23eb9edce826f29758fa58678d1bf779415c5215

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:06 GMT
server: nginx
etag: "62c3be4e-2cf8"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11512
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 fec072b1a00c1bf7c1c50a7e5c79598b.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 9 KB
9 KB 1780ms
451ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/fec072b1a00c1bf7c1c50a7e5c79598b.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

6ec5344f5c44a6167edff3fa3b8108ad2903537afce117449e56913393f3d645

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:05 GMT
server: nginx
etag: "62c3be4d-2416"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9238
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 560af84e631c871b3682196b8a891974.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 8 KB
9 KB 440ms
432ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/560af84e631c871b3682196b8a891974.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

2822c5810e10ca718db95e5373226c23a6e781dabc9e4b59ff86656fa9e8f499

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:05 GMT
server: nginx
etag: "62c3be4d-2170"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8560
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 8d431f8f5832a9e015fcf723ffd3e360.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 12 KB
12 KB 440ms
432ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/8d431f8f5832a9e015fcf723ffd3e360.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

8ea78aee5e582e98a1f4650a6f9228a2177728a2b03489a97e20697711f5d2e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:05 GMT
server: nginx
etag: "62c3be4d-2e20"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11808
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 cfe0f63360deb9472d40ffc3d46a2f03.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 9 KB
9 KB 440ms
433ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/cfe0f63360deb9472d40ffc3d46a2f03.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

fecc5094c2866c46cb33d93d81130c566c9b9be2a93ac45d9f5dd411f7ca0cd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:05 GMT
server: nginx
etag: "62c3be4d-2266"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8806
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 4e946f3514eaef8c2ba3c288ab8da2f4.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 11 KB
11 KB 441ms
433ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/4e946f3514eaef8c2ba3c288ab8da2f4.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

70b570eb494e3019c66ce23436eb6db207eb6119c812e6d7df319fe602bb8566

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:04 GMT
server: nginx
etag: "62c3be4c-2bba"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11194
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H3 200 251.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame F2C2 1 KB
947 B 38ms
17ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/251.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cc273eaaec28a73c3d3adc6a8a0e8b92ea623cb0fa1eb9027a3dbc7a25a86be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 18 Jun 2022 09:31:58 GMT
server: cloudflare
etag: W/"62ad9b8e-40f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YrBxJbXpnR%2BSqmw444mKNbsZsLXFzLPlJEunqgqXIKKHGSt5Q06g%2F5ph0Jw6G9ialgwq8XRvQjhfKMwE7Oz5%2BYGkL%2BhtE%2BQOxwqYnGk7BsNyXxHRb1t9q92laRrJ%2F1%2Bd6RQkhsmYpDAOkN5R7tg8DwAB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 726469d26bad5b50-FRA
expires: Wed, 06 Jul 2022 08:52:10 GMT

GET
H2 200 c5b2c0b15a1a8660cee30d9124434226.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 7 KB
7 KB 441ms
433ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/c5b2c0b15a1a8660cee30d9124434226.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

f43e757bcb1dfcc9dd7e3385322a1459d33d102964538feec44cebe288d878ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:11 GMT
server: nginx
etag: "62c3be53-1c27"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7207
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 cab6319888271508db34191b4cfd6d7c.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 9 KB
10 KB 441ms
433ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/cab6319888271508db34191b4cfd6d7c.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

8823c51a5f4da046c2b4d0806ad0ba8ac9cd627690d96c2e846e1f27cac4db34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:11 GMT
server: nginx
etag: "62c3be53-25cc"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9676
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 e8990b1e8d32a8ac31f553912fe51882.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 11 KB
12 KB 441ms
434ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/e8990b1e8d32a8ac31f553912fe51882.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

d0236a0095bbc27b2afcaac11165de2da041fb9f07ea773cbd1e78ec55eb97d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:11 GMT
server: nginx
etag: "62c3be53-2d5f"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11615
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 f887429bbf5dbaf8c03c476c0aebdae0.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 9 KB
9 KB 441ms
434ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/f887429bbf5dbaf8c03c476c0aebdae0.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

5a1dc1d9b38028fd41625f1149571dc6b0fdce8b709df26d611a711c62929dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:10 GMT
server: nginx
etag: "62c3be52-24ee"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9454
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 b94feea33462e9a641b8226a996fa7f9.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 8 KB
8 KB 442ms
434ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/b94feea33462e9a641b8226a996fa7f9.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

51e946229fa30a4e380fece0b73688f5c0dc91dfb0e70ccdd1ee7718c6d24564

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:10 GMT
server: nginx
etag: "62c3be52-1f6e"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8046
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 dd845107ef80821e18d918ca9d6e6dac.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 11 KB
11 KB 442ms
434ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/dd845107ef80821e18d918ca9d6e6dac.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

323166a54c5cbc8fe5628ca0ac050c55cad3cd054fcdebe7a4ba95982817d2f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:10 GMT
server: nginx
etag: "62c3be52-2c84"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11396
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 4caf92054f2d9e699422109306f84742.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 13 KB
13 KB 442ms
435ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/4caf92054f2d9e699422109306f84742.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

f33f7dd576d4074af0a303991ac4eba81aef8baf33afa563c09592afda187af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:10 GMT
server: nginx
etag: "62c3be52-32e1"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13025
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 b596e2c2b7ec6f7d93c5bce8cd1d65d7.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 11 KB
11 KB 442ms
435ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/b596e2c2b7ec6f7d93c5bce8cd1d65d7.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

66b5a20eaf9b570ac60d43b4709317d58f6017578462585d7e3ef45c238f0fea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:09 GMT
server: nginx
etag: "62c3be51-2ab4"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10932
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 c27dcec7fc74e3215076c262ebd1ef45.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 8 KB
8 KB 442ms
435ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/c27dcec7fc74e3215076c262ebd1ef45.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

6feced2f487ed34a4b6d7141169de06637f15aed4c52aaf7872458040ae70c6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:09 GMT
server: nginx
etag: "62c3be51-2005"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8197
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 59fdc1e63826454c0caccd57f5b3612b.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 11 KB
11 KB 443ms
435ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/59fdc1e63826454c0caccd57f5b3612b.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

efec6af41c7d62477fea38dc132ca4966926592aeddd95cd78708f62e6f940ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:09 GMT
server: nginx
etag: "62c3be51-2b45"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11077
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H3 200 252.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame F2C2 1 KB
949 B 40ms
20ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/252.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58cbcba238140b4366da7b34c8fa11a5547c2f6ffa8a07c1106186bd119034df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 40325
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 18 Jun 2022 09:31:58 GMT
server: cloudflare
etag: W/"62ad9b8e-40f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5QLk32AYiVNjKk%2BVR9JmDrwKifuJkre%2BhKn6EA72TSI0tM%2Fl1D5crW0fCAFeEm9DOFObr3NRhWTxNjCZEbIb%2BI3%2Bs2%2F%2FPV0IFlc2nM0%2B%2BAYPYsx1xj8BlR3rpg7nQYs7UA7DtOoiO%2BYElJmlxpDIemPy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 726469d26bae5b50-FRA
expires: Wed, 06 Jul 2022 01:50:05 GMT

GET
H2 200 5ae8ab70f08dd6ee5bc071f3c7b78f02.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 11 KB
11 KB 443ms
436ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/5ae8ab70f08dd6ee5bc071f3c7b78f02.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

2c374dee3ba8c9eff4cf02fca22a47dd138988b6059fb7ca712f6425df515275

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:24 GMT
server: nginx
etag: "62c3be60-2bd1"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11217
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 b9d7b51dfa748ca691b5ae36f4749a1d.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 11 KB
11 KB 443ms
436ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/b9d7b51dfa748ca691b5ae36f4749a1d.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

66a46af46c14ee8db8b069c7f5dc6e3854f860bf3a29e40ce2f2d394d9a499c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:24 GMT
server: nginx
etag: "62c3be60-2b03"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11011
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 2890342d3a034262ca27818b857dc453.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 10 KB
11 KB 444ms
437ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/2890342d3a034262ca27818b857dc453.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

a7f5fafaee61f31774e0b7709f92bdcc45237f937e6690f903d431b1ff9ab064

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:24 GMT
server: nginx
etag: "62c3be60-29de"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10718
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 de47d271a384e36fe7827ed243ed590c.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 7 KB
7 KB 444ms
437ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/de47d271a384e36fe7827ed243ed590c.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

eefdec112dbde7aae86afa8def477e7cb6c12afbe0fda0776b671c2fcd9f6d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:24 GMT
server: nginx
etag: "62c3be60-1c6b"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7275
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 85f42185059c56b1a020fa92a1bf0664.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 8 KB
8 KB 445ms
438ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/85f42185059c56b1a020fa92a1bf0664.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

0aca9b4439594523a9bb6d8dfe97718c4e91379d44b9c2478ebff76ce705e063

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:23 GMT
server: nginx
etag: "62c3be5f-1e37"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7735
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET 1.jpg
fw.lbbf9.com//20200417/m0uMGVom/ Frame F2C2 0
0

GET
H2 200 ea5380763456e3d486aa17ebbd34ca33.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 13 KB
13 KB 444ms
438ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/ea5380763456e3d486aa17ebbd34ca33.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

992a6796af71f08f10c38805a69e234a96f45cae6071a6aaf1e792ee3f357716

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:23 GMT
server: nginx
etag: "62c3be5f-33d2"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13266
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 678637f04eabbfa87a0a45a153c36850.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 14 KB
14 KB 445ms
438ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/678637f04eabbfa87a0a45a153c36850.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

77720b3e2e0cbd28e49c289c4a135efb52d1a938d47f3a3e65ae7634d54492b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:23 GMT
server: nginx
etag: "62c3be5f-3835"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14389
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 a0571c8c531145d19ae9a3bdb3a1f1d9.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 14 KB
14 KB 483ms
477ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/a0571c8c531145d19ae9a3bdb3a1f1d9.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

c4431d5b9fbcd58aa8035364941bcb59c0ce4c601f4dee03110d2c907051ba5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:23 GMT
server: nginx
etag: "62c3be5f-38a1"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14497
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 a37558ceb48bf99f0c66073fbfdb081e.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 12 KB
12 KB 484ms
478ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/a37558ceb48bf99f0c66073fbfdb081e.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

daa0108b940ac24602a833d71c9da1355b62fa0a4266432bdb316b2649851733

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:22 GMT
server: nginx
etag: "62c3be5e-2ef1"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12017
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H3 200 253.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame F2C2 1001 B
928 B 47ms
26ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/253.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19f9436703c1b5b718781093004ea368249bf0a0074d2b6516adc5765131a408

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18276
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 18:27:45 GMT
server: cloudflare
etag: W/"62868c21-3e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5pU70RStkKGaj1d%2BaqAWees%2B4gh%2B32d5MtdAF0emnx9Eu%2FFps05dqEt5BfuqvGbBL%2BFl4hox0%2B7QIc2MebHdf23rBpMhHDnd4sP8Xame6UKjbZ0%2B37Vd3OhqI2Qqx%2BdlUlmO4pPjmS8gXtxJoPOJ2UFb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 726469d26bb05b50-FRA
expires: Wed, 06 Jul 2022 07:57:34 GMT

GET
H2 200 e3af58ec4ebf1a229e4737b3c7f8739d.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 13 KB
13 KB 485ms
478ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/e3af58ec4ebf1a229e4737b3c7f8739d.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

27768dd2b31fd1d64f33d6625a7584bdfcc90dbeaf8457e26856d4eb00fb3619

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:16 GMT
server: nginx
etag: "62c3be58-33bc"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13244
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 3c5c898713d59c19a0564f64454a5734.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 12 KB
13 KB 485ms
479ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/3c5c898713d59c19a0564f64454a5734.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

0056cc36dee5a76974a4e416a313ff5f09d6268171faafc939496438e4161e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:16 GMT
server: nginx
etag: "62c3be58-319a"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12698
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 7aa7a722b694066a5b75827a516edde4.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 14 KB
15 KB 485ms
479ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/7aa7a722b694066a5b75827a516edde4.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

2e39bff3d6e2d90366b74930724bf65adf90875fdf1d2672ab2412a68084ffe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:15 GMT
server: nginx
etag: "62c3be57-39b7"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14775
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 ba47b55a7da7e0fd5497dd414e190fdb.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 10 KB
10 KB 486ms
479ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/ba47b55a7da7e0fd5497dd414e190fdb.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

63beba70a969d813ac36a9065098f77e3dca1d485e96b1dce04c069a60421c16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:15 GMT
server: nginx
etag: "62c3be57-27e8"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10216
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 f2105c814c73b6782f874c5ceb0c8963.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 12 KB
13 KB 486ms
480ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/f2105c814c73b6782f874c5ceb0c8963.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

49b843e9a2a2c23c997b523779f038d188d816dc8d7e454e6bb1f94c68d96fa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:15 GMT
server: nginx
etag: "62c3be57-312b"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12587
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 73fa9460efa7959414e46c0185b6cc42.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 10 KB
10 KB 486ms
480ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/73fa9460efa7959414e46c0185b6cc42.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

934327e898ed908ca9cd5449ce2c14255c449b7b7d0581f86e664d0dc70433ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:15 GMT
server: nginx
etag: "62c3be57-2866"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10342
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 684cf68eabc51a2e910bef7401cadc30.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 12 KB
12 KB 487ms
480ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/684cf68eabc51a2e910bef7401cadc30.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

e3a43def176bfbf1b908ba64094cbbb737c4fc3190ac21f8cc831ce01e270bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:14 GMT
server: nginx
etag: "62c3be56-2ea8"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11944
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 73274b379c7585098537d8e5798a4abd.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 11 KB
11 KB 487ms
481ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/73274b379c7585098537d8e5798a4abd.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

ad7cdc4e6afc36ac4ad930e804984b16c80584e67e665992bd6a74e5cfb0d957

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:14 GMT
server: nginx
etag: "62c3be56-2b51"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11089
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 3adf8640c97ca624ac3ae1e96dccd798.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 11 KB
11 KB 487ms
481ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/3adf8640c97ca624ac3ae1e96dccd798.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

1497a3f9f862fee68b149f8dccb052c01a3f84595bd3ddb8abc875da2c6846ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:14 GMT
server: nginx
etag: "62c3be56-2c0e"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11278
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 df172dd319b50b801845ea5e12f63814.jpg
www.gg123456789gg.com//upload/vod/20220705-1/ Frame F2C2 13 KB
13 KB 487ms
481ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220705-1/df172dd319b50b801845ea5e12f63814.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

579cc45d45fdef6b59083c501cbe457ac315c57b2e6343ad67555c27ec3e5ba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Tue, 05 Jul 2022 04:30:14 GMT
server: nginx
etag: "62c3be56-322b"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12843
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H3 200 254.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame F2C2 1002 B
932 B 48ms
27ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/254.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4213ff4a5fe5cdf48179cc698ba23d974c451ebd7dd93448b49930c281ebfbd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14999
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 18:27:45 GMT
server: cloudflare
etag: W/"62868c21-3ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7yUtQH6ie2%2B%2F%2FWz3i5LfJRLonPDIb8hkhhu8DKbeBEJxfXxF8jHSMEZTWMUikyIiVuD9cJKYMmG5cP92fk2eXrWO05hE3j3pvhd6K%2Fe1VI1J42DLfOxdcR7hmpU5D%2FV8%2BFhz7WdkzdXsdO61xYdsmth"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 726469d26bb15b50-FRA
expires: Wed, 06 Jul 2022 08:52:11 GMT

GET
H2 200 51c4873e0809d56be0fce8d3f67c389a.jpg
www.gg123456789gg.com//upload/vod/20220531-1/ Frame F2C2 12 KB
13 KB 488ms
482ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220531-1/51c4873e0809d56be0fce8d3f67c389a.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

385ace7701f1372da6741105a4657a1c7987ce3a5a699f472dc86b5dcc0dcd03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Mon, 30 May 2022 22:30:19 GMT
server: nginx
etag: "6295457b-3154"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12628
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 d7aae5cd95abf917a164034caf87219d.jpg
www.gg123456789gg.com//upload/vod/20220531-1/ Frame F2C2 14 KB
14 KB 488ms
482ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220531-1/d7aae5cd95abf917a164034caf87219d.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

b016d08b5926768cbb1dd91adc16a0f0302bd1d3b1fcbfbe4dd30f66cfe0a9eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Mon, 30 May 2022 22:30:19 GMT
server: nginx
etag: "6295457b-3741"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14145
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 bbedf0d044382a6f05172a4e45bc5752.jpg
www.gg123456789gg.com//upload/vod/20220531-1/ Frame F2C2 15 KB
15 KB 488ms
482ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220531-1/bbedf0d044382a6f05172a4e45bc5752.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

4638e1b3d37bcc0f7541ffd91879dc9f6bd069cdd76675562b6038a020925af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Mon, 30 May 2022 22:30:20 GMT
server: nginx
etag: "6295457c-3bfd"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15357
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 25b53882b68945b6ea9430cd4295982c.jpg
www.gg123456789gg.com//upload/vod/20220516-1/ Frame F2C2 32 KB
32 KB 488ms
482ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220516-1/25b53882b68945b6ea9430cd4295982c.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

a9189a3a524e8d0369e25ee5fe11e37f9730f4bf1860f33d082959ebece8a9aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Mon, 16 May 2022 04:30:15 GMT
server: nginx
etag: "6281d357-800a"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 32778
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 775ea27fcc79d57b47c0daa2231eeddf.jpg
www.gg123456789gg.com//upload/vod/20220516-1/ Frame F2C2 33 KB
33 KB 488ms
483ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220516-1/775ea27fcc79d57b47c0daa2231eeddf.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

e7388077486f760cc4b1ac6a8d84e7ba716cc74ffccd8b58bdce081a11994348

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Mon, 16 May 2022 04:30:15 GMT
server: nginx
etag: "6281d357-8362"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 33634
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 2c88d74092f9c5084b88232d74335828.jpg
www.gg123456789gg.com//upload/vod/20220516-1/ Frame F2C2 23 KB
23 KB 489ms
483ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220516-1/2c88d74092f9c5084b88232d74335828.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

95add14ccb4e022cf7194a6b5da42ab3e38bf171796f45a6d68733c6465dece9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Mon, 16 May 2022 04:30:15 GMT
server: nginx
etag: "6281d357-5ba6"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 23462
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 3e6a21934a0acf4dc40c6faaa80e31e4.jpg
www.gg123456789gg.com//upload/vod/20220515-1/ Frame F2C2 12 KB
12 KB 489ms
483ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220515-1/3e6a21934a0acf4dc40c6faaa80e31e4.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

d653222e02b0dfb70d11368109bcb69e8d2a1ec0c0d7831d947375b772df96c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Sun, 15 May 2022 04:30:18 GMT
server: nginx
etag: "628081da-3041"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12353
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 b4849c7ed812f3e4b1e6d9ca08467f8c.jpg
www.gg123456789gg.com//upload/vod/20220515-1/ Frame F2C2 18 KB
18 KB 489ms
483ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220515-1/b4849c7ed812f3e4b1e6d9ca08467f8c.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

35742e874e60b23deec883cd5179e7c350f334fde1f07e5f9f2c1a1a7f2f18f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Sun, 15 May 2022 04:30:18 GMT
server: nginx
etag: "628081da-46c7"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18119
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 10d13a7170bdc910487afba5201cbbb3.jpg
www.gg123456789gg.com//upload/vod/20220515-1/ Frame F2C2 75 KB
75 KB 491ms
485ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220515-1/10d13a7170bdc910487afba5201cbbb3.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

c10afccbf2eb99bc0f8f0b121ceaa6393f99ee707ec81d7b00d7ff7cb499c0c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Sun, 15 May 2022 04:30:19 GMT
server: nginx
etag: "628081db-12a73"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76403
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 55f2e1214732097f562ed85779e1649b.jpg
www.gg123456789gg.com//upload/vod/20220514-1/ Frame F2C2 48 KB
48 KB 492ms
486ms Image
image/jpeg 136.0.141.5
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gg123456789gg.com//upload/vod/20220514-1/55f2e1214732097f562ed85779e1649b.jpg

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.0.141.5 , United States, ASN18779 (EGIHOSTING, US),

Reverse DNS

Software

nginx /

Resource Hash

0810bd77e5c0bcf107ff7db6b55a3b9f9aabbf5282bbf61343ba4ee6e040bb65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Sat, 14 May 2022 04:30:23 GMT
server: nginx
etag: "627f305f-be75"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 48757
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H3 200 wz.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame F2C2 415 B
837 B 41ms
21ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/wz.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc31830acac16cfe638e8304441ddf913c9650833babb08249d3500b6609fe1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 37309
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 18:27:45 GMT
server: cloudflare
etag: W/"62868c21-19f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4FCuhGcuR6BDN5uU07MYTuei6cLCPa%2FjhEcVe82SGGsb4OTAFD10cKCimbeVlS%2B3FxSIPRXNhe7g42xXnyU2JhbaymeE28OYkfBOL20g8x5VJPC9BHO7LuIFeNwDorAkgqw9rQ%2FJ9KUJcZap8D9q%2F4Mk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 726469d26ba05b50-FRA
expires: Wed, 06 Jul 2022 02:40:21 GMT

GET
H3 200 wz1.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame F2C2 433 B
854 B 46ms
27ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/wz1.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70ffd71215ec938af9e1002b6bc6384bee7b19258ff5363f783fd516c6a1e3b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18276
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 18:27:45 GMT
server: cloudflare
etag: W/"62868c21-1b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1uEzgX2wfEw4PDQvmmPlXqP0qHR7XaFJK9NsgdDpA8XEhc8p2fjMpDhQ1m0P2wegLSvaBj9xDggwjfoL2cMwQJ5dvwVlloDHjAZu8lnaHf1WbCUb24wCBeQk6TYkmOgrbDbZj%2F8njAni0hMMsZd7OSqM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 726469d26ba15b50-FRA
expires: Wed, 06 Jul 2022 07:57:34 GMT

GET
H3 200 zylm.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame F2C2 951 B
891 B 45ms
25ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/zylm.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5565f81db170d81799ef3af49c3de085a90ea310c3854387330f78dc25585f81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18276
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 15 Jun 2022 05:41:50 GMT
server: cloudflare
etag: W/"62a9711e-3b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a4muOi7lisa7SHdtnUhuaWkQVgesAgAsHnLoeFD0Sy9q6D3SWgXd%2BvuxC72fbGMfo3E4x8XYUz%2F5rA6doUsv2jyftcjXRus%2B3aZLUOHjLa8q4EzValoft%2BvFu8a0bCVsmi6pmRqPhActhbGO1dUASjl2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 726469d26ba25b50-FRA
expires: Wed, 06 Jul 2022 07:57:34 GMT

GET
H3 200 xx3.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame F2C2 3 KB
1 KB 37ms
17ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e8d4dd0943c25974a96510cfb34e333351b9939d9431c4482e27bc204ef09bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12431
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 28 Jun 2022 05:17:54 GMT
server: cloudflare
etag: W/"62ba8f02-a6f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hCjfEBy6Ffgis%2Fnou5qjjSfuJNkQfEBmhSWtrg5yYPwelH7O4TRnga2iiXbOTvt27vk7BVVM%2FsAJvdn1kTwkxGXK%2F9ubFotcAKyhjH8OPG0dG3SbYzLQ4gZ6SRzi4GvABKeaKBsMgNLiFkg9wJ7wIZdV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 726469d26ba45b50-FRA
expires: Wed, 06 Jul 2022 09:34:59 GMT

GET
H3 200 foot.js Show response
lb.learning8809.com/yPS7hqfHgkFauS2djb/ Frame F2C2 1 KB
1 KB 49ms
29ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/foot.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02ffc05b43e07d8552bbfda7a37a41f98c09756bf98a1a179df2192ef0b2a71b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38460
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Mar 2022 07:12:40 GMT
server: cloudflare
etag: W/"623976e8-445"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WBXykLgeuAKD8oI6zGzZ2itwoYbHMz3bE%2FoDyH7%2FdqMBmrXsdtqRgq9CIJEbIZ82XPaOiaH64xnMFfCwWD%2BXOzwoZHTZNxcaKN7TAzSt9jZKwCBsz4nO9CXO8lXcZdRxJJnux7SACPEl0RfLe6FKKnFb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 726469d26ba55b50-FRA
expires: Wed, 06 Jul 2022 02:21:10 GMT

GET
H/1.1 200
OK 21278765.js Show response
js.users.51.la/ Frame F2C2 5 KB
3 KB 263ms
184ms Script
application/javascript 112.90.153.42
UNICOM-FUOSHAN-ID...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/21278765.js
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 112.90.153.42 , China, ASN136959 (UNICOM-FUOSHAN-IDC China Unicom Guangdong IP network, CN),
Reverse DNS
Software: openresty /
Resource Hash: 6223ea653b3ccdc2d5f9567a16a7225332905919ea00edde3fecc09aa0ba5461

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:10 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=360000
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK 69a6af0d27404845b306654000e57a81.gif
n0355.com/ Frame 3E3C 118 KB
118 KB 1168ms
451ms Image
image/gif 52.140.195.15
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0355.com/69a6af0d27404845b306654000e57a81.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.140.195.15 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: 13a5267da129d89878d38e19fb2f6c16fc159f0ff113315e08ff2d953d4c2ce7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:11 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 May 2022 14:06:33 GMT
Server: WAF/2.4-12.1
ETag: W/"62937de9-1d6f6"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK b0fe210a8cec4dc898ee32a88f3ed602.gif
n0477.com/ Frame 3E3C 280 KB
278 KB 947ms
451ms Image
image/gif 20.222.126.63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0477.com/b0fe210a8cec4dc898ee32a88f3ed602.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.222.126.63 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: f6e4778de943e27dc198c39f45c6e896803077f99c6f2e3a55e61177d8a3ed05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 09:29:26 GMT
Server: WAF/2.4-12.1
ETag: W/"62a1bd76-45f67"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 2a97558cb3ea4b6e8e016d5f897eb40b.gif
32653562.com/ Frame 3E3C 205 KB
205 KB 1805ms
456ms Image
image/gif 52.140.195.15
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://32653562.com/2a97558cb3ea4b6e8e016d5f897eb40b.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.140.195.15 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: f8f90ef68b126f23c4be949a416d29675d7323090f2527e31659adffc4256071

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:11 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 May 2022 14:06:12 GMT
Server: WAF/2.4-12.1
ETag: W/"62937dd4-333cb"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK b9b8a77e343b4eb5bf13a6592941b9f4.gif
xox8995.com/ Frame 3E3C 625 KB
626 KB 1921ms
147ms Image
image/gif 45.61.212.119
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xox8995.com/b9b8a77e343b4eb5bf13a6592941b9f4.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.119 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: bb39c24977f35aca4f84a9acb48f90c2fca6f5469902454f70252641c4b3056f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 05 Jul 2022 19:14:34 GMT
Last-Modified: Thu, 23 Jun 2022 12:09:54 GMT
Server: nginx
ETag: "62b45812-9c526"
X-Cache: HIT from cloud-us2-cdnb-19
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 640294

GET
H/1.1 200
OK 1213de108655403cab1dc3254bda4411.gif
bob4915.com/ Frame 3E3C 414 KB
414 KB 2525ms
151ms Image
image/gif 45.61.212.54
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bob4915.com/1213de108655403cab1dc3254bda4411.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.54 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: b26d4de107c13bfceff216d745f7fa588dfe81e1908d392934e69ac5d4b1f15b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 19:21:55 GMT
Last-Modified: Fri, 10 Jun 2022 15:35:32 GMT
Server: nginx
ETag: "62a364c4-6783d"
X-Cache: HIT from cloud-us1-cdnb-24
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 423997

GET
H/1.1 200
OK 8b9a23d1c8af49788664b4308135ce77.gif
jcyunk2.com/ Frame 3E3C 351 KB
351 KB 2498ms
147ms Image
image/gif 103.170.15.92
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jcyunk2.com/8b9a23d1c8af49788664b4308135ce77.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.92 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: 68ba4c4b15565431cb3eb04e98b176db6634fd9b9f881689f9c07ee5ea1dae65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 01 Jul 2022 18:06:09 GMT
Last-Modified: Sun, 22 May 2022 10:05:27 GMT
Server: nginx
ETag: "628a0ae7-57a3a"
X-Cache: HIT from yd11_13-cdn-g01-la2-22
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 358970

GET
H/1.1 200
OK 5cced2fb2a50453f9c59792a64a874ca.gif
xox8995.com/ Frame 3E3C 247 KB
248 KB 1895ms
146ms Image
image/gif 45.61.212.119
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xox8995.com/5cced2fb2a50453f9c59792a64a874ca.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.119 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: b07be4b9709fcca75742f35d2769d08878c6a0e7abf2cde2a6e65d029f754423

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 05 Jul 2022 19:14:34 GMT
Last-Modified: Wed, 15 Jun 2022 08:57:19 GMT
Server: nginx
ETag: "62a99eef-3ddee"
X-Cache: HIT from cloud-us2-cdnb-19
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 253422

GET
H2 200 anim55648e4baa6ation.gif
yyzbtg01.cc/img/ Frame 3E3C 175 KB
176 KB 1537ms
211ms Image
image/gif 118.107.46.234
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yyzbtg01.cc/img/anim55648e4baa6ation.gif

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.107.46.234 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

7b4fb840d83d5735a8ce746a307a80020a46b21e300c2f0fd7a44645f2c09cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Fri, 27 May 2022 07:35:56 GMT
server: nginx
etag: "62907f5c-2bdfc"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 179708
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 960240.gif
taiwtp1.com/img/ Frame 3E3C 219 KB
219 KB 1016ms
491ms Image
image/gif 220.128.218.220
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://taiwtp1.com/img/960240.gif

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

220.128.218.220 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

220-128-218-220.hinet-ip.hinet.net

Software

nginx /

Resource Hash

269a642190139efcc044a53f3194f196e79d8e981d3e8cf0184ce4e8eb134020

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:01:16 GMT
last-modified: Wed, 09 Mar 2022 04:06:14 GMT
server: nginx
etag: "622827b6-36a87"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 223879
expires: Fri, 05 Aug 2022 01:01:16 GMT

GET
H/1.1 200
OK 69a6af0d27404845b306654000e57a81.gif
n0355.com/ Frame F2C2 118 KB
118 KB 1167ms
454ms Image
image/gif 52.140.195.15
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0355.com/69a6af0d27404845b306654000e57a81.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.140.195.15 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: 13a5267da129d89878d38e19fb2f6c16fc159f0ff113315e08ff2d953d4c2ce7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:11 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 May 2022 14:06:33 GMT
Server: WAF/2.4-12.1
ETag: W/"62937de9-1d6f6"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK b0fe210a8cec4dc898ee32a88f3ed602.gif
n0477.com/ Frame F2C2 280 KB
278 KB 1011ms
450ms Image
image/gif 20.222.126.63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0477.com/b0fe210a8cec4dc898ee32a88f3ed602.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.222.126.63 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: f6e4778de943e27dc198c39f45c6e896803077f99c6f2e3a55e61177d8a3ed05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 09:29:26 GMT
Server: WAF/2.4-12.1
ETag: W/"62a1bd76-45f67"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 2a97558cb3ea4b6e8e016d5f897eb40b.gif
32653562.com/ Frame F2C2 205 KB
205 KB 1729ms
450ms Image
image/gif 52.140.195.15
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://32653562.com/2a97558cb3ea4b6e8e016d5f897eb40b.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.140.195.15 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: f8f90ef68b126f23c4be949a416d29675d7323090f2527e31659adffc4256071

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:11 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 May 2022 14:06:12 GMT
Server: WAF/2.4-12.1
ETag: W/"62937dd4-333cb"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK b9b8a77e343b4eb5bf13a6592941b9f4.gif
xox8995.com/ Frame F2C2 625 KB
626 KB 2484ms
142ms Image
image/gif 45.61.212.119
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xox8995.com/b9b8a77e343b4eb5bf13a6592941b9f4.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.119 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: bb39c24977f35aca4f84a9acb48f90c2fca6f5469902454f70252641c4b3056f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 05 Jul 2022 19:14:34 GMT
Last-Modified: Thu, 23 Jun 2022 12:09:54 GMT
Server: nginx
ETag: "62b45812-9c526"
X-Cache: HIT from cloud-us2-cdnb-19
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 640294

GET
H/1.1 200
OK 1213de108655403cab1dc3254bda4411.gif
bob4915.com/ Frame F2C2 414 KB
414 KB 2457ms
143ms Image
image/gif 45.61.212.54
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bob4915.com/1213de108655403cab1dc3254bda4411.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.54 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: b26d4de107c13bfceff216d745f7fa588dfe81e1908d392934e69ac5d4b1f15b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 19:21:55 GMT
Last-Modified: Fri, 10 Jun 2022 15:35:32 GMT
Server: nginx
ETag: "62a364c4-6783d"
X-Cache: HIT from cloud-us1-cdnb-24
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 423997

GET
H/1.1 200
OK 8b9a23d1c8af49788664b4308135ce77.gif
jcyunk2.com/ Frame F2C2 351 KB
351 KB 2291ms
148ms Image
image/gif 103.170.15.92
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jcyunk2.com/8b9a23d1c8af49788664b4308135ce77.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.92 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: 68ba4c4b15565431cb3eb04e98b176db6634fd9b9f881689f9c07ee5ea1dae65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 01 Jul 2022 18:06:09 GMT
Last-Modified: Sun, 22 May 2022 10:05:27 GMT
Server: nginx
ETag: "628a0ae7-57a3a"
X-Cache: HIT from yd11_13-cdn-g01-la2-22
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 358970

GET
H/1.1 200
OK 5cced2fb2a50453f9c59792a64a874ca.gif
xox8995.com/ Frame F2C2 247 KB
248 KB 1681ms
145ms Image
image/gif 45.61.212.119
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xox8995.com/5cced2fb2a50453f9c59792a64a874ca.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.119 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: b07be4b9709fcca75742f35d2769d08878c6a0e7abf2cde2a6e65d029f754423

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 05 Jul 2022 19:14:34 GMT
Last-Modified: Wed, 15 Jun 2022 08:57:19 GMT
Server: nginx
ETag: "62a99eef-3ddee"
X-Cache: HIT from cloud-us2-cdnb-19
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 253422

GET
H2 200 anim55648e4baa6ation.gif
yyzbtg01.cc/img/ Frame F2C2 175 KB
176 KB 1793ms
681ms Image
image/gif 118.107.46.234
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yyzbtg01.cc/img/anim55648e4baa6ation.gif

Requested by

Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.107.46.234 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

7b4fb840d83d5735a8ce746a307a80020a46b21e300c2f0fd7a44645f2c09cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Fri, 27 May 2022 07:35:56 GMT
server: nginx
etag: "62907f5c-2bdfc"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 179708
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 960240.gif
taiwtp1.com/img/ Frame F2C2 219 KB
219 KB 1200ms
889ms Image
image/gif 220.128.218.220
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://taiwtp1.com/img/960240.gif

Requested by

Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

220.128.218.220 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

220-128-218-220.hinet-ip.hinet.net

Software

nginx /

Resource Hash

269a642190139efcc044a53f3194f196e79d8e981d3e8cf0184ce4e8eb134020

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:01:16 GMT
last-modified: Wed, 09 Mar 2022 04:06:14 GMT
server: nginx
etag: "622827b6-36a87"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 223879
expires: Fri, 05 Aug 2022 01:01:16 GMT

GET
H/1.1 200
OK 69a6af0d27404845b306654000e57a81.gif
n0355.com/ Frame 3E3C 118 KB
118 KB 1071ms
457ms Image
image/gif 52.140.195.15
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0355.com/69a6af0d27404845b306654000e57a81.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.140.195.15 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: 13a5267da129d89878d38e19fb2f6c16fc159f0ff113315e08ff2d953d4c2ce7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:11 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 May 2022 14:06:33 GMT
Server: WAF/2.4-12.1
ETag: W/"62937de9-1d6f6"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK b0fe210a8cec4dc898ee32a88f3ed602.gif
n0477.com/ Frame 3E3C 280 KB
278 KB 1043ms
449ms Image
image/gif 20.222.126.63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0477.com/b0fe210a8cec4dc898ee32a88f3ed602.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.222.126.63 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: f6e4778de943e27dc198c39f45c6e896803077f99c6f2e3a55e61177d8a3ed05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 09:29:26 GMT
Server: WAF/2.4-12.1
ETag: W/"62a1bd76-45f67"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 2a97558cb3ea4b6e8e016d5f897eb40b.gif
32653562.com/ Frame 3E3C 205 KB
205 KB 1705ms
457ms Image
image/gif 52.140.195.15
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://32653562.com/2a97558cb3ea4b6e8e016d5f897eb40b.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.140.195.15 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: f8f90ef68b126f23c4be949a416d29675d7323090f2527e31659adffc4256071

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:11 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 May 2022 14:06:12 GMT
Server: WAF/2.4-12.1
ETag: W/"62937dd4-333cb"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK b9b8a77e343b4eb5bf13a6592941b9f4.gif
xox8995.com/ Frame 3E3C 625 KB
626 KB 2514ms
143ms Image
image/gif 45.61.212.119
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xox8995.com/b9b8a77e343b4eb5bf13a6592941b9f4.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.119 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: bb39c24977f35aca4f84a9acb48f90c2fca6f5469902454f70252641c4b3056f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 05 Jul 2022 19:14:34 GMT
Last-Modified: Thu, 23 Jun 2022 12:09:54 GMT
Server: nginx
ETag: "62b45812-9c526"
X-Cache: HIT from cloud-us2-cdnb-19
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 640294

GET
H/1.1 200
OK 1213de108655403cab1dc3254bda4411.gif
bob4915.com/ Frame 3E3C 414 KB
414 KB 2433ms
150ms Image
image/gif 45.61.212.54
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bob4915.com/1213de108655403cab1dc3254bda4411.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.54 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: b26d4de107c13bfceff216d745f7fa588dfe81e1908d392934e69ac5d4b1f15b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 19:21:55 GMT
Last-Modified: Fri, 10 Jun 2022 15:35:32 GMT
Server: nginx
ETag: "62a364c4-6783d"
X-Cache: HIT from cloud-us1-cdnb-24
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 423997

GET
H/1.1 200
OK 8b9a23d1c8af49788664b4308135ce77.gif
jcyunk2.com/ Frame 3E3C 351 KB
351 KB 2407ms
148ms Image
image/gif 103.170.15.92
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jcyunk2.com/8b9a23d1c8af49788664b4308135ce77.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.92 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: 68ba4c4b15565431cb3eb04e98b176db6634fd9b9f881689f9c07ee5ea1dae65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 01 Jul 2022 18:06:09 GMT
Last-Modified: Sun, 22 May 2022 10:05:27 GMT
Server: nginx
ETag: "628a0ae7-57a3a"
X-Cache: HIT from yd11_13-cdn-g01-la2-22
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 358970

GET
H/1.1 200
OK 5cced2fb2a50453f9c59792a64a874ca.gif
xox8995.com/ Frame 3E3C 247 KB
248 KB 1802ms
144ms Image
image/gif 45.61.212.119
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xox8995.com/5cced2fb2a50453f9c59792a64a874ca.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.119 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: b07be4b9709fcca75742f35d2769d08878c6a0e7abf2cde2a6e65d029f754423

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 05 Jul 2022 19:14:34 GMT
Last-Modified: Wed, 15 Jun 2022 08:57:19 GMT
Server: nginx
ETag: "62a99eef-3ddee"
X-Cache: HIT from cloud-us2-cdnb-19
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 253422

GET
H2 200 anim55648e4baa6ation.gif
yyzbtg01.cc/img/ Frame 3E3C 175 KB
176 KB 1913ms
679ms Image
image/gif 118.107.46.234
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yyzbtg01.cc/img/anim55648e4baa6ation.gif

Requested by

Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.107.46.234 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

7b4fb840d83d5735a8ce746a307a80020a46b21e300c2f0fd7a44645f2c09cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Fri, 27 May 2022 07:35:56 GMT
server: nginx
etag: "62907f5c-2bdfc"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 179708
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 960240.gif
taiwtp1.com/img/ Frame 3E3C 219 KB
219 KB 1322ms
890ms Image
image/gif 220.128.218.220
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://taiwtp1.com/img/960240.gif

Requested by

Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

220.128.218.220 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

220-128-218-220.hinet-ip.hinet.net

Software

nginx /

Resource Hash

269a642190139efcc044a53f3194f196e79d8e981d3e8cf0184ce4e8eb134020

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:01:16 GMT
last-modified: Wed, 09 Mar 2022 04:06:14 GMT
server: nginx
etag: "622827b6-36a87"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 223879
expires: Fri, 05 Aug 2022 01:01:16 GMT

GET
H2 200 gg.css
sb.learning8808.com/yPS7hqfHgkFauS2djb/ Frame 3E3C 3 KB
1 KB 75ms
15ms Stylesheet
text/css 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.learning8808.com/yPS7hqfHgkFauS2djb/gg.css
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xtb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bb4ec00d22758bd6f9960202619821782a2c88ebd0997582582b00f015642fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29018
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 29 Jun 2022 09:41:11 GMT
server: cloudflare
etag: W/"62bc1e37-c63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1vTsWyBBd8H42dX2AOSr9m19gftmuLJt4wFNj0S45PpYHcNifIt6wHhjIf8CdGlVmIkYrfo2q2I%2FRj5%2FC%2FY6uixLiP99jfcKkbPjy6RxmajLI1WsF33t3rumk2Zt%2B%2ByPrkdwIJaW1%2F7q6WwgDKdrpvLV"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 726469d35cb9918c-FRA
expires: Wed, 06 Jul 2022 04:58:32 GMT

GET 8e1e9034b4a54c10bcdc828a830c011c.png
n0404.com/ Frame 3E3C 0
0

GET 80c8a3886e5e4885b9ceb421172edb63.png
n0404.com/ Frame 3E3C 0
0

GET 370fe18fce95412383ca14e44a0d41f5.png
n0399.com/ Frame 3E3C 0
0

GET 2a66afb62ca745c3868530fdc02492b3.gif
bob4942.com/ Frame 3E3C 0
0

GET ad57239e363d4a2f96c2e91f27d2aefb.gif
bob5379.com/ Frame 3E3C 0
0

GET ffa0f10f31964f75a6d8ab82391c4868.gif
xox8889.com/ Frame 3E3C 0
0

GET b54fabb21dcf461696483c00e563d773.gif
xox8956.com/ Frame 3E3C 0
0

GET anim55648e4baa6ation-zb-3.gif
yyzbtg01.cc/img/ Frame 3E3C 0
0

GET 200200.gif
taiwtp1.com/img/ Frame 3E3C 0
0

GET zbcpa2.png
tk.learning8808.com/images/ Frame 3E3C 0
0

GET 200x200.gif
701.oss-cn-hongkong.aliyuncs.com/gg/ Frame 3E3C 0
0

GET %E7%88%B1%E6%B5%AA.gif
sdjigd56c.com/tu/ Frame 3E3C 0
0

GET
H/1.1 200
OK 69a6af0d27404845b306654000e57a81.gif
n0355.com/ Frame F2C2 118 KB
118 KB 927ms
450ms Image
image/gif 52.140.195.15
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0355.com/69a6af0d27404845b306654000e57a81.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.140.195.15 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: 13a5267da129d89878d38e19fb2f6c16fc159f0ff113315e08ff2d953d4c2ce7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:11 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 May 2022 14:06:33 GMT
Server: WAF/2.4-12.1
ETag: W/"62937de9-1d6f6"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK b0fe210a8cec4dc898ee32a88f3ed602.gif
n0477.com/ Frame F2C2 280 KB
278 KB 706ms
449ms Image
image/gif 20.222.126.63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0477.com/b0fe210a8cec4dc898ee32a88f3ed602.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.222.126.63 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: f6e4778de943e27dc198c39f45c6e896803077f99c6f2e3a55e61177d8a3ed05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 09:29:26 GMT
Server: WAF/2.4-12.1
ETag: W/"62a1bd76-45f67"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 2a97558cb3ea4b6e8e016d5f897eb40b.gif
32653562.com/ Frame F2C2 205 KB
205 KB 1559ms
449ms Image
image/gif 52.140.195.15
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://32653562.com/2a97558cb3ea4b6e8e016d5f897eb40b.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.140.195.15 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: f8f90ef68b126f23c4be949a416d29675d7323090f2527e31659adffc4256071

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:11 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 May 2022 14:06:12 GMT
Server: WAF/2.4-12.1
ETag: W/"62937dd4-333cb"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK b9b8a77e343b4eb5bf13a6592941b9f4.gif
xox8995.com/ Frame F2C2 625 KB
626 KB 1682ms
147ms Image
image/gif 45.61.212.119
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xox8995.com/b9b8a77e343b4eb5bf13a6592941b9f4.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.119 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: bb39c24977f35aca4f84a9acb48f90c2fca6f5469902454f70252641c4b3056f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 05 Jul 2022 19:14:34 GMT
Last-Modified: Thu, 23 Jun 2022 12:09:54 GMT
Server: nginx
ETag: "62b45812-9c526"
X-Cache: HIT from cloud-us2-cdnb-19
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 640294

GET
H/1.1 200
OK 1213de108655403cab1dc3254bda4411.gif
bob4915.com/ Frame F2C2 414 KB
414 KB 2312ms
151ms Image
image/gif 45.61.212.54
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bob4915.com/1213de108655403cab1dc3254bda4411.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.54 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: b26d4de107c13bfceff216d745f7fa588dfe81e1908d392934e69ac5d4b1f15b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 19:21:55 GMT
Last-Modified: Fri, 10 Jun 2022 15:35:32 GMT
Server: nginx
ETag: "62a364c4-6783d"
X-Cache: HIT from cloud-us1-cdnb-24
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 423997

GET
H/1.1 200
OK 8b9a23d1c8af49788664b4308135ce77.gif
jcyunk2.com/ Frame F2C2 351 KB
351 KB 2288ms
149ms Image
image/gif 103.170.15.92
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jcyunk2.com/8b9a23d1c8af49788664b4308135ce77.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.92 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: 68ba4c4b15565431cb3eb04e98b176db6634fd9b9f881689f9c07ee5ea1dae65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 01 Jul 2022 18:06:09 GMT
Last-Modified: Sun, 22 May 2022 10:05:27 GMT
Server: nginx
ETag: "628a0ae7-57a3a"
X-Cache: HIT from yd11_13-cdn-g01-la2-22
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 358970

GET
H/1.1 200
OK 5cced2fb2a50453f9c59792a64a874ca.gif
xox8995.com/ Frame F2C2 247 KB
248 KB 1680ms
145ms Image
image/gif 45.61.212.119
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xox8995.com/5cced2fb2a50453f9c59792a64a874ca.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.119 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: b07be4b9709fcca75742f35d2769d08878c6a0e7abf2cde2a6e65d029f754423

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 05 Jul 2022 19:14:34 GMT
Last-Modified: Wed, 15 Jun 2022 08:57:19 GMT
Server: nginx
ETag: "62a99eef-3ddee"
X-Cache: HIT from cloud-us2-cdnb-19
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 253422

GET
H2 200 anim55648e4baa6ation.gif
yyzbtg01.cc/img/ Frame F2C2 175 KB
176 KB 1792ms
680ms Image
image/gif 118.107.46.234
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yyzbtg01.cc/img/anim55648e4baa6ation.gif

Requested by

Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.107.46.234 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

7b4fb840d83d5735a8ce746a307a80020a46b21e300c2f0fd7a44645f2c09cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Fri, 27 May 2022 07:35:56 GMT
server: nginx
etag: "62907f5c-2bdfc"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 179708
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 960240.gif
taiwtp1.com/img/ Frame F2C2 219 KB
219 KB 1200ms
889ms Image
image/gif 220.128.218.220
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://taiwtp1.com/img/960240.gif

Requested by

Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

220.128.218.220 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

220-128-218-220.hinet-ip.hinet.net

Software

nginx /

Resource Hash

269a642190139efcc044a53f3194f196e79d8e981d3e8cf0184ce4e8eb134020

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:01:16 GMT
last-modified: Wed, 09 Mar 2022 04:06:14 GMT
server: nginx
etag: "622827b6-36a87"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 223879
expires: Fri, 05 Aug 2022 01:01:16 GMT

GET
H2 200 gg.css
sb.learning8808.com/yPS7hqfHgkFauS2djb/ Frame F2C2 3 KB
1 KB 74ms
18ms Stylesheet
text/css 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.learning8808.com/yPS7hqfHgkFauS2djb/gg.css
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xtb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bb4ec00d22758bd6f9960202619821782a2c88ebd0997582582b00f015642fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29018
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 29 Jun 2022 09:41:11 GMT
server: cloudflare
etag: W/"62bc1e37-c63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HNHiOauwnI7I3og9hbuZHA3rlP1T3UxqFtcsKqznCyTmRd4je7k0bMa6mAngHMyPwEukI3RpmHtYlZH27qyDyF7zIGzmoIz9EDzZdcdBLYNrDi8OvLnSds6iefiITvh6T9ct5ZBqM1DdKund3UQHtU5Y"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 726469d35cbb918c-FRA
expires: Wed, 06 Jul 2022 04:58:32 GMT

GET 8e1e9034b4a54c10bcdc828a830c011c.png
n0404.com/ Frame F2C2 0
0

GET 80c8a3886e5e4885b9ceb421172edb63.png
n0404.com/ Frame F2C2 0
0

GET 370fe18fce95412383ca14e44a0d41f5.png
n0399.com/ Frame F2C2 0
0

GET 2a66afb62ca745c3868530fdc02492b3.gif
bob4942.com/ Frame F2C2 0
0

GET ad57239e363d4a2f96c2e91f27d2aefb.gif
bob5379.com/ Frame F2C2 0
0

GET ffa0f10f31964f75a6d8ab82391c4868.gif
xox8889.com/ Frame F2C2 0
0

GET b54fabb21dcf461696483c00e563d773.gif
xox8956.com/ Frame F2C2 0
0

GET anim55648e4baa6ation-zb-3.gif
yyzbtg01.cc/img/ Frame F2C2 0
0

GET 200200.gif
taiwtp1.com/img/ Frame F2C2 0
0

GET zbcpa2.png
tk.learning8808.com/images/ Frame F2C2 0
0

GET 200x200.gif
701.oss-cn-hongkong.aliyuncs.com/gg/ Frame F2C2 0
0

GET %E7%88%B1%E6%B5%AA.gif
sdjigd56c.com/tu/ Frame F2C2 0
0

GET
H/1.1 200
OK 8e1e9034b4a54c10bcdc828a830c011c.png
n0404.com/ Frame 3E3C 39 KB
39 KB 954ms
382ms Image
image/png 104.208.85.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0404.com/8e1e9034b4a54c10bcdc828a830c011c.png
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.208.85.134 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: 09424bf279c942aa70ce86abbb4ec994a50d62e001f9f69d5737fd8508e7e823

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 10:29:05 GMT
Server: WAF/2.4-12.1
ETag: W/"62bc2971-9c77"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 80c8a3886e5e4885b9ceb421172edb63.png
n0404.com/ Frame 3E3C 27 KB
27 KB 955ms
384ms Image
image/png 104.208.85.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0404.com/80c8a3886e5e4885b9ceb421172edb63.png
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.208.85.134 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: b1b94bcc3d698ccd417845c7c02ee591f61f325048ed0b6658a0fe3bacfbf045

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 10:29:37 GMT
Server: WAF/2.4-12.1
ETag: W/"62bc2991-6a00"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 370fe18fce95412383ca14e44a0d41f5.png
n0399.com/ Frame 3E3C 50 KB
50 KB 902ms
450ms Image
image/png 20.210.89.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0399.com/370fe18fce95412383ca14e44a0d41f5.png
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.210.89.45 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: 7dac5e0a6b8487b5bcdab06810beb4ce6f7c418d17456b5a466d5572e5772eff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 10:29:58 GMT
Server: WAF/2.4-12.1
ETag: W/"62bc29a6-c7f8"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 2a66afb62ca745c3868530fdc02492b3.gif
bob4942.com/ Frame 3E3C 189 KB
190 KB 3852ms
144ms Image
image/gif 45.61.212.223
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bob4942.com/2a66afb62ca745c3868530fdc02492b3.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.223 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 78b2b06ff170a2f683a8b26b743a387b4d807e5bd9fd056b1f214f91446d300a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 08:43:53 GMT
Last-Modified: Wed, 29 Jun 2022 10:21:40 GMT
Server: nginx
ETag: "62bc27b4-2f5d2"
X-Cache: HIT from cloud-us3-cdnb-23
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 194002

GET
H/1.1 200
OK ad57239e363d4a2f96c2e91f27d2aefb.gif
bob5379.com/ Frame 3E3C 118 KB
118 KB 2564ms
146ms Image
image/gif 45.61.212.54
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bob5379.com/ad57239e363d4a2f96c2e91f27d2aefb.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.54 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: f21b17add2b5dc734217cfa6c6c2a2d277e17ca9f939cc0af2cadef672cbc68f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 11:50:04 GMT
Last-Modified: Wed, 29 Jun 2022 10:22:11 GMT
Server: nginx
ETag: "62bc27d3-1d869"
X-Cache: HIT from cloud-us1-cdnb-24
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 120937

GET
H/1.1 200
OK ffa0f10f31964f75a6d8ab82391c4868.gif
xox8889.com/ Frame 3E3C 29 KB
29 KB 2389ms
148ms Image
image/gif 103.170.15.107
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xox8889.com/ffa0f10f31964f75a6d8ab82391c4868.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.107 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: 2ca8007b97da4aa8dfe8e89950cd97d6c804f17d4d9cb51e0f7492335412724c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 01 Jul 2022 14:49:46 GMT
Last-Modified: Wed, 29 Jun 2022 14:31:29 GMT
Server: nginx
ETag: "62bc6241-748c"
X-Cache: HIT from yd11_13-cdn-g01-la2-37
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 29836

GET
H/1.1 200
OK b54fabb21dcf461696483c00e563d773.gif
xox8956.com/ Frame 3E3C 13 KB
13 KB 1895ms
153ms Image
image/gif 103.170.15.92
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xox8956.com/b54fabb21dcf461696483c00e563d773.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.92 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: 87d507ded968cf229b266f383bd32b19c73a3d4636e88f177e8188e66a68a6b8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 07:09:31 GMT
Last-Modified: Wed, 29 Jun 2022 07:09:12 GMT
Server: nginx
ETag: "62bbfa98-34d1"
X-Cache: HIT from yd11_13-cdn-g01-la2-22
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 13521

GET
H2 200 anim55648e4baa6ation-zb-3.gif
yyzbtg01.cc/img/ Frame 3E3C 268 KB
268 KB 1804ms
681ms Image
image/gif 118.107.46.234
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yyzbtg01.cc/img/anim55648e4baa6ation-zb-3.gif

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.107.46.234 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

8742cbc5071fd4166eb2a6a7bb6f0862aec57ef87d2fb0e4c0de668f79ad219d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Fri, 01 Jul 2022 11:37:12 GMT
server: nginx
etag: "62bedc68-42fd9"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 274393
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 200200.gif
taiwtp1.com/img/ Frame 3E3C 73 KB
74 KB 1212ms
889ms Image
image/gif 220.128.218.220
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://taiwtp1.com/img/200200.gif

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

220.128.218.220 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

220-128-218-220.hinet-ip.hinet.net

Software

nginx /

Resource Hash

0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:01:16 GMT
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
server: nginx
etag: "6228323e-125fb"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 75259
expires: Fri, 05 Aug 2022 01:01:16 GMT

GET
H2 200 zbcpa2.png
tk.learning8808.com/images/ Frame 3E3C 158 KB
158 KB 48ms
27ms Image
image/png 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/zbcpa2.png
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca5ada5bab699078f3ecdb2a2b569bcef9b8b34f6773d2197c0658a55fad5d25

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 705067
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 161572
last-modified: Wed, 27 Apr 2022 12:03:23 GMT
server: cloudflare
etag: "6269310b-27724"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yN5D4fLajdC29M7bINjCM0nnx3mpNYQvLM56l1Ml73qa9VyezJco95tPN%2Btp52rHiyuco85c41WKYNcy1d3ODICNVtI3PKkxwz4zL2Hihujz5VgtR4o252nQpm6%2Bi3ZXr1jK4%2FEw9KuHmlFeTAJKdDPU"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 726469d3dd44918c-FRA
expires: Wed, 27 Jul 2022 21:11:06 GMT

GET
H/1.1 200
OK 200x200.gif
701.oss-cn-hongkong.aliyuncs.com/gg/ Frame 3E3C 292 KB
292 KB 1002ms
311ms Image
image/gif 47.75.19.85
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://701.oss-cn-hongkong.aliyuncs.com/gg/200x200.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.19.85 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: d41138a2f786edf66c084dc7465925fe47e70690d04c7264eeea9af1f34714e5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Wed, 06 Jul 2022 01:02:11 GMT
x-oss-request-id: 62C4DF13E46B1637356F8E05
Last-Modified: Tue, 21 Jun 2022 08:13:56 GMT
Server: AliyunOSS
Content-MD5: nDumakHJn/7gFAWoN2EMyg==
ETag: "9C3BA66A41C99FFEE01405A837610CCA"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 8250722550151430017
Content-Length: 298536
x-oss-server-time: 1

GET
H2 200 %E7%88%B1%E6%B5%AA.gif
sdjigd56c.com/tu/ Frame 3E3C 160 KB
160 KB 613ms
286ms Image
image/gif 162.209.201.60
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sdjigd56c.com/tu/%E7%88%B1%E6%B5%AA.gif

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.209.201.60 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

d9cc8d94dacb652181d48272239677cd8ceb3808dbd11c1f8b9360de504fa5cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
last-modified: Mon, 26 Apr 2021 12:13:41 GMT
server: nginx
etag: "6086ae75-27f7b"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 163707
expires: Fri, 05 Aug 2022 01:02:10 GMT

GET
H2 200 xt12.gif
tk.learning8808.com/images/ Frame 3E3C 732 KB
733 KB 49ms
28ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt12.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea0a19f999b329c2bfbf1d2147109c6ddd90ad772d209b86229f0412324b0d47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 968427
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 749706
last-modified: Wed, 27 Apr 2022 12:03:08 GMT
server: cloudflare
etag: "626930fc-b708a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=trvNzUEjcZJxBbONjU55VMEHo9Il7H2CdXvDP7HrLdzptDw1gr7JEMMMz9V%2BAlL440%2FjxhvTGE1D5zE%2Fj2tPBJgJL96NwOdRQfuHRn5XOgvhUOd0zAdzHi5YVK%2BMDGkENwmifqE40xVhCPrg72WFN2Qa"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 726469d3dd4e918c-FRA
expires: Sun, 24 Jul 2022 20:01:45 GMT

GET
H2 200 xt10.gif
tk.learning8808.com/images/ Frame 3E3C 609 KB
610 KB 50ms
30ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt10.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9dfe27cd3c4cfd68f0deb55a593bcac7f77494883c5dc7dbe6f1301e150ab9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 808177
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 623748
last-modified: Wed, 27 Apr 2022 12:03:04 GMT
server: cloudflare
etag: "626930f8-98484"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o4XtkuU7t8y3VKOkxJva7vMJ%2FMNpoGsoFRCN17GQK5EF75qw9OJGfTnZQZIAjFK%2BanEUiF6hVeJi1ainRWUnv%2FK2igW7eqKZMjyv2HXW5y8qmeaWfRMqWmC1UM5rJVIYyXeRCWeWBdq7BjMf7DykcXP2"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 726469d3dd4a918c-FRA
expires: Tue, 26 Jul 2022 16:32:36 GMT

GET
H2 200 xt1.gif
tk.learning8808.com/images/ Frame 3E3C 433 KB
434 KB 37ms
16ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt1.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c01d665a1abb0e10e3ac90119e3674db0363a112da7f8322c12bbafbe0bd88dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 811315
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 443705
last-modified: Wed, 27 Apr 2022 12:03:03 GMT
server: cloudflare
etag: "626930f7-6c539"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFQr9qOONgTSVhfwSR8I%2BhklHyFkSY%2Bm%2BNZEOByeCGsIoMLVE%2BvIdrueGrGabD%2Bia8%2FSFq%2FvuO2DLRCxPLKCk81cAvp4QKie%2BJf%2BVD99%2BV71jrMM4pfU6RxmbVr26KpS4nJfhsrzXclj3kWHkjLXf6Oo"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 726469d3dd49918c-FRA
expires: Tue, 26 Jul 2022 15:40:17 GMT

GET
H2 200 xt2.gif
tk.learning8808.com/images/ Frame 3E3C 368 KB
369 KB 49ms
28ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt2.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c0afb20158289f63a2b8a9d57502a932cbaabb4b255babeacac3bf0a6534d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 638240
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 376694
last-modified: Wed, 27 Apr 2022 12:03:09 GMT
server: cloudflare
etag: "626930fd-5bf76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dfXYt2fNPZOVxrmsizYIF%2FP10V7d5cWWZVMR5DUpTvCXoHclEDrHw1NWrh9I43z8p6qP5ybsiQovxZNlx2p6xjQfID76%2Fs7qzDjsQhp5UOEpUMfzTGN4YZp2VP8cYc6iCEIMZdinsK17DhyrYKgfxqbD"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 726469d3dd46918c-FRA
expires: Thu, 28 Jul 2022 15:44:52 GMT

GET
H3 200 xt3.gif
tk.learning8808.com/images/ Frame 3E3C 189 KB
189 KB 332ms
330ms Image
image/gif 2606:4700:3030::6815:12ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt3.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:12ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac04d049696b8e58a9d9ccc2c2e90f480ad925f796df8ddb5a87f10250bc39e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 811316
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 193237
last-modified: Wed, 27 Apr 2022 12:03:11 GMT
server: cloudflare
etag: "626930ff-2f2d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cgjINArdDxEwY7oyPTBFS1%2B%2FNFk4TMue%2FETxjxgfhYL5oQT7ixYvTxcs85l4kYaEsncLcPwBHYUtxx5B7LiU2NHwvuk6QThTlo%2FebV%2BMdbfWE82D5x9t6WnAUpHOjsKhlaor8OsUN7Gng94MyZbjZOjH"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 726469d46cc690c1-FRA
expires: Tue, 26 Jul 2022 15:40:16 GMT

GET
H3 200 xt5.gif
tk.learning8808.com/images/ Frame 3E3C 2 MB
2 MB 90ms
88ms Image
image/gif 2606:4700:3030::6815:12ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt5.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:12ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ce2e990e0e3d34b9c049d12bdd691163c668d93a1fcfc52c91336a227b3dc94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 811316
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1693315
last-modified: Wed, 27 Apr 2022 12:03:15 GMT
server: cloudflare
etag: "62693103-19d683"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hajfikc91EBTHHyX%2BxHal6N7sQ9%2F%2Fs1vSYez8tl0lbBFe9Bs5zh2MnrbH1BJWzhB09XcYGQXy4ro0umlYi2C96Hdci3V7DU2%2F848WxuH532yJG8Zegd88PSZyc1SyybcSAr%2F3DZKUsihGFB2JFGiuzHn"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 726469d46cc790c1-FRA
expires: Tue, 26 Jul 2022 15:40:16 GMT

GET
H3 200 xt6.gif
tk.learning8808.com/images/ Frame 3E3C 2 MB
2 MB 875ms
873ms Image
image/gif 2606:4700:3030::6815:12ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt6.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:12ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a6920701b78e0d28ab0d1bc646ccb7a82f93eaf66399a435b55788356d594eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 811316
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2168710
last-modified: Wed, 27 Apr 2022 12:03:17 GMT
server: cloudflare
etag: "62693105-211786"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YbOcEggaV2ffGQJPr3u%2B%2FghDRGg3nIgjEyY%2Fhy%2BXTVopC%2BK3v%2BrDX%2FbAkdaVjK4LcTSXz%2FjTSW7eLDfSJcearfwdYtCg2V%2FcB3PTkXzgrVflzEHEZu5iwIg3fyjfPL2xp0%2BqfaRIK4o7oWlLQi%2F2tJmI"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 726469d46cc890c1-FRA
expires: Tue, 26 Jul 2022 15:40:16 GMT

GET
H3 200 xt7.gif
tk.learning8808.com/images/ Frame 3E3C 263 KB
264 KB 1089ms
1087ms Image
image/gif 2606:4700:3030::6815:12ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt7.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:12ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59c730a313db642dd842aad1586e7d3a29dabe14be7404a1cd0a0d25138e669c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 811316
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 269177
last-modified: Wed, 27 Apr 2022 12:03:19 GMT
server: cloudflare
etag: "62693107-41b79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uqm33zcHIR3acvwi4MD1V36YxQrNc2mBLlb3FsjuwHQ3Saytl0kEvyxzhAbdUL2F2%2FvQSCs5pkHtqUlUQFcom%2BD11yQWWKEoRkqa0oI6hYiet2BTKyC0OEaacRCIUCc2ZKr%2BKlEtJULShw%2B19vYJE3si"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 726469d46cc990c1-FRA
expires: Tue, 26 Jul 2022 15:40:16 GMT

GET
H/1.1 200
OK 8e1e9034b4a54c10bcdc828a830c011c.png
n0404.com/ Frame F2C2 39 KB
39 KB 902ms
383ms Image
image/png 104.208.85.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0404.com/8e1e9034b4a54c10bcdc828a830c011c.png
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.208.85.134 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: 09424bf279c942aa70ce86abbb4ec994a50d62e001f9f69d5737fd8508e7e823

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 10:29:05 GMT
Server: WAF/2.4-12.1
ETag: W/"62bc2971-9c77"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 80c8a3886e5e4885b9ceb421172edb63.png
n0404.com/ Frame F2C2 27 KB
27 KB 897ms
378ms Image
image/png 104.208.85.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0404.com/80c8a3886e5e4885b9ceb421172edb63.png
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.208.85.134 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: b1b94bcc3d698ccd417845c7c02ee591f61f325048ed0b6658a0fe3bacfbf045

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 10:29:37 GMT
Server: WAF/2.4-12.1
ETag: W/"62bc2991-6a00"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 370fe18fce95412383ca14e44a0d41f5.png
n0399.com/ Frame F2C2 50 KB
50 KB 814ms
451ms Image
image/png 20.210.89.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0399.com/370fe18fce95412383ca14e44a0d41f5.png
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.210.89.45 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: 7dac5e0a6b8487b5bcdab06810beb4ce6f7c418d17456b5a466d5572e5772eff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 10:29:58 GMT
Server: WAF/2.4-12.1
ETag: W/"62bc29a6-c7f8"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 2a66afb62ca745c3868530fdc02492b3.gif
bob4942.com/ Frame F2C2 189 KB
190 KB 3799ms
143ms Image
image/gif 45.61.212.223
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bob4942.com/2a66afb62ca745c3868530fdc02492b3.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.223 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 78b2b06ff170a2f683a8b26b743a387b4d807e5bd9fd056b1f214f91446d300a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 08:43:53 GMT
Last-Modified: Wed, 29 Jun 2022 10:21:40 GMT
Server: nginx
ETag: "62bc27b4-2f5d2"
X-Cache: HIT from cloud-us3-cdnb-23
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 194002

GET
H/1.1 200
OK ad57239e363d4a2f96c2e91f27d2aefb.gif
bob5379.com/ Frame F2C2 118 KB
118 KB 2553ms
146ms Image
image/gif 45.61.212.54
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bob5379.com/ad57239e363d4a2f96c2e91f27d2aefb.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.54 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: f21b17add2b5dc734217cfa6c6c2a2d277e17ca9f939cc0af2cadef672cbc68f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 11:50:04 GMT
Last-Modified: Wed, 29 Jun 2022 10:22:11 GMT
Server: nginx
ETag: "62bc27d3-1d869"
X-Cache: HIT from cloud-us1-cdnb-24
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 120937

GET
H/1.1 200
OK ffa0f10f31964f75a6d8ab82391c4868.gif
xox8889.com/ Frame F2C2 29 KB
29 KB 2703ms
146ms Image
image/gif 103.170.15.107
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xox8889.com/ffa0f10f31964f75a6d8ab82391c4868.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.107 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: 2ca8007b97da4aa8dfe8e89950cd97d6c804f17d4d9cb51e0f7492335412724c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 01 Jul 2022 14:49:46 GMT
Last-Modified: Wed, 29 Jun 2022 14:31:29 GMT
Server: nginx
ETag: "62bc6241-748c"
X-Cache: HIT from yd11_13-cdn-g01-la2-37
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 29836

GET
H/1.1 200
OK b54fabb21dcf461696483c00e563d773.gif
xox8956.com/ Frame F2C2 13 KB
13 KB 1885ms
151ms Image
image/gif 103.170.15.92
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xox8956.com/b54fabb21dcf461696483c00e563d773.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.92 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: 87d507ded968cf229b266f383bd32b19c73a3d4636e88f177e8188e66a68a6b8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 07:09:31 GMT
Last-Modified: Wed, 29 Jun 2022 07:09:12 GMT
Server: nginx
ETag: "62bbfa98-34d1"
X-Cache: HIT from yd11_13-cdn-g01-la2-22
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 13521

GET
H2 200 anim55648e4baa6ation-zb-3.gif
yyzbtg01.cc/img/ Frame F2C2 268 KB
268 KB 1793ms
680ms Image
image/gif 118.107.46.234
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yyzbtg01.cc/img/anim55648e4baa6ation-zb-3.gif

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.107.46.234 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

8742cbc5071fd4166eb2a6a7bb6f0862aec57ef87d2fb0e4c0de668f79ad219d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:11 GMT
last-modified: Fri, 01 Jul 2022 11:37:12 GMT
server: nginx
etag: "62bedc68-42fd9"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 274393
expires: Fri, 05 Aug 2022 01:02:11 GMT

GET
H2 200 200200.gif
taiwtp1.com/img/ Frame F2C2 73 KB
74 KB 1200ms
888ms Image
image/gif 220.128.218.220
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://taiwtp1.com/img/200200.gif

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

220.128.218.220 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

220-128-218-220.hinet-ip.hinet.net

Software

nginx /

Resource Hash

0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:01:16 GMT
last-modified: Wed, 09 Mar 2022 04:51:10 GMT
server: nginx
etag: "6228323e-125fb"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 75259
expires: Fri, 05 Aug 2022 01:01:16 GMT

GET
H2 200 zbcpa2.png
tk.learning8808.com/images/ Frame F2C2 158 KB
158 KB 40ms
29ms Image
image/png 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/zbcpa2.png
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca5ada5bab699078f3ecdb2a2b569bcef9b8b34f6773d2197c0658a55fad5d25

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 705067
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 161572
last-modified: Wed, 27 Apr 2022 12:03:23 GMT
server: cloudflare
etag: "6269310b-27724"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K8cMjwDvn5JNiA%2Fmmg7udAnykzUKwTr8UWhM2jfI93xFjrElqW65jNGxM8wquv1jUM7Xn5n%2FJ1gMSRD2Vns9kQXlp6eii7JjW6KQZU%2FLwJmRC9yHtDAQz7J9tsR0stjiJPFE1Oy7jyeQO47feryBqiBY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 726469d3dd41918c-FRA
expires: Wed, 27 Jul 2022 21:11:06 GMT

GET
H/1.1 200
OK 200x200.gif
701.oss-cn-hongkong.aliyuncs.com/gg/ Frame F2C2 292 KB
292 KB 993ms
313ms Image
image/gif 47.75.19.85
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://701.oss-cn-hongkong.aliyuncs.com/gg/200x200.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.19.85 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: d41138a2f786edf66c084dc7465925fe47e70690d04c7264eeea9af1f34714e5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Wed, 06 Jul 2022 01:02:11 GMT
x-oss-request-id: 62C4DF13DD75B73831504CB2
Last-Modified: Tue, 21 Jun 2022 08:13:56 GMT
Server: AliyunOSS
Content-MD5: nDumakHJn/7gFAWoN2EMyg==
ETag: "9C3BA66A41C99FFEE01405A837610CCA"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 8250722550151430017
Content-Length: 298536
x-oss-server-time: 2

GET
H2 200 %E7%88%B1%E6%B5%AA.gif
sdjigd56c.com/tu/ Frame F2C2 160 KB
160 KB 745ms
428ms Image
image/gif 162.209.201.60
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sdjigd56c.com/tu/%E7%88%B1%E6%B5%AA.gif

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.209.201.60 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

d9cc8d94dacb652181d48272239677cd8ceb3808dbd11c1f8b9360de504fa5cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
last-modified: Mon, 26 Apr 2021 12:13:41 GMT
server: nginx
etag: "6086ae75-27f7b"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 163707
expires: Fri, 05 Aug 2022 01:02:10 GMT

GET
H2 200 xt12.gif
tk.learning8808.com/images/ Frame F2C2 732 KB
733 KB 39ms
29ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt12.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/250.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea0a19f999b329c2bfbf1d2147109c6ddd90ad772d209b86229f0412324b0d47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 968427
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 749706
last-modified: Wed, 27 Apr 2022 12:03:08 GMT
server: cloudflare
etag: "626930fc-b708a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OjyOOZ90Qcn4lzFgxLeoQ0UqxhQABxx5kPOqe%2FTJCkbOFHr9i0Du8WjLX3EqkOzbwMBO4LcUNFbTrKB6A3LHXWyQbC8pe5vgSpiM5i6CZE0SXLpr5PnlXCtYnXIWABplVQiTg7iDaAiDiccwSSUstm%2Fn"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 726469d3dd4d918c-FRA
expires: Sun, 24 Jul 2022 20:01:45 GMT

GET
H2 200 xt10.gif
tk.learning8808.com/images/ Frame F2C2 609 KB
610 KB 40ms
30ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt10.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/250.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9dfe27cd3c4cfd68f0deb55a593bcac7f77494883c5dc7dbe6f1301e150ab9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 808177
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 623748
last-modified: Wed, 27 Apr 2022 12:03:04 GMT
server: cloudflare
etag: "626930f8-98484"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9JLKHQHezb1bGuscIdhNSZ04lypBLzZy%2F8pIzYsdk1Kmim5b6K8AaOkoZblVBCsUoSrAub7ImSy0WtF52u0Eb19lDcl2hlxjPyx%2BmzO31bPjVp5FewibM9uICLpBSd3aoQVkttJlKuw%2FCJ7oQO6ZIUY7"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 726469d3dd4c918c-FRA
expires: Tue, 26 Jul 2022 16:32:36 GMT

GET
H3 200 xt11.gif
tk.learning8808.com/images/ Frame 3E3C 2 MB
2 MB 1102ms
1100ms Image
image/gif 2606:4700:3030::6815:12ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt11.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:12ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c64028fba849ecf81cae46173194457736017f36066493ba9241fc6717bb7ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 811316
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1639812
last-modified: Wed, 27 Apr 2022 12:03:06 GMT
server: cloudflare
etag: "626930fa-190584"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2q1ylTBjtHl8o3KU%2Bu1Ivi9tUqnjuE9cUv3wCrk1GSn4YQ%2F%2Baw9ayiXHplKaBC278rKuJYNzcsA%2B16vGkpsp%2FZ9UC4uFqMuvVFE2uCA%2FOb9giYeanuXRLlGPskPJRUlvM2uqXSesMgc5hvcUmYTLKB7"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 726469d46ccb90c1-FRA
expires: Tue, 26 Jul 2022 15:40:16 GMT

GET
H3 200 xt9.gif
tk.learning8808.com/images/ Frame 3E3C 322 KB
322 KB 1183ms
1181ms Image
image/gif 2606:4700:3030::6815:12ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt9.gif
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:12ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd96321466d68dddabbc45cf7d72821ab7801de184f638a382b6a6681fba949d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 811316
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 329331
last-modified: Wed, 27 Apr 2022 12:03:21 GMT
server: cloudflare
etag: "62693109-50673"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bYymHErCFJesaSp13o7KD1clqwz3mcKFueIPH6smydRnEGE%2FDAhibJ2WQgIFsW10pKqI9bIeP7ifHiwXZGEuIo%2BwWLmWOCuTS0gsP7%2BvoJwKeqhlFnUHzu23WhljXeGZ8fHxbz782p7iEzNjtT4g8AXn"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 726469d46ccc90c1-FRA
expires: Tue, 26 Jul 2022 15:40:16 GMT

GET
H3 200 video-play.png
klx42.zhgm8jglhk.com/template/m1938pc/images/ Frame 3E3C 2 KB
2 KB 16ms
15ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://klx42.zhgm8jglhk.com/template/m1938pc/images/video-play.png
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/template/m1938pc/css/zui.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/template/m1938pc/css/zui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1085704
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1567
last-modified: Sun, 19 Dec 2021 02:38:52 GMT
server: cloudflare
etag: "61be9b3c-61f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=soL59Fo9SYP3zLQAkDQCMuhQfyzpr%2F1jRQ5lUq2O3Ce%2FZkiuvDAzQJsPFhqcQhF%2BVeSuWpT7Z6kTvdjRO1pODzQZLDCBX7B8tyQR5lRa8AeHfZ%2FJK4OPJJqTUftV3XwnOfcBf6opTzA6XSAshtcPR0SPKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 726469d38f609143-FRA
expires: Sat, 23 Jul 2022 11:27:06 GMT

GET
H3 200 video-play.png
klx42.zhgm8jglhk.com/template/m1938pc/images/ Frame F2C2 2 KB
2 KB 18ms
18ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://klx42.zhgm8jglhk.com/template/m1938pc/images/video-play.png
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/template/m1938pc/css/zui.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/template/m1938pc/css/zui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1085704
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1567
last-modified: Sun, 19 Dec 2021 02:38:52 GMT
server: cloudflare
etag: "61be9b3c-61f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUjBAzXvpSA8smpLSYtbuyrLLookerV8DkQIAMjTGVvK0udG71cqEvfVmYxRjM5acakofmeuo%2BVWSKfJsTZzSMIAta7MDQiFEOVuAm4Wz2cRphN8X3t54SZgY9YtuNem%2FDg6IiP%2BYvs0qbwflHfWS0xyuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 726469d3cf959143-FRA
expires: Sat, 23 Jul 2022 11:27:06 GMT

GET
H2 200 xt1.gif
tk.learning8808.com/images/ Frame F2C2 433 KB
434 KB 31ms
28ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt1.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/251.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c01d665a1abb0e10e3ac90119e3674db0363a112da7f8322c12bbafbe0bd88dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 811315
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 443705
last-modified: Wed, 27 Apr 2022 12:03:03 GMT
server: cloudflare
etag: "626930f7-6c539"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rRVNHQXUInuYFe2Tc7QxiKq9Bt3MOXokga4cxcSl3PFCUBSezIXKIDe5qicgJmfHBFjzUmQ9JdT5lRY7Mn%2Fwj0wBv4ZGgoCpgs3DTzNOQxxjB20itqgbcEdHELmBqd2X775rgnp8ceS9lYGD04uwNeX9"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 726469d3dd50918c-FRA
expires: Tue, 26 Jul 2022 15:40:17 GMT

GET
H2 200 xt2.gif
tk.learning8808.com/images/ Frame F2C2 368 KB
369 KB 30ms
27ms Image
image/gif 2606:4700:3030::ac43:b6cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt2.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/251.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b6cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c0afb20158289f63a2b8a9d57502a932cbaabb4b255babeacac3bf0a6534d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 638240
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 376694
last-modified: Wed, 27 Apr 2022 12:03:09 GMT
server: cloudflare
etag: "626930fd-5bf76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k73IFVsUZgaTEuawNwNiExH9raKhJUlnctfl5BwQ3jOoSCo0Ome33UBJNhbJoGDYcZeM3p8XyQBAiu%2FmoOZ7eA0q9cy1UQ0M9XrtCygTgMX5aKh%2B4AspwR5rB1yvAEnsYUD753KuaeLHnAxrjXB6WcLK"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 726469d3dd51918c-FRA
expires: Thu, 28 Jul 2022 15:44:52 GMT

GET
H/1.1 200
OK 69a6af0d27404845b306654000e57a81.gif
n0355.com/ Frame 3E3C 118 KB
118 KB 904ms
450ms Image
image/gif 52.140.195.15
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0355.com/69a6af0d27404845b306654000e57a81.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.140.195.15 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: 13a5267da129d89878d38e19fb2f6c16fc159f0ff113315e08ff2d953d4c2ce7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:11 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 May 2022 14:06:33 GMT
Server: WAF/2.4-12.1
ETag: W/"62937de9-1d6f6"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK b0fe210a8cec4dc898ee32a88f3ed602.gif
n0477.com/ Frame 3E3C 280 KB
278 KB 817ms
451ms Image
image/gif 20.222.126.63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0477.com/b0fe210a8cec4dc898ee32a88f3ed602.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.222.126.63 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: f6e4778de943e27dc198c39f45c6e896803077f99c6f2e3a55e61177d8a3ed05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 09:29:26 GMT
Server: WAF/2.4-12.1
ETag: W/"62a1bd76-45f67"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 2a97558cb3ea4b6e8e016d5f897eb40b.gif
32653562.com/ Frame 3E3C 205 KB
205 KB 1421ms
453ms Image
image/gif 52.140.195.15
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://32653562.com/2a97558cb3ea4b6e8e016d5f897eb40b.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.140.195.15 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: f8f90ef68b126f23c4be949a416d29675d7323090f2527e31659adffc4256071

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:11 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 May 2022 14:06:12 GMT
Server: WAF/2.4-12.1
ETag: W/"62937dd4-333cb"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK b9b8a77e343b4eb5bf13a6592941b9f4.gif
xox8995.com/ Frame 3E3C 625 KB
626 KB 2407ms
143ms Image
image/gif 45.61.212.119
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xox8995.com/b9b8a77e343b4eb5bf13a6592941b9f4.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.119 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: bb39c24977f35aca4f84a9acb48f90c2fca6f5469902454f70252641c4b3056f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 05 Jul 2022 19:14:34 GMT
Last-Modified: Thu, 23 Jun 2022 12:09:54 GMT
Server: nginx
ETag: "62b45812-9c526"
X-Cache: HIT from cloud-us2-cdnb-19
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 640294

GET
H/1.1 200
OK 1213de108655403cab1dc3254bda4411.gif
bob4915.com/ Frame 3E3C 414 KB
414 KB 1142ms
142ms Image
image/gif 45.61.212.54
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bob4915.com/1213de108655403cab1dc3254bda4411.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.54 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: b26d4de107c13bfceff216d745f7fa588dfe81e1908d392934e69ac5d4b1f15b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 19:21:55 GMT
Last-Modified: Fri, 10 Jun 2022 15:35:32 GMT
Server: nginx
ETag: "62a364c4-6783d"
X-Cache: HIT from cloud-us1-cdnb-24
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 423997

GET
H/1.1 200
OK 8b9a23d1c8af49788664b4308135ce77.gif
jcyunk2.com/ Frame 3E3C 351 KB
351 KB 847ms
151ms Image
image/gif 103.170.15.92
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jcyunk2.com/8b9a23d1c8af49788664b4308135ce77.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.92 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: 68ba4c4b15565431cb3eb04e98b176db6634fd9b9f881689f9c07ee5ea1dae65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 01 Jul 2022 18:06:09 GMT
Last-Modified: Sun, 22 May 2022 10:05:27 GMT
Server: nginx
ETag: "628a0ae7-57a3a"
X-Cache: HIT from yd11_13-cdn-g01-la2-22
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 358970

GET
H/1.1 200
OK 5cced2fb2a50453f9c59792a64a874ca.gif
xox8995.com/ Frame 3E3C 247 KB
248 KB 988ms
143ms Image
image/gif 45.61.212.119
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xox8995.com/5cced2fb2a50453f9c59792a64a874ca.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.119 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: b07be4b9709fcca75742f35d2769d08878c6a0e7abf2cde2a6e65d029f754423

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 05 Jul 2022 19:14:34 GMT
Last-Modified: Wed, 15 Jun 2022 08:57:19 GMT
Server: nginx
ETag: "62a99eef-3ddee"
X-Cache: HIT from cloud-us2-cdnb-19
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 253422

GET
H2 200 anim55648e4baa6ation.gif
yyzbtg01.cc/img/ Frame 3E3C 175 KB
176 KB 639ms
638ms Image
image/gif 118.107.46.234
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yyzbtg01.cc/img/anim55648e4baa6ation.gif

Requested by

Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.107.46.234 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

7b4fb840d83d5735a8ce746a307a80020a46b21e300c2f0fd7a44645f2c09cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:12 GMT
last-modified: Fri, 27 May 2022 07:35:56 GMT
server: nginx
etag: "62907f5c-2bdfc"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 179708
expires: Fri, 05 Aug 2022 01:02:12 GMT

GET
H2 200 960240.gif
taiwtp1.com/img/ Frame 3E3C 219 KB
219 KB 676ms
675ms Image
image/gif 220.128.218.220
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://taiwtp1.com/img/960240.gif

Requested by

Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

220.128.218.220 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

220-128-218-220.hinet-ip.hinet.net

Software

nginx /

Resource Hash

269a642190139efcc044a53f3194f196e79d8e981d3e8cf0184ce4e8eb134020

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:01:17 GMT
last-modified: Wed, 09 Mar 2022 04:06:14 GMT
server: nginx
etag: "622827b6-36a87"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 223879
expires: Fri, 05 Aug 2022 01:01:17 GMT

GET
H/1.1 200 go1
ia.51.la/ Frame 3E3C 0
214 B 934ms
264ms Image
text/plain 183.131.207.66
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ia.51.la/go1?id=21278765&rt=1657069330536&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1657069330536&tt=lubiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx42.zhgm8jglhk.com%252F&pu=http%253A%252F%252Fwww.sagitco.com%252F
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:13 GMT
Server: CloudWAF
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ Frame 3E3C 30 KB
11 KB 503ms
410ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?1138ebd140b7eb3f7d7147d4a8915456

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

1a5cef0d063ea680fb47677ca40b22de22a53218be0c0be93c1ea70f57252585

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:12 GMT
Content-Encoding: gzip
Server: apache
Etag: 4c2f5deb010a6cfc943a64c5472aeafb
Strict-Transport-Security: max-age=172800
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11334

GET
H3 200 xt3.gif
tk.learning8808.com/images/ Frame F2C2 189 KB
189 KB 51ms
18ms Image
image/gif 2606:4700:3030::6815:12ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt3.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/252.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:12ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac04d049696b8e58a9d9ccc2c2e90f480ad925f796df8ddb5a87f10250bc39e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 811316
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 193237
last-modified: Wed, 27 Apr 2022 12:03:11 GMT
server: cloudflare
etag: "626930ff-2f2d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qccmzmgHbDVnnm0ALiKxEq18V7B1rrYMBFMP8OidJEc2npcDhI8zuJeo0SRogshAIl6iFs22whdpN1QaSaXpaSn2PXt3vpAMeskeGL%2BwGkJcuKLcl41cJPCM48rDNZGRDkOrih3tFKT%2BURln1toprwOs"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 726469d43cb390c1-FRA
expires: Tue, 26 Jul 2022 15:40:16 GMT

GET
H3 200 xt5.gif
tk.learning8808.com/images/ Frame F2C2 2 MB
2 MB 67ms
35ms Image
image/gif 2606:4700:3030::6815:12ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt5.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/252.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:12ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ce2e990e0e3d34b9c049d12bdd691163c668d93a1fcfc52c91336a227b3dc94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 811316
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1693315
last-modified: Wed, 27 Apr 2022 12:03:15 GMT
server: cloudflare
etag: "62693103-19d683"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJVrx7Z%2BIO6UjLlDNCMmPGVtmRy8DdFYbAeGV80OwasGB7LVyfn03rzOyHIr1N71rA%2F5%2BK%2Fp2JAewmCszwpLA3jbvsewpJYQqYCeHcbpzHpwFv97EVIWqCUUgwsVqbu6THvOv80%2FRjlzQay0KW3DrC8i"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 726469d43cb590c1-FRA
expires: Tue, 26 Jul 2022 15:40:16 GMT

GET
H3 200 xt6.gif
tk.learning8808.com/images/ Frame F2C2 2 MB
2 MB 441ms
410ms Image
image/gif 2606:4700:3030::6815:12ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt6.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/253.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:12ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a6920701b78e0d28ab0d1bc646ccb7a82f93eaf66399a435b55788356d594eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 811316
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2168710
last-modified: Wed, 27 Apr 2022 12:03:17 GMT
server: cloudflare
etag: "62693105-211786"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5HrHFjY7Y2JtGSYPFk%2BlrUozk1l%2Fhlf8wLkLxdzUvjUmkdeEJGpDC6jz3KYgb1o2r0d2Vx6zVobmPvgV%2B1oi76JK82JIIZqIjb7CY9aCbVFx%2F4XeGUxJBFUQxxsW8ra2OHpUiDh3dpyha2H3smIyKjdj"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 726469d43cb690c1-FRA
expires: Tue, 26 Jul 2022 15:40:16 GMT

GET
H3 200 xt7.gif
tk.learning8808.com/images/ Frame F2C2 263 KB
264 KB 136ms
105ms Image
image/gif 2606:4700:3030::6815:12ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt7.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/253.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:12ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59c730a313db642dd842aad1586e7d3a29dabe14be7404a1cd0a0d25138e669c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 811316
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 269177
last-modified: Wed, 27 Apr 2022 12:03:19 GMT
server: cloudflare
etag: "62693107-41b79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0SK4NLRdMxRKjvi3fJ6%2FvVZEkMlsqBXIB8dIpafszM%2BlDLcAg3IXkngHJ%2F7wfOlwJVkwQ%2FS5uli%2FiljGNB%2BHfhayfjKRLey0fiFW%2FbA1n32OYVHxNbo21Rrd1CfAMx%2FRWU2yZbnj5hroeKQoZTX%2BuZ1U"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 726469d43cb790c1-FRA
expires: Tue, 26 Jul 2022 15:40:16 GMT

GET
H3 200 xt11.gif
tk.learning8808.com/images/ Frame F2C2 2 MB
2 MB 920ms
897ms Image
image/gif 2606:4700:3030::6815:12ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt11.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/254.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:12ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c64028fba849ecf81cae46173194457736017f36066493ba9241fc6717bb7ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 811316
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1639812
last-modified: Wed, 27 Apr 2022 12:03:06 GMT
server: cloudflare
etag: "626930fa-190584"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9fMV5ssR%2F%2BiqgYhh4NlNYI9gT1BPrnXKxZBR%2B3PJtQjuVGwmej%2FMfzB6qaIVptERAr09gwy%2FI%2FHT0YSdW3s67%2FDJeeBFrQDMh4jdXT5QKHFMJPjDyU2diMPHr0knWQQhzUv%2BuMlwPIpngbiZxmwbhYN"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 726469d43cb190c1-FRA
expires: Tue, 26 Jul 2022 15:40:16 GMT

GET
H3 200 xt9.gif
tk.learning8808.com/images/ Frame F2C2 322 KB
322 KB 825ms
802ms Image
image/gif 2606:4700:3030::6815:12ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk.learning8808.com/images/xt9.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/254.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:12ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd96321466d68dddabbc45cf7d72821ab7801de184f638a382b6a6681fba949d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 811316
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 329331
last-modified: Wed, 27 Apr 2022 12:03:21 GMT
server: cloudflare
etag: "62693109-50673"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUlC6c%2B%2F0FV0GOZBRIEl9HqpyojkgE1tqNSz%2Fz%2BrGNu3c30OWXD%2FfgWB9am8%2FlKza4RSMQUiesBnar7SGhwdpEbQLajmpADCE8pItPd4dlgB8%2BofbvEaAz5ufXbiO6Cu7crIRhWDs8kxj%2BLdvyGjgpJ5"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 726469d43cb290c1-FRA
expires: Tue, 26 Jul 2022 15:40:16 GMT

GET
H/1.1 200
OK 69a6af0d27404845b306654000e57a81.gif
n0355.com/ Frame F2C2 118 KB
118 KB 910ms
451ms Image
image/gif 52.140.195.15
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0355.com/69a6af0d27404845b306654000e57a81.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.140.195.15 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: 13a5267da129d89878d38e19fb2f6c16fc159f0ff113315e08ff2d953d4c2ce7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:11 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 May 2022 14:06:33 GMT
Server: WAF/2.4-12.1
ETag: W/"62937de9-1d6f6"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK b0fe210a8cec4dc898ee32a88f3ed602.gif
n0477.com/ Frame F2C2 280 KB
278 KB 849ms
452ms Image
image/gif 20.222.126.63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0477.com/b0fe210a8cec4dc898ee32a88f3ed602.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.222.126.63 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: f6e4778de943e27dc198c39f45c6e896803077f99c6f2e3a55e61177d8a3ed05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 09:29:26 GMT
Server: WAF/2.4-12.1
ETag: W/"62a1bd76-45f67"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 2a97558cb3ea4b6e8e016d5f897eb40b.gif
32653562.com/ Frame F2C2 205 KB
205 KB 1408ms
462ms Image
image/gif 52.140.195.15
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://32653562.com/2a97558cb3ea4b6e8e016d5f897eb40b.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.140.195.15 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: f8f90ef68b126f23c4be949a416d29675d7323090f2527e31659adffc4256071

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:11 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 May 2022 14:06:12 GMT
Server: WAF/2.4-12.1
ETag: W/"62937dd4-333cb"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK b9b8a77e343b4eb5bf13a6592941b9f4.gif
xox8995.com/ Frame F2C2 625 KB
626 KB 2271ms
143ms Image
image/gif 45.61.212.119
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xox8995.com/b9b8a77e343b4eb5bf13a6592941b9f4.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.119 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: bb39c24977f35aca4f84a9acb48f90c2fca6f5469902454f70252641c4b3056f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 05 Jul 2022 19:14:34 GMT
Last-Modified: Thu, 23 Jun 2022 12:09:54 GMT
Server: nginx
ETag: "62b45812-9c526"
X-Cache: HIT from cloud-us2-cdnb-19
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 640294

GET
H/1.1 200
OK 1213de108655403cab1dc3254bda4411.gif
bob4915.com/ Frame F2C2 414 KB
414 KB 1281ms
146ms Image
image/gif 45.61.212.54
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bob4915.com/1213de108655403cab1dc3254bda4411.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.54 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: b26d4de107c13bfceff216d745f7fa588dfe81e1908d392934e69ac5d4b1f15b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 19:21:55 GMT
Last-Modified: Fri, 10 Jun 2022 15:35:32 GMT
Server: nginx
ETag: "62a364c4-6783d"
X-Cache: HIT from cloud-us1-cdnb-24
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 423997

GET
H/1.1 200
OK 8b9a23d1c8af49788664b4308135ce77.gif
jcyunk2.com/ Frame F2C2 351 KB
351 KB 778ms
158ms Image
image/gif 103.170.15.92
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jcyunk2.com/8b9a23d1c8af49788664b4308135ce77.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.92 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: 68ba4c4b15565431cb3eb04e98b176db6634fd9b9f881689f9c07ee5ea1dae65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 01 Jul 2022 18:06:09 GMT
Last-Modified: Sun, 22 May 2022 10:05:27 GMT
Server: nginx
ETag: "628a0ae7-57a3a"
X-Cache: HIT from yd11_13-cdn-g01-la2-22
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 358970

GET
H/1.1 200
OK 5cced2fb2a50453f9c59792a64a874ca.gif
xox8995.com/ Frame F2C2 247 KB
248 KB 1045ms
143ms Image
image/gif 45.61.212.119
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xox8995.com/5cced2fb2a50453f9c59792a64a874ca.gif
Requested by: Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.119 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: b07be4b9709fcca75742f35d2769d08878c6a0e7abf2cde2a6e65d029f754423

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 05 Jul 2022 19:14:34 GMT
Last-Modified: Wed, 15 Jun 2022 08:57:19 GMT
Server: nginx
ETag: "62a99eef-3ddee"
X-Cache: HIT from cloud-us2-cdnb-19
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 253422

GET
H2 200 anim55648e4baa6ation.gif
yyzbtg01.cc/img/ Frame F2C2 175 KB
176 KB 674ms
670ms Image
image/gif 118.107.46.234
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yyzbtg01.cc/img/anim55648e4baa6ation.gif

Requested by

Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.107.46.234 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

7b4fb840d83d5735a8ce746a307a80020a46b21e300c2f0fd7a44645f2c09cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:02:12 GMT
last-modified: Fri, 27 May 2022 07:35:56 GMT
server: nginx
etag: "62907f5c-2bdfc"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 179708
expires: Fri, 05 Aug 2022 01:02:12 GMT

GET
H2 200 960240.gif
taiwtp1.com/img/ Frame F2C2 219 KB
219 KB 734ms
730ms Image
image/gif 220.128.218.220
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://taiwtp1.com/img/960240.gif

Requested by

Host: lb.learning8809.com
URL: https://lb.learning8809.com/yPS7hqfHgkFauS2djb/xx3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

220.128.218.220 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

220-128-218-220.hinet-ip.hinet.net

Software

nginx /

Resource Hash

269a642190139efcc044a53f3194f196e79d8e981d3e8cf0184ce4e8eb134020

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:01:17 GMT
last-modified: Wed, 09 Mar 2022 04:06:14 GMT
server: nginx
etag: "622827b6-36a87"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 223879
expires: Fri, 05 Aug 2022 01:01:17 GMT

GET
H/1.1 200 go1
ia.51.la/ Frame F2C2 0
215 B 1069ms
326ms Image
text/plain 183.131.207.66
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ia.51.la/go1?id=21278765&rt=1657069330572&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9&ing=1&ekc=&sid=1657069330572&tt=lubiav.com-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591&kw=10000%25E6%258B%258D%25E6%258B%258D18%25E5%258B%25BF%25E5%2585%25A5%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591-%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%2585%258D%25E8%25B4%25B9-av%25E5%25A4%25A9%25E5%25A0%2582%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E5%25B0%258F%25E6%25AC%25A1%25E9%2583%258E-%25E7%25B2%25BE%25E5%2593%2581%25E5%259B%25BD%25E4%25BA%25A7%25E9%25A6%2599%25E8%2595%2589%25E4%25BC%258A%25E6%2580%259D%25E4%25BA%25BA%25E5%259C%25A8%25E7%25BA%25BF&cu=https%253A%252F%252Fklx42.zhgm8jglhk.com%252F&pu=http%253A%252F%252Fwww.sagitco.com%252F
Requested by: Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:13 GMT
Server: CloudWAF
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ Frame F2C2 30 KB
11 KB 413ms
412ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?1138ebd140b7eb3f7d7147d4a8915456

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

1a5cef0d063ea680fb47677ca40b22de22a53218be0c0be93c1ea70f57252585

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:12 GMT
Content-Encoding: gzip
Server: apache
Etag: 4c2f5deb010a6cfc943a64c5472aeafb
Strict-Transport-Security: max-age=172800
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11334

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 414ms
413ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=376280194&si=10e44e3c6edee82d823051e24349004b&v=1.2.95&lv=1&sn=16857&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.sagitco.com%2F&tt=%E4%B8%89%E4%BA%9A%E7%BC%86%E9%AD%84%E5%8C%BB%E7%96%97%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

Requested by

Host: www.sagitco.com
URL: http://www.sagitco.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.sagitco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Jul 2022 01:02:12 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK s.gif
api.share.baidu.com/ 0
116 B 1447ms
167ms Image
text/plain 182.61.201.93
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://api.share.baidu.com/s.gif?l=http://www.sagitco.com/
Requested by: Host: www.sagitco.com
URL: http://www.sagitco.com/
Protocol: HTTP/1.1
Server: 182.61.201.93 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.sagitco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 01:02:13 GMT
Content-Length: 0
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ Frame 3E3C 43 B
299 B 408ms
407ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1856623871&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.sagitco.com%2F&v=1.2.95&lv=1&sn=16858&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fklx42.zhgm8jglhk.com%2F&tt=lubiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Jul 2022 01:02:13 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ Frame F2C2 43 B
299 B 409ms
408ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: hm.baidu.com
URL: https://hm.baidu.com/hm.js?1138ebd140b7eb3f7d7147d4a8915456

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Jul 2022 01:02:13 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ Frame F2C2 43 B
299 B 402ms
401ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&lt=1657069333&rnd=944377208&si=1138ebd140b7eb3f7d7147d4a8915456&su=http%3A%2F%2Fwww.sagitco.com%2F&v=1.2.95&lv=2&sn=16858&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fklx42.zhgm8jglhk.com%2F&tt=lubiav.com-%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91

Requested by

Host: klx42.zhgm8jglhk.com
URL: https://klx42.zhgm8jglhk.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klx42.zhgm8jglhk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Jul 2022 01:02:13 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: js.users.51.la
URL: https://js.users.51.la/21279169.js

Domain: fw.lbbf9.com
URL: https://fw.lbbf9.com//20200417/m0uMGVom/1.jpg

Domain: fw.lbbf9.com
URL: https://fw.lbbf9.com//20200417/m0uMGVom/1.jpg

Domain: n0404.com
URL: https://n0404.com/8e1e9034b4a54c10bcdc828a830c011c.png

Domain: n0404.com
URL: https://n0404.com/80c8a3886e5e4885b9ceb421172edb63.png

Domain: n0399.com
URL: https://n0399.com/370fe18fce95412383ca14e44a0d41f5.png

Domain: bob4942.com
URL: https://bob4942.com/2a66afb62ca745c3868530fdc02492b3.gif

Domain: bob5379.com
URL: https://bob5379.com/ad57239e363d4a2f96c2e91f27d2aefb.gif

Domain: xox8889.com
URL: https://xox8889.com/ffa0f10f31964f75a6d8ab82391c4868.gif

Domain: xox8956.com
URL: https://xox8956.com/b54fabb21dcf461696483c00e563d773.gif

Domain: yyzbtg01.cc
URL: https://yyzbtg01.cc/img/anim55648e4baa6ation-zb-3.gif

Domain: taiwtp1.com
URL: https://taiwtp1.com/img/200200.gif

Domain: tk.learning8808.com
URL: https://tk.learning8808.com/images/zbcpa2.png

Domain: 701.oss-cn-hongkong.aliyuncs.com
URL: https://701.oss-cn-hongkong.aliyuncs.com/gg/200x200.gif

Domain: sdjigd56c.com
URL: https://sdjigd56c.com/tu/%E7%88%B1%E6%B5%AA.gif

Domain: n0404.com
URL: https://n0404.com/8e1e9034b4a54c10bcdc828a830c011c.png

Domain: n0404.com
URL: https://n0404.com/80c8a3886e5e4885b9ceb421172edb63.png

Domain: n0399.com
URL: https://n0399.com/370fe18fce95412383ca14e44a0d41f5.png

Domain: bob4942.com
URL: https://bob4942.com/2a66afb62ca745c3868530fdc02492b3.gif

Domain: bob5379.com
URL: https://bob5379.com/ad57239e363d4a2f96c2e91f27d2aefb.gif

Domain: xox8889.com
URL: https://xox8889.com/ffa0f10f31964f75a6d8ab82391c4868.gif

Domain: xox8956.com
URL: https://xox8956.com/b54fabb21dcf461696483c00e563d773.gif

Domain: yyzbtg01.cc
URL: https://yyzbtg01.cc/img/anim55648e4baa6ation-zb-3.gif

Domain: taiwtp1.com
URL: https://taiwtp1.com/img/200200.gif

Domain: tk.learning8808.com
URL: https://tk.learning8808.com/images/zbcpa2.png

Domain: 701.oss-cn-hongkong.aliyuncs.com
URL: https://701.oss-cn-hongkong.aliyuncs.com/gg/200x200.gif

Domain: sdjigd56c.com
URL: https://sdjigd56c.com/tu/%E7%88%B1%E6%B5%AA.gif

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.sagitco.com/	1970-01-20 04:17:49	Name: Cookies_KL Value: 1
.hm.baidu.com/	1970-01-25 20:29:45	Name: HMACCOUNT_BFESS Value: F9D30C7150993BAF
.www.sagitco.com/	1970-01-20 13:03:25	Name: Hm_lvt_10e44e3c6edee82d823051e24349004b Value: 1657069332
.www.sagitco.com/	1969-12-31 23:59:59	Name: Hm_lpvt_10e44e3c6edee82d823051e24349004b Value: 1657069332

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://www.sagitco.com/tj.js(Line 8) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/21279169.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.sagitco.com/tj.js(Line 8) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/21279169.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	warning	URL: https://klx42.zhgm8jglhk.com/ Message: Mixed Content: The page at 'https://klx42.zhgm8jglhk.com/' was loaded over HTTPS, but requested an insecure element 'http://fw.lbbf9.com//20200417/m0uMGVom/1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://klx42.zhgm8jglhk.com/ Message: Mixed Content: The page at 'https://klx42.zhgm8jglhk.com/' was loaded over HTTPS, but requested an insecure element 'http://fw.lbbf9.com//20200417/m0uMGVom/1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://fw.lbbf9.com//20200417/m0uMGVom/1.jpg Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
network	error	URL: https://fw.lbbf9.com//20200417/m0uMGVom/1.jpg Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
security	warning	URL: https://klx42.zhgm8jglhk.com/(Line 292) Message: Mixed Content: The page at 'https://klx42.zhgm8jglhk.com/' was loaded over HTTPS, but requested an insecure element 'http://fw.lbbf9.com//20200417/m0uMGVom/1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://klx42.zhgm8jglhk.com/(Line 292) Message: Mixed Content: The page at 'https://klx42.zhgm8jglhk.com/' was loaded over HTTPS, but requested an insecure element 'http://fw.lbbf9.com//20200417/m0uMGVom/1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

32653562.com
701.oss-cn-hongkong.aliyuncs.com
api.share.baidu.com
bob4915.com
bob4942.com
bob5379.com
fw.lbbf9.com
hm.baidu.com
ia.51.la
jcyunk2.com
js.users.51.la
klx42.zhgm8jglhk.com
lb.learning8809.com
n0355.com
n0399.com
n0404.com
n0477.com
push.zhanzhang.baidu.com
sagitco.com
sb.learning8808.com
sdjigd56c.com
taiwtp1.com
tk.learning8808.com
www.gg123456789gg.com
www.sagitco.com
xox8889.com
xox8956.com
xox8995.com
yyzbtg01.cc
701.oss-cn-hongkong.aliyuncs.com
bob4942.com
bob5379.com
fw.lbbf9.com
js.users.51.la
n0399.com
n0404.com
sdjigd56c.com
taiwtp1.com
tk.learning8808.com
xox8889.com
xox8956.com
yyzbtg01.cc
103.170.15.107
103.170.15.92
103.235.46.191
104.208.85.134
112.90.153.42
118.107.46.234
136.0.141.3
136.0.141.5
162.209.201.60
180.101.212.103
182.61.201.93
183.131.207.66
20.210.89.45
20.222.126.63
220.128.218.220
2606:4700:3030::6815:12ae
2606:4700:3030::ac43:b6cf
2a06:98c1:3120::3
38.63.1.109
45.61.212.119
45.61.212.223
45.61.212.54
47.75.19.85
52.140.195.15
0056cc36dee5a76974a4e416a313ff5f09d6268171faafc939496438e4161e89
02ffc05b43e07d8552bbfda7a37a41f98c09756bf98a1a179df2192ef0b2a71b
07b32fc9b4985f3e7a35071bddad0ac6fef555f105476df6733c188383d76f9c
0810bd77e5c0bcf107ff7db6b55a3b9f9aabbf5282bbf61343ba4ee6e040bb65
09424bf279c942aa70ce86abbb4ec994a50d62e001f9f69d5737fd8508e7e823
0aca9b4439594523a9bb6d8dfe97718c4e91379d44b9c2478ebff76ce705e063
0bb4ec00d22758bd6f9960202619821782a2c88ebd0997582582b00f015642fb
0c0afb20158289f63a2b8a9d57502a932cbaabb4b255babeacac3bf0a6534d80
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
13a5267da129d89878d38e19fb2f6c16fc159f0ff113315e08ff2d953d4c2ce7
1497a3f9f862fee68b149f8dccb052c01a3f84595bd3ddb8abc875da2c6846ac
19f9436703c1b5b718781093004ea368249bf0a0074d2b6516adc5765131a408
1a10767e7f0217734697d6d907d95936dc5be955ba28cd7e311deda7573ff5e1
1a5cef0d063ea680fb47677ca40b22de22a53218be0c0be93c1ea70f57252585
1b9a65581d315f2a00351beb076371cd1bcc04e2e70027ffd71c9eb9af760fb2
1bc7aa17c05e4f11524f726f795fc67af7829eac385742ddab7a1130e519c18b
1c64028fba849ecf81cae46173194457736017f36066493ba9241fc6717bb7ab
269a642190139efcc044a53f3194f196e79d8e981d3e8cf0184ce4e8eb134020
27768dd2b31fd1d64f33d6625a7584bdfcc90dbeaf8457e26856d4eb00fb3619
2822c5810e10ca718db95e5373226c23a6e781dabc9e4b59ff86656fa9e8f499
2c374dee3ba8c9eff4cf02fca22a47dd138988b6059fb7ca712f6425df515275
2ca8007b97da4aa8dfe8e89950cd97d6c804f17d4d9cb51e0f7492335412724c
2e39bff3d6e2d90366b74930724bf65adf90875fdf1d2672ab2412a68084ffe4
323166a54c5cbc8fe5628ca0ac050c55cad3cd054fcdebe7a4ba95982817d2f2
35742e874e60b23deec883cd5179e7c350f334fde1f07e5f9f2c1a1a7f2f18f6
385ace7701f1372da6741105a4657a1c7987ce3a5a699f472dc86b5dcc0dcd03
3b9fe18cd6b61db8204b6200d359f5aaaba482641a9e0e787cbe8e04c59f585a
4213ff4a5fe5cdf48179cc698ba23d974c451ebd7dd93448b49930c281ebfbd9
4638e1b3d37bcc0f7541ffd91879dc9f6bd069cdd76675562b6038a020925af9
49b843e9a2a2c23c997b523779f038d188d816dc8d7e454e6bb1f94c68d96fa2
4ed98c7de211fde8b21e4d6b7cc0990c5f9690b348674fae73593aa6ef6cd8ab
51e946229fa30a4e380fece0b73688f5c0dc91dfb0e70ccdd1ee7718c6d24564
5565f81db170d81799ef3af49c3de085a90ea310c3854387330f78dc25585f81
579cc45d45fdef6b59083c501cbe457ac315c57b2e6343ad67555c27ec3e5ba3
58cbcba238140b4366da7b34c8fa11a5547c2f6ffa8a07c1106186bd119034df
59c730a313db642dd842aad1586e7d3a29dabe14be7404a1cd0a0d25138e669c
5a1dc1d9b38028fd41625f1149571dc6b0fdce8b709df26d611a711c62929dad
6223ea653b3ccdc2d5f9567a16a7225332905919ea00edde3fecc09aa0ba5461
63beba70a969d813ac36a9065098f77e3dca1d485e96b1dce04c069a60421c16
66a46af46c14ee8db8b069c7f5dc6e3854f860bf3a29e40ce2f2d394d9a499c8
66b5a20eaf9b570ac60d43b4709317d58f6017578462585d7e3ef45c238f0fea
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
68ba4c4b15565431cb3eb04e98b176db6634fd9b9f881689f9c07ee5ea1dae65
6b2abb7a7f617b00663793c14e0ab02ada1d9bbbd33eece9f00502c3b79763ff
6ce2e990e0e3d34b9c049d12bdd691163c668d93a1fcfc52c91336a227b3dc94
6ec5344f5c44a6167edff3fa3b8108ad2903537afce117449e56913393f3d645
6feced2f487ed34a4b6d7141169de06637f15aed4c52aaf7872458040ae70c6e
70b570eb494e3019c66ce23436eb6db207eb6119c812e6d7df319fe602bb8566
70ffd71215ec938af9e1002b6bc6384bee7b19258ff5363f783fd516c6a1e3b6
77720b3e2e0cbd28e49c289c4a135efb52d1a938d47f3a3e65ae7634d54492b5
78b2b06ff170a2f683a8b26b743a387b4d807e5bd9fd056b1f214f91446d300a
7932bde6be3efbf6b896b7bc23eb9edce826f29758fa58678d1bf779415c5215
7b4fb840d83d5735a8ce746a307a80020a46b21e300c2f0fd7a44645f2c09cb1
7cc273eaaec28a73c3d3adc6a8a0e8b92ea623cb0fa1eb9027a3dbc7a25a86be
7dac5e0a6b8487b5bcdab06810beb4ce6f7c418d17456b5a466d5572e5772eff
8256dda7c0e10aa129d11f5293b881a3ae33fdfd2efa3587dfe7e1411b8dd2c0
860b3b34607079cc4092b537b77998403d7eda0e0ca004c5977d569bcc519443
8742cbc5071fd4166eb2a6a7bb6f0862aec57ef87d2fb0e4c0de668f79ad219d
87d507ded968cf229b266f383bd32b19c73a3d4636e88f177e8188e66a68a6b8
8823c51a5f4da046c2b4d0806ad0ba8ac9cd627690d96c2e846e1f27cac4db34
8a6920701b78e0d28ab0d1bc646ccb7a82f93eaf66399a435b55788356d594eb
8ea78aee5e582e98a1f4650a6f9228a2177728a2b03489a97e20697711f5d2e4
934327e898ed908ca9cd5449ce2c14255c449b7b7d0581f86e664d0dc70433ef
95add14ccb4e022cf7194a6b5da42ab3e38bf171796f45a6d68733c6465dece9
992a6796af71f08f10c38805a69e234a96f45cae6071a6aaf1e792ee3f357716
99d585f6806983ff7bb2661d2faf828373656603eb9188d0ced326515b9b4d08
9e8d4dd0943c25974a96510cfb34e333351b9939d9431c4482e27bc204ef09bf
9fed0f858a427119e98307e60d40ab365046664c0073a62ba5f1b922d69eb346
a7f5fafaee61f31774e0b7709f92bdcc45237f937e6690f903d431b1ff9ab064
a9189a3a524e8d0369e25ee5fe11e37f9730f4bf1860f33d082959ebece8a9aa
a9dfe27cd3c4cfd68f0deb55a593bcac7f77494883c5dc7dbe6f1301e150ab9d
a9ff173d33aa8c7937d7b1285c32e765926a8cdba28838d1b370e0d16846ef2d
ad7cdc4e6afc36ac4ad930e804984b16c80584e67e665992bd6a74e5cfb0d957
b016d08b5926768cbb1dd91adc16a0f0302bd1d3b1fcbfbe4dd30f66cfe0a9eb
b07be4b9709fcca75742f35d2769d08878c6a0e7abf2cde2a6e65d029f754423
b1b94bcc3d698ccd417845c7c02ee591f61f325048ed0b6658a0fe3bacfbf045
b26d4de107c13bfceff216d745f7fa588dfe81e1908d392934e69ac5d4b1f15b
b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d
b4824a36f16498eb62aff9bab3a8544714401c86ddcf72a4c6ecccde0355633a
bb39c24977f35aca4f84a9acb48f90c2fca6f5469902454f70252641c4b3056f
bd96321466d68dddabbc45cf7d72821ab7801de184f638a382b6a6681fba949d
c01d665a1abb0e10e3ac90119e3674db0363a112da7f8322c12bbafbe0bd88dc
c10afccbf2eb99bc0f8f0b121ceaa6393f99ee707ec81d7b00d7ff7cb499c0c1
c4431d5b9fbcd58aa8035364941bcb59c0ce4c601f4dee03110d2c907051ba5e
ca5ada5bab699078f3ecdb2a2b569bcef9b8b34f6773d2197c0658a55fad5d25
cb7981feb9e63291bbf5d44ecfa021908b513189d4e38a1710dbac83209175f8
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0236a0095bbc27b2afcaac11165de2da041fb9f07ea773cbd1e78ec55eb97d1
d26298e53439e37511c0fb08df9a0924244d8f75ea898de79d9ae215d38898f5
d41138a2f786edf66c084dc7465925fe47e70690d04c7264eeea9af1f34714e5
d653222e02b0dfb70d11368109bcb69e8d2a1ec0c0d7831d947375b772df96c7
d9cc8d94dacb652181d48272239677cd8ceb3808dbd11c1f8b9360de504fa5cd
daa0108b940ac24602a833d71c9da1355b62fa0a4266432bdb316b2649851733
dac04d049696b8e58a9d9ccc2c2e90f480ad925f796df8ddb5a87f10250bc39e
dc31830acac16cfe638e8304441ddf913c9650833babb08249d3500b6609fe1d
e3a43def176bfbf1b908ba64094cbbb737c4fc3190ac21f8cc831ce01e270bff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7388077486f760cc4b1ac6a8d84e7ba716cc74ffccd8b58bdce081a11994348
ea0a19f999b329c2bfbf1d2147109c6ddd90ad772d209b86229f0412324b0d47
eefdec112dbde7aae86afa8def477e7cb6c12afbe0fda0776b671c2fcd9f6d85
efec6af41c7d62477fea38dc132ca4966926592aeddd95cd78708f62e6f940ee
f21b17add2b5dc734217cfa6c6c2a2d277e17ca9f939cc0af2cadef672cbc68f
f33f7dd576d4074af0a303991ac4eba81aef8baf33afa563c09592afda187af1
f43e757bcb1dfcc9dd7e3385322a1459d33d102964538feec44cebe288d878ee
f6e4778de943e27dc198c39f45c6e896803077f99c6f2e3a55e61177d8a3ed05
f8f90ef68b126f23c4be949a416d29675d7323090f2527e31659adffc4256071
fb51712a1fc7b56a44972da5b4dabf950d9bdeee00f4f8b3d3be00939928907b
fecc5094c2866c46cb33d93d81130c566c9b9be2a93ac45d9f5dd411f7ca0cd7

www.sagitco.com Open in urlscan Pro 38.63.1.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

281 Requests

88 %HTTPS

13 %IPv6

24 Domains

29 Subdomains

25 IPs

6 Countries

36811 kBTransfer

37212 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

281 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.sagitco.com Open in urlscan Pro
38.63.1.109 Public Scan

Screenshot
Live screenshot

Full Image

281
Requests

88 %
HTTPS

13 %
IPv6

24
Domains

29
Subdomains

25
IPs

6
Countries

36811 kB
Transfer

37212 kB
Size

4
Cookies

281 HTTP transactions
0 data transactions