www.telegramtoto.com Open in urlscan Pro
154.92.239.252 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://telegramtoto.com/
Effective URL:
http://www.telegramtoto.com/
Submission: On October 26 via api (October 26th 2023, 9:31:49 pm UTC) from SG — Scanned from SG

Summary HTTP 137 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 12 domains to perform 137 HTTP transactions. The main IP is 154.92.239.252, located in Hong Kong and belongs to OWS, US. The main domain is www.telegramtoto.com.

This is the only time www.telegramtoto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23 62	154.92.239.252 154.92.239.252	984 (OWS) (OWS)
1	74.125.68.95 74.125.68.95	15169 (GOOGLE) (GOOGLE)
1	142.251.10.95 142.251.10.95	15169 (GOOGLE) (GOOGLE)
1	23.72.45.28 23.72.45.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1	154.92.239.226 154.92.239.226	984 (OWS) (OWS)
22	192.0.66.210 192.0.66.210	2635 (AUTOMATTIC) (AUTOMATTIC)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1 51	45.156.221.3 45.156.221.3	61368 (DAFEIYUN_AS) (DAFEIYUN_AS)
5	172.217.194.94 172.217.194.94	15169 (GOOGLE) (GOOGLE)
1	192.0.66.2 192.0.66.2	2635 (AUTOMATTIC) (AUTOMATTIC)
3	3.160.188.96 3.160.188.96	16509 (AMAZON-02) (AMAZON-02)
2	122.225.212.183 122.225.212.183	58461 (CT-HANGZH...) (CT-HANGZHOU-IDC No.288)
2	74.125.68.97 74.125.68.97	15169 (GOOGLE) (GOOGLE)
1	54.192.111.122 54.192.111.122	16509 (AMAZON-02) (AMAZON-02)
1	223.109.148.174 223.109.148.174	9808 (CHINAMOBI...) (CHINAMOBILE-CN China Mobile Communications Group Co.)
2	18.161.97.18 18.161.97.18	16509 (AMAZON-02) (AMAZON-02)
2	54.192.111.68 54.192.111.68	() ()
137	18

62 154.92.239.252 (Hong Kong) 23 redirects

ASN984 (OWS, US)

telegramtoto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.telegramtoto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.68.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.10.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f95.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.72.45.28 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-45-28.deploy.static.akamaitechnologies.com

players.brightcove.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.92.239.226 (Hong Kong)

ASN984 (OWS, US)

154.92.239.226	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 192.0.66.210 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

kffhealthnews.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 45.156.221.3 (United States) 1 redirects

ASN61368 (DAFEIYUN_AS, GB)
PTR: gpswing.com

xn--becrfy2b5bzfbd.xn--gecrj9c	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www-4935.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.66.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

embeds.kff.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.160.188.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-188-96.mrs52.r.cloudfront.net

embed.acast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 122.225.212.183 (China)

ASN58461 (CT-HANGZHOU-IDC No.288,Fu-chun Road, CN)

v1.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.68.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.111.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-111-122.mrs52.r.cloudfront.net

cdn.acast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 223.109.148.174 (China)

ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN)

z6.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.161.97.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-97-18.mrs52.r.cloudfront.net

feeder.acast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.192.111.68 (None, )

ASN- ()

thumborcdn.acast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	telegramtoto.com 23 redirects telegramtoto.com www.telegramtoto.com	588 KB
50	1 redirects function sub() { [native code] }.	986 KB
22	kffhealthnews.org kffhealthnews.org — Cisco Umbrella Rank: 504184	689 KB
8	acast.com embed.acast.com — Cisco Umbrella Rank: 126232 cdn.acast.com — Cisco Umbrella Rank: 133076 feeder.acast.com — Cisco Umbrella Rank: 135018 thumborcdn.acast.com	236 KB
5	gstatic.com fonts.gstatic.com	106 KB
3	cnzz.com v1.cnzz.com — Cisco Umbrella Rank: 94630 z6.cnzz.com — Cisco Umbrella Rank: 163823 c.cnzz.com — Cisco Umbrella Rank: 64334	6 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	137 KB
2	baidu.com hm.baidu.com — Cisco Umbrella Rank: 7955	12 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113 ajax.googleapis.com — Cisco Umbrella Rank: 720	10 KB
1	www-4935.com www-4935.com	829 B
1	kff.org embeds.kff.org	882 B
1	brightcove.net players.brightcove.net — Cisco Umbrella Rank: 5410	1016 B
137	12

	Domain	Requested by
61	www.telegramtoto.com	22 redirects www.telegramtoto.com
50	xn--becrfy2b5bzfbd.xn--gecrj9c	1 redirects www.telegramtoto.com xn--becrfy2b5bzfbd.xn--gecrj9c
22	kffhealthnews.org	www.telegramtoto.com
5	fonts.gstatic.com	fonts.googleapis.com
3	embed.acast.com	embeds.kff.org embed.acast.com
2	thumborcdn.acast.com	www.telegramtoto.com embed.acast.com
2	feeder.acast.com	embed.acast.com
2	www.googletagmanager.com	xn--becrfy2b5bzfbd.xn--gecrj9c embed.acast.com
2	hm.baidu.com	154.92.239.226 www.telegramtoto.com
1	c.cnzz.com	v1.cnzz.com
1	z6.cnzz.com	v1.cnzz.com
1	www-4935.com	xn--becrfy2b5bzfbd.xn--gecrj9c
1	cdn.acast.com	embed.acast.com
1	v1.cnzz.com	xn--becrfy2b5bzfbd.xn--gecrj9c
1	embeds.kff.org	www.telegramtoto.com
1	players.brightcove.net	www.telegramtoto.com
1	ajax.googleapis.com	www.telegramtoto.com
1	fonts.googleapis.com	www.telegramtoto.com
1	telegramtoto.com	1 redirects
0	add_favorite Failed	xn--becrfy2b5bzfbd.xn--gecrj9c
137	20

This site contains no links.

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
players.brightcove.net DigiCert TLS RSA SHA256 2020 CA1	`2023-05-30` - `2024-05-30`	a year	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2023-07-06` - `2024-08-06`	a year	crt.sh
*.xn--becrfy2b5bzfbd.xn--gecrj9c Sectigo RSA Domain Validation Secure Server CA	`2023-08-04` - `2024-08-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
embeds.kff.org R3	`2023-09-21` - `2023-12-20`	3 months	crt.sh
prod.audience-growth.acast.cloud Amazon RSA 2048 M02	`2023-03-29` - `2024-04-26`	a year	crt.sh
*.cnzz.com GlobalSign Organization Validation CA - SHA256 - G3	`2023-01-28` - `2024-02-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.acast.com Amazon RSA 2048 M02	`2023-01-24` - `2024-02-22`	a year	crt.sh
www-4935.com R3	`2023-08-03` - `2023-11-01`	3 months	crt.sh
*.prod.ateam.acast.cloud Amazon RSA 2048 M01	`2023-03-26` - `2024-04-22`	a year	crt.sh

This page contains 5 frames:

Primary Page: http://www.telegramtoto.com/
Frame ID: 36F0386C4C0D2FE32F417258D06E6271
Requests: 72 HTTP requests in this frame

Frame: https://xn--becrfy2b5bzfbd.xn--gecrj9c:9999/?seoseo
Frame ID: 925AF9656DE4C59D03E28B79408C1CFD
Requests: 9 HTTP requests in this frame

Frame: https://embeds.kff.org/protected-iframe/8eccff3d8ab2c86edcd7f06a052458cd
Frame ID: A3D4BFD630E87B86F84057BE37AEB171
Requests: 1 HTTP requests in this frame

Frame: https://embed.acast.com/6155f849336c5f0012e51b95/653171c36a17f80012473bdb
Frame ID: 10E03C9ED0EB388A808E984100B4742C
Requests: 9 HTTP requests in this frame

Frame: ext://add_favorite
Frame ID: A819F980E99BB43133DDE448BCF913BF
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

澳门六合开奖结果-澳门六合彩走势图-澳门六合彩开奖结果走势图澳门六合开奖结果-澳门六合彩走势图-澳门六合彩开奖结果走势图

Page URL History Show full URLs

http://telegramtoto.com/ HTTP 301
http://www.telegramtoto.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

137
Requests

54 %
HTTPS

0 %
IPv6

12
Domains

20
Subdomains

18
IPs

4
Countries

2765 kB
Transfer

4829 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://telegramtoto.com/ HTTP 301
http://www.telegramtoto.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

http://www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/images/kffhealthnews-logo.png HTTP 302
https://kffhealthnews.org/wp-content/themes/kaiser-healthnews-2017/static/images/kffhealthnews-logo.png

Request Chain 25

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/10/GettyImages-613147888.jpg?w=570&h=380&crop=1 HTTP 302
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/GettyImages-613147888.jpg?w=570&h=380&crop=1

Request Chain 26

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/10/Hegstrom-resized.jpg?w=270&h=180&crop=1 HTTP 302
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/Hegstrom-resized.jpg?w=270&h=180&crop=1

Request Chain 27

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/10/Porter-resized.jpg?w=270&h=180&crop=1 HTTP 302
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/Porter-resized.jpg?w=270&h=180&crop=1

Request Chain 28

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/10/GettyImages-1461443672-resized.jpg?w=270&h=180&crop=1 HTTP 302
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/GettyImages-1461443672-resized.jpg?w=270&h=180&crop=1

Request Chain 29

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/10/Rosenquist_03-resized-2400.jpeg?w=270&h=180&crop=1 HTTP 302
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/Rosenquist_03-resized-2400.jpeg?w=270&h=180&crop=1

Request Chain 30

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/09/Justina_Worrell.jpg?w=570&h=380&crop=1 HTTP 302
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/09/Justina_Worrell.jpg?w=570&h=380&crop=1

Request Chain 31

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/10/Street-medicine24_3840x2560web.jpg?w=840&h=430&crop=1 HTTP 302
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/Street-medicine24_3840x2560web.jpg?w=840&h=430&crop=1

Request Chain 32

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/10/Excited-Delirium04_web.jpg?w=570&h=300&crop=1 HTTP 302
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/Excited-Delirium04_web.jpg?w=570&h=300&crop=1

Request Chain 33

http://www.telegramtoto.com/wp-content/uploads/sites/2/2021/11/sc_readmissionsFY2022-CA_250x300.png?w=250&h=300&crop=1 HTTP 302
https://kffhealthnews.org/wp-content/uploads/sites/2/2021/11/sc_readmissionsFY2022-CA_250x300.png?w=250&h=300&crop=1

Request Chain 34

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/10/Vibrio-vulnificus-resized.jpg?w=250&h=300&crop=1 HTTP 302
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/Vibrio-vulnificus-resized.jpg?w=250&h=300&crop=1

Request Chain 35

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/10/Bobbitt.jpg?w=570&h=300&crop=1 HTTP 302
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/Bobbitt.jpg?w=570&h=300&crop=1

Request Chain 36

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/10/Exactech03_3840x2560web.jpg?w=570&h=300&crop=1 HTTP 302
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/Exactech03_3840x2560web.jpg?w=570&h=300&crop=1

Request Chain 37

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/10/GettyImages-560116077-resized.jpg?w=250&h=300&crop=1 HTTP 302
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/GettyImages-560116077-resized.jpg?w=250&h=300&crop=1

Request Chain 38

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/02/sc_Kristie-Fields_250x300.jpg?w=250&h=300&crop=1 HTTP 302
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/02/sc_Kristie-Fields_250x300.jpg?w=250&h=300&crop=1

Request Chain 39

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/02/sc_BOTM-Sept2023_840x2560web.jpg?w=570&h=300&crop=1 HTTP 302
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/02/sc_BOTM-Sept2023_840x2560web.jpg?w=570&h=300&crop=1

Request Chain 40

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/10/CartoonStock_587153_CS182002.jpg HTTP 302
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/CartoonStock_587153_CS182002.jpg

Request Chain 41

http://www.telegramtoto.com/wp-content/uploads/sites/2/2016/08/judygraham_100x100.jpg?w=100&h=100&crop=1 HTTP 302
https://kffhealthnews.org/wp-content/uploads/sites/2/2016/08/judygraham_100x100.jpg?w=100&h=100&crop=1

Request Chain 42

http://www.telegramtoto.com/wp-content/uploads/sites/2/2022/12/Asking-Never-Hurts2022-1.jpg?resize=100,100 HTTP 302
https://kffhealthnews.org/wp-content/uploads/sites/2/2022/12/Asking-Never-Hurts2022-1.jpg?resize=100,100

Request Chain 43

http://www.telegramtoto.com/wp-content/uploads/sites/2/2022/12/HealthBent-2022-1.jpg?resize=100,100 HTTP 302
https://kffhealthnews.org/wp-content/uploads/sites/2/2022/12/HealthBent-2022-1.jpg?resize=100,100

Request Chain 68

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/04/2023_contact-general.png HTTP 302
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/04/2023_contact-general.png

Request Chain 69

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/04/2023_contact-tip.png HTTP 302
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/04/2023_contact-tip.png

Request Chain 81

https://xn--becrfy2b5bzfbd.xn--gecrj9c:9999/dh HTTP 301
https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

137 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.telegramtoto.com/
Redirect Chain

http://telegramtoto.com/
http://www.telegramtoto.com/

85 KB
23 KB

729ms
535ms

Document
text/html

154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: d6d5e8dc90556154970ea015a160f0a0a3cbb6fd0809ae9bc98cadb587f1d581

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=gbk
Date: Thu, 26 Oct 2023 21:31:32 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Thu, 26 Oct 2023 21:31:31 GMT
Location: http://www.telegramtoto.com/
Server: nginx

GET
H/1.1 200
OK style.min.css
www.telegramtoto.com/wp-includes/css/dist/block-library/ 102 KB
17 KB 599ms
594ms Stylesheet
text/css 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: 116a57b4d8e4823dfd18e96d47819d5af2f0bad8ec53f43201ac20384983c382

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:33 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK style-index.css
www.telegramtoto.com/wp-content/plugins/kff-common/build/promo/ 22 KB
5 KB 598ms
593ms Stylesheet
text/css 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-content/plugins/kff-common/build/promo/style-index.css?ver=0.1.0
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: 0188c244faa1e06e229e4e72f79d57a7cb2fc1cd88fd47d2040706bbdd442aff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:33 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK mediaelementplayer-legacy.min.css
www.telegramtoto.com/wp-includes/js/mediaelement/ 11 KB
3 KB 597ms
593ms Stylesheet
text/css 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: 06fceda118e587bb3828e251effab29487aa3890279447621a44d15942b9ab3b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:33 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK wp-mediaelement.min.css
www.telegramtoto.com/wp-includes/js/mediaelement/ 4 KB
2 KB 595ms
591ms Stylesheet
text/css 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.3.2
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: c44b191a65523b90761de500a5cbc62ebafde56242c6a0c25ca6782c46a39ac0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:33 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK related-posts-block-styles.min.css
www.telegramtoto.com/wp-content/mu-plugins/search/elasticpress-next/dist/css/ 224 B
543 B 596ms
592ms Stylesheet
text/css 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-content/mu-plugins/search/elasticpress-next/dist/css/related-posts-block-styles.min.css?ver=4.2.2
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: 54bfc7621a4da3c0a6a72ddce3297612a5b8b4c0b687ca6609cb715bf8e23fc2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:33 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK style.css
www.telegramtoto.com/wp-content/plugins/kaiser-hubspot/assets/css/ 4 KB
1 KB 232ms
198ms Stylesheet
text/css 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-content/plugins/kaiser-hubspot/assets/css/style.css?ver=1.0.0
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: 47792e7c20d5725e45bbd87c416fd18e33d4f76caa3631a9737e8040c2198cf4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:33 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK khn.css
www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/css/ 637 KB
94 KB 598ms
365ms Stylesheet
text/css 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/css/khn.css?ver=99f9545d77419e4010c6998e5ee884bd3d9e7cc9
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: d7cdfbcd2796e4bf663c912976cee23121c9c3138df1aceafc58f46793d5a4dc

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:33 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 918ms
101ms Stylesheet
text/css 74.125.68.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C400i%2C700%2C700i%7CSource+Sans+Pro%3A300%2C400%2C400i%2C600%2C700%2C&ver=99f9545d77419e4010c6998e5ee884bd3d9e7cc9

Requested by

Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f95.1e100.net

Software

ESF /

Resource Hash

cc7995e2bcfea6fbd2ae9ecc426e1a0bb96bb6682fa85c95509d9688f9ffcea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.telegramtoto.com/
Origin: http://www.telegramtoto.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 26 Oct 2023 21:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 21:31:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 26 Oct 2023 21:31:33 GMT

GET
H/1.1 200
OK font-awesome.min.css
www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/css/ 31 KB
8 KB 755ms
153ms Stylesheet
text/css 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/css/font-awesome.min.css?ver=99f9545d77419e4010c6998e5ee884bd3d9e7cc9
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: 60eadcd6bd4af906533bf34e9769f46c4fd588062e172b25712d1e75c0c534ad

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:33 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/ 34 KB
8 KB 908ms
92ms Stylesheet
text/css 142.251.10.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/jquery-ui.css?ver=6.3.2

Requested by

Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f95.1e100.net

Software

sffe /

Resource Hash

7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 10:10:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8060
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Oct 2024 10:10:19 GMT

GET
H/1.1 200
OK videojs-pip.css
players.brightcove.net/videojs-pip/1/ 913 B
1016 B 916ms
101ms Stylesheet
text/css 23.72.45.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/videojs-pip/1/videojs-pip.css?ver=2.8.3
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.72.45.28 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-72-45-28.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: aecfebb58655e1607358f9701c36c07299d6c5d0f619bc78080d073683043d5a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: WMGcm7sYw.eQeC68.dxwoyTBFV87VYmx
Content-Encoding: gzip
Date: Thu, 26 Oct 2023 21:31:33 GMT
x-amz-request-id: 6M483QT43HY5WS1R
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 323
x-amz-id-2: 7/eH3KzFZM5VHDNWl6J2z/4706tOhGukvwMRr4sJfjJbZSeArheyXkSUyrGoojZ29QWdxW0wHX4bu4+gT12k6NQNm+orXnZZw2Vx5R9l4h4=
X-BCOV-Response-Mode: 1
X-Served-By: cache-qpg1236-QPG
Last-Modified: Thu, 11 Aug 2022 17:08:52 GMT
Server: AmazonS3
X-Timer: S1678081635.533984,VS0,VE0
ETag: "2a536ec50ae8c14c76f9177e52fc9c11"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=12
Accept-Ranges: bytes
X-Cache-Hits: 2

GET
H/1.1 200
OK brightcove_playlist.min.css
www.telegramtoto.com/wp-content/plugins/brightcove-video-connect/assets/css/ 617 B
676 B 755ms
153ms Stylesheet
text/css 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-content/plugins/brightcove-video-connect/assets/css/brightcove_playlist.min.css?ver=2.8.3
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: 21a025608011dacef8150bb8181241e5dab9eb605e71d978643e4547e0c83bbe

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:33 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK social-logos.min.css
www.telegramtoto.com/wp-content/mu-plugins/jetpack-12.6/_inc/social-logos/ 12 KB
8 KB 761ms
159ms Stylesheet
text/css 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-content/mu-plugins/jetpack-12.6/_inc/social-logos/social-logos.min.css?ver=12.6.2
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: 82c93d7d923aee9321ce2f750d2e365add1c7206fd06ea757953724ea2999cb8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:33 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK sharedaddy.css
www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/css/ 1 KB
915 B 756ms
154ms Stylesheet
text/css 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/css/sharedaddy.css?ver=99f9545d77419e4010c6998e5ee884bd3d9e7cc9
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: 4c5a2f189f78f2c085cf2ea0c79e791ac765699e6d3099c651217668d370b7d9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:33 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK jetpack.css
www.telegramtoto.com/wp-content/mu-plugins/jetpack-12.6/css/ 98 KB
22 KB 771ms
169ms Stylesheet
text/css 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-content/mu-plugins/jetpack-12.6/css/jetpack.css?ver=12.6.2
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: c1025a50183c93dc7febc3015e7b60351214007846699fea22f28d78ebb7a8c9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:33 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK jquery.min.js Show response
www.telegramtoto.com/wp-includes/js/jquery/ 93 KB
35 KB 791ms
184ms Script
text/javascript 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: ff8aedabb741fd7c17348bcfa846f2acabd6ccfdac358e2644820d940f61fea4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:33 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
www.telegramtoto.com/wp-includes/js/jquery/ 14 KB
6 KB 939ms
184ms Script
text/javascript 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: 915e3a729aba509de39b031657bb81c4456eda5d7290206b683ed889d61f31b6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:33 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/js/ 38 KB
12 KB 955ms
199ms Script
text/javascript 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/js/bootstrap.min.js?ver=99f9545d77419e4010c6998e5ee884bd3d9e7cc9
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: fc4ab3e7723a38464750cdc759a48ef1895c621d265a9641b46cec8599694e55

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:33 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK global.js Show response
www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/js/ 8 KB
3 KB 940ms
179ms Script
text/javascript 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/js/global.js?ver=99f9545d77419e4010c6998e5ee884bd3d9e7cc9
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: 4928ecf1ce27b8ecbba06af657f84e374babdef620edfab35861adacf1ee7b58

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:33 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK global.bundle.min.js Show response
www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/js/ 20 KB
6 KB 943ms
179ms Script
text/javascript 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/js/global.bundle.min.js?ver=99f9545d77419e4010c6998e5ee884bd3d9e7cc9
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: 98b7cd3159f27b659b43703a0c394520a4717cce125d5a94958b6bb192d15519

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:33 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK aronn226.js Show response
154.92.239.226/ 2 KB
1 KB 592ms
590ms Script
application/javascript 154.92.239.226
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://154.92.239.226/aronn226.js
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.226 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: 812866e7dc2c7564b1301ad7e84ee398f6730d71f148fc84974df07ade936dde

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 26 Oct 2023 21:31:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 Oct 2023 11:33:32 GMT
Server: nginx
ETag: W/"653a4e8c-7c9"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Fri, 27 Oct 2023 09:31:33 GMT

GET
H/1.1 200
OK kffhealthnews-logo-reverse.svg
www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/images/ 4 KB
4 KB 161ms
159ms Image
text/html 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/images/kffhealthnews-logo-reverse.svg
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:34 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=gbk
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK kffhealthnews-logo.svg
www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/images/ 4 KB
4 KB 144ms
143ms Image
text/html 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/images/kffhealthnews-logo.svg
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:34 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=gbk
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

kffhealthnews-logo.png
kffhealthnews.org/wp-content/themes/kaiser-healthnews-2017/static/images/
Redirect Chain

http://www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/images/kffhealthnews-logo.png
https://kffhealthnews.org/wp-content/themes/kaiser-healthnews-2017/static/images/kffhealthnews-logo.png

5 KB
5 KB

362ms
91ms

Image
image/png

192.0.66.210
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kffhealthnews.org/wp-content/themes/kaiser-healthnews-2017/static/images/kffhealthnews-logo.png
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: H2
Server: 192.0.66.210 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 794a12c24e51cc62a3cc3ee3bec4fe663eed1d5bdf3e76ac2b3265c4169a3a80

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 21:31:34 GMT
x-rq: sin2 123 242 443
last-modified: Wed, 30 Aug 2023 15:10:57 GMT
server: nginx
etag: "64ef5c01-12ca"
x-cache: HIT
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4810

Redirect headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:34 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://kffhealthnews.org/wp-content/themes/kaiser-healthnews-2017/static/images/kffhealthnews-logo.png
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK print.css
www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/css/ 2 KB
1 KB 177ms
177ms Stylesheet
text/css 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/css/print.css?ver=99f9545d77419e4010c6998e5ee884bd3d9e7cc9
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: 76a1b6b30efc71f84dbae0b1640f60a55942a817c2bb0a5308a3da6b4a2c889e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:35 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

GettyImages-613147888.jpg
kffhealthnews.org/wp-content/uploads/sites/2/2023/10/
Redirect Chain

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/10/GettyImages-613147888.jpg?w=570&h=380&crop=1
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/GettyImages-613147888.jpg?w=570&h=380&crop=1

26 KB
26 KB

361ms
91ms

Image
image/webp

192.0.66.210
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/GettyImages-613147888.jpg?w=570&h=380&crop=1
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: H2
Server: 192.0.66.210 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b38973e1b823a5b866b6908f81079864ff964360f61fb0c93fa68cdd4d4bd92

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 21:31:34 GMT
x-rq: sin2 115 147 443
last-modified: Thu, 26 Oct 2023 09:09:29 GMT
server: nginx
etag: "b6fa4ca12f5b644c"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 26342

Redirect headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:34 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/GettyImages-613147888.jpg?w=570&h=380&crop=1
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

Hegstrom-resized.jpg
kffhealthnews.org/wp-content/uploads/sites/2/2023/10/
Redirect Chain

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/10/Hegstrom-resized.jpg?w=270&h=180&crop=1
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/Hegstrom-resized.jpg?w=270&h=180&crop=1

7 KB
7 KB

115ms
115ms

Image
image/webp

192.0.66.210
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/Hegstrom-resized.jpg?w=270&h=180&crop=1
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: H2
Server: 192.0.66.210 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: cc24acea57a0ac09feba8117b2a6d28d16eea056440420387d42b14a82677182

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 21:31:35 GMT
x-rq: sin2 115 120 443
last-modified: Thu, 26 Oct 2023 09:04:57 GMT
server: nginx
etag: "18e91ec1e4be6d73"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 7450

Redirect headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:35 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/Hegstrom-resized.jpg?w=270&h=180&crop=1
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

Porter-resized.jpg
kffhealthnews.org/wp-content/uploads/sites/2/2023/10/
Redirect Chain

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/10/Porter-resized.jpg?w=270&h=180&crop=1
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/Porter-resized.jpg?w=270&h=180&crop=1

14 KB
15 KB

95ms
95ms

Image
image/webp

192.0.66.210
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/Porter-resized.jpg?w=270&h=180&crop=1
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: H2
Server: 192.0.66.210 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 6ffb34c35f7ac60d1b832f6c43a818f3f230c5889e3afa5e0714ba606b97054d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 21:31:35 GMT
x-rq: sin2 115 120 443
last-modified: Wed, 25 Oct 2023 09:03:44 GMT
server: nginx
etag: "e3d02bbf47cf4383"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 14730

Redirect headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:35 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/Porter-resized.jpg?w=270&h=180&crop=1
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

GettyImages-1461443672-resized.jpg
kffhealthnews.org/wp-content/uploads/sites/2/2023/10/
Redirect Chain

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/10/GettyImages-1461443672-resized.jpg?w=270&h=180&crop=1
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/GettyImages-1461443672-resized.jpg?w=270&h=180&crop=1

6 KB
6 KB

103ms
103ms

Image
image/webp

192.0.66.210
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/GettyImages-1461443672-resized.jpg?w=270&h=180&crop=1
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: H2
Server: 192.0.66.210 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0431e0ff2408302d2891e7f42de5e5d8192c174d26adf0f8a80403ceb874f308

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 21:31:35 GMT
x-rq: sin2 115 147 443
last-modified: Wed, 25 Oct 2023 09:03:44 GMT
server: nginx
etag: "1dba7fdf5ed219d3"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5824

Redirect headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:35 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/GettyImages-1461443672-resized.jpg?w=270&h=180&crop=1
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

Rosenquist_03-resized-2400.jpeg
kffhealthnews.org/wp-content/uploads/sites/2/2023/10/
Redirect Chain

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/10/Rosenquist_03-resized-2400.jpeg?w=270&h=180&crop=1
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/Rosenquist_03-resized-2400.jpeg?w=270&h=180&crop=1

16 KB
16 KB

94ms
94ms

Image
image/webp

192.0.66.210
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/Rosenquist_03-resized-2400.jpeg?w=270&h=180&crop=1
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: H2
Server: 192.0.66.210 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 6a82b0a785e9986785cebae24340cfa131672e6cf305beb29f4b17138d7d87b9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 21:31:35 GMT
x-rq: sin2 115 147 443
last-modified: Tue, 24 Oct 2023 15:52:01 GMT
server: nginx
etag: "e302089bc8104ab9"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 16560

Redirect headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:35 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/Rosenquist_03-resized-2400.jpeg?w=270&h=180&crop=1
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

Justina_Worrell.jpg
kffhealthnews.org/wp-content/uploads/sites/2/2023/09/
Redirect Chain

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/09/Justina_Worrell.jpg?w=570&h=380&crop=1
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/09/Justina_Worrell.jpg?w=570&h=380&crop=1

35 KB
36 KB

97ms
97ms

Image
image/webp

192.0.66.210
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/09/Justina_Worrell.jpg?w=570&h=380&crop=1
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: H2
Server: 192.0.66.210 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 77c94b258544d4b6c0ac6239d347a403006783050226aa242070c16cdf8cb881

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 21:31:35 GMT
x-rq: sin2 112 213 443
last-modified: Fri, 20 Oct 2023 13:51:30 GMT
server: nginx
etag: "e9f423c840f2f17a"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 36164

Redirect headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:35 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/09/Justina_Worrell.jpg?w=570&h=380&crop=1
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

Street-medicine24_3840x2560web.jpg
kffhealthnews.org/wp-content/uploads/sites/2/2023/10/
Redirect Chain

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/10/Street-medicine24_3840x2560web.jpg?w=840&h=430&crop=1
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/Street-medicine24_3840x2560web.jpg?w=840&h=430&crop=1

139 KB
139 KB

115ms
114ms

Image
image/webp

192.0.66.210
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/Street-medicine24_3840x2560web.jpg?w=840&h=430&crop=1
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: H2
Server: 192.0.66.210 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 565b84baccd51b23a2f1719137d8e4cc7fb1b5754472d425b4310fad91eb8742

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 21:31:35 GMT
x-rq: sin2 115 120 443
last-modified: Tue, 24 Oct 2023 00:39:52 GMT
server: nginx
etag: "2318d3b94b4223ce"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 142168

Redirect headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:35 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/Street-medicine24_3840x2560web.jpg?w=840&h=430&crop=1
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

Excited-Delirium04_web.jpg
kffhealthnews.org/wp-content/uploads/sites/2/2023/10/
Redirect Chain

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/10/Excited-Delirium04_web.jpg?w=570&h=300&crop=1
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/Excited-Delirium04_web.jpg?w=570&h=300&crop=1

44 KB
45 KB

138ms
138ms

Image
image/jpeg

192.0.66.210
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/Excited-Delirium04_web.jpg?w=570&h=300&crop=1
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: H2
Server: 192.0.66.210 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 8a730e7a0d42b7667711738ca812a7a1f99d970bc8d1e4a27fc91d3a3d4ebf27

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 21:31:35 GMT
x-rq: sin2 118 85 443
last-modified: Tue, 24 Oct 2023 00:39:52 GMT
server: nginx
etag: "7d1af716c16c8aa6"
vary: Accept
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 45336

Redirect headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:35 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/Excited-Delirium04_web.jpg?w=570&h=300&crop=1
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

sc_readmissionsFY2022-CA_250x300.png
kffhealthnews.org/wp-content/uploads/sites/2/2021/11/
Redirect Chain

http://www.telegramtoto.com/wp-content/uploads/sites/2/2021/11/sc_readmissionsFY2022-CA_250x300.png?w=250&h=300&crop=1
https://kffhealthnews.org/wp-content/uploads/sites/2/2021/11/sc_readmissionsFY2022-CA_250x300.png?w=250&h=300&crop=1

19 KB
19 KB

138ms
138ms

Image
image/webp

192.0.66.210
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kffhealthnews.org/wp-content/uploads/sites/2/2021/11/sc_readmissionsFY2022-CA_250x300.png?w=250&h=300&crop=1
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: H2
Server: 192.0.66.210 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 6fdcb3b79c2a02da57ede7bc3288b01f99684bff0b0d7a9793ede977cb30057f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 21:31:35 GMT
x-rq: sin2 115 120 443
last-modified: Fri, 20 Oct 2023 13:51:31 GMT
server: nginx
etag: "7fd1f9efbfe2d092"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 19586

Redirect headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:35 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://kffhealthnews.org/wp-content/uploads/sites/2/2021/11/sc_readmissionsFY2022-CA_250x300.png?w=250&h=300&crop=1
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

Vibrio-vulnificus-resized.jpg
kffhealthnews.org/wp-content/uploads/sites/2/2023/10/
Redirect Chain

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/10/Vibrio-vulnificus-resized.jpg?w=250&h=300&crop=1
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/Vibrio-vulnificus-resized.jpg?w=250&h=300&crop=1

4 KB
4 KB

140ms
139ms

Image
image/webp

192.0.66.210
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/Vibrio-vulnificus-resized.jpg?w=250&h=300&crop=1
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: H2
Server: 192.0.66.210 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: b338633d5effc9b60162e2c85859def3711c841f65be8199085b7cb3a327a626

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 21:31:35 GMT
x-rq: sin2 115 120 443
last-modified: Tue, 24 Oct 2023 00:39:52 GMT
server: nginx
etag: "86b2988a3a8734e0"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3678

Redirect headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:35 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/Vibrio-vulnificus-resized.jpg?w=250&h=300&crop=1
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

Bobbitt.jpg
kffhealthnews.org/wp-content/uploads/sites/2/2023/10/
Redirect Chain

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/10/Bobbitt.jpg?w=570&h=300&crop=1
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/Bobbitt.jpg?w=570&h=300&crop=1

15 KB
15 KB

99ms
99ms

Image
image/webp

192.0.66.210
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/Bobbitt.jpg?w=570&h=300&crop=1
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: H2
Server: 192.0.66.210 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: fba82461a382def021d9cb7167d6c175ba7d9c43eced2f56c38676ead5a35108

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 21:31:35 GMT
x-rq: sin2 115 120 443
last-modified: Tue, 24 Oct 2023 00:39:52 GMT
server: nginx
etag: "3acad0e779646325"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 15106

Redirect headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:35 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/Bobbitt.jpg?w=570&h=300&crop=1
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

Exactech03_3840x2560web.jpg
kffhealthnews.org/wp-content/uploads/sites/2/2023/10/
Redirect Chain

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/10/Exactech03_3840x2560web.jpg?w=570&h=300&crop=1
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/Exactech03_3840x2560web.jpg?w=570&h=300&crop=1

24 KB
24 KB

101ms
100ms

Image
image/webp

192.0.66.210
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/Exactech03_3840x2560web.jpg?w=570&h=300&crop=1
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: H2
Server: 192.0.66.210 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 2080747a81d8626bd33c276de5db76389db9075e6415aadd41f88fcf55a45010

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 21:31:35 GMT
x-rq: sin2 115 120 443
last-modified: Tue, 24 Oct 2023 00:39:53 GMT
server: nginx
etag: "96395ffb6735060d"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 24826

Redirect headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:35 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/Exactech03_3840x2560web.jpg?w=570&h=300&crop=1
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

GettyImages-560116077-resized.jpg
kffhealthnews.org/wp-content/uploads/sites/2/2023/10/
Redirect Chain

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/10/GettyImages-560116077-resized.jpg?w=250&h=300&crop=1
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/GettyImages-560116077-resized.jpg?w=250&h=300&crop=1

10 KB
10 KB

143ms
142ms

Image
image/webp

192.0.66.210
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/GettyImages-560116077-resized.jpg?w=250&h=300&crop=1
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: H2
Server: 192.0.66.210 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 223729c890d7096dd1891deb3f7c74f6fa8c0e2df44f65375b45cdb516279d02

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 21:31:35 GMT
x-rq: sin2 116 203 443
last-modified: Tue, 24 Oct 2023 00:39:53 GMT
server: nginx
etag: "e9f517ce938d4c20"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 10144

Redirect headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:35 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/GettyImages-560116077-resized.jpg?w=250&h=300&crop=1
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

sc_Kristie-Fields_250x300.jpg
kffhealthnews.org/wp-content/uploads/sites/2/2023/02/
Redirect Chain

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/02/sc_Kristie-Fields_250x300.jpg?w=250&h=300&crop=1
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/02/sc_Kristie-Fields_250x300.jpg?w=250&h=300&crop=1

19 KB
19 KB

126ms
126ms

Image
image/jpeg

192.0.66.210
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/02/sc_Kristie-Fields_250x300.jpg?w=250&h=300&crop=1
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: H2
Server: 192.0.66.210 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: d9bae99261b05cc91ca4c998ff073e49274fdca40d68e0d031d383fc71cd663c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 21:31:35 GMT
x-rq: sin2 116 203 443
last-modified: Fri, 20 Oct 2023 13:51:31 GMT
server: nginx
etag: "d5740350f0820931"
vary: Accept
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 19102

Redirect headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:35 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/02/sc_Kristie-Fields_250x300.jpg?w=250&h=300&crop=1
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

sc_BOTM-Sept2023_840x2560web.jpg
kffhealthnews.org/wp-content/uploads/sites/2/2023/02/
Redirect Chain

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/02/sc_BOTM-Sept2023_840x2560web.jpg?w=570&h=300&crop=1
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/02/sc_BOTM-Sept2023_840x2560web.jpg?w=570&h=300&crop=1

19 KB
19 KB

127ms
127ms

Image
image/webp

192.0.66.210
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/02/sc_BOTM-Sept2023_840x2560web.jpg?w=570&h=300&crop=1
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: H2
Server: 192.0.66.210 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 9a723aff3483baa9295d29465b79ebe10c4a55a669b18a8631838a63ba5a572f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 21:31:35 GMT
x-rq: sin2 118 52 443
last-modified: Fri, 20 Oct 2023 13:51:31 GMT
server: nginx
etag: "2aa03c763c6de213"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 19380

Redirect headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:35 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/02/sc_BOTM-Sept2023_840x2560web.jpg?w=570&h=300&crop=1
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

CartoonStock_587153_CS182002.jpg
kffhealthnews.org/wp-content/uploads/sites/2/2023/10/
Redirect Chain

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/10/CartoonStock_587153_CS182002.jpg
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/CartoonStock_587153_CS182002.jpg

271 KB
272 KB

96ms
96ms

Image
image/webp

192.0.66.210
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/CartoonStock_587153_CS182002.jpg
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: H2
Server: 192.0.66.210 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0bf4765178827dac393fec97dd0bce7011ac7e31308ffbd666690cc3ced9adbf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 21:31:35 GMT
x-rq: sin2 113 87 443
last-modified: Thu, 26 Oct 2023 09:09:30 GMT
server: nginx
etag: "10cb944a7269fc83"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 277924

Redirect headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:35 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/10/CartoonStock_587153_CS182002.jpg
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

judygraham_100x100.jpg
kffhealthnews.org/wp-content/uploads/sites/2/2016/08/
Redirect Chain

http://www.telegramtoto.com/wp-content/uploads/sites/2/2016/08/judygraham_100x100.jpg?w=100&h=100&crop=1
https://kffhealthnews.org/wp-content/uploads/sites/2/2016/08/judygraham_100x100.jpg?w=100&h=100&crop=1

2 KB
2 KB

125ms
125ms

Image
image/webp

192.0.66.210
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kffhealthnews.org/wp-content/uploads/sites/2/2016/08/judygraham_100x100.jpg?w=100&h=100&crop=1
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: H2
Server: 192.0.66.210 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f4fbbe001cca3eb9d5c4b82f43fc5da92dea743a74af8e5831bba0292126c127

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 21:31:35 GMT
x-rq: sin2 113 149 443
last-modified: Fri, 20 Oct 2023 13:51:31 GMT
server: nginx
etag: "8593e74ee5a7ef80"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2226

Redirect headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:35 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://kffhealthnews.org/wp-content/uploads/sites/2/2016/08/judygraham_100x100.jpg?w=100&h=100&crop=1
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

Asking-Never-Hurts2022-1.jpg
kffhealthnews.org/wp-content/uploads/sites/2/2022/12/
Redirect Chain

http://www.telegramtoto.com/wp-content/uploads/sites/2/2022/12/Asking-Never-Hurts2022-1.jpg?resize=100,100
https://kffhealthnews.org/wp-content/uploads/sites/2/2022/12/Asking-Never-Hurts2022-1.jpg?resize=100,100

2 KB
2 KB

134ms
134ms

Image
image/webp

192.0.66.210
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kffhealthnews.org/wp-content/uploads/sites/2/2022/12/Asking-Never-Hurts2022-1.jpg?resize=100,100
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: H2
Server: 192.0.66.210 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ad908b94154a1a89005bdfe9a580231667a99c7b31822fb9ffe9938d5aaaa8fa

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 21:31:35 GMT
x-rq: sin2 115 147 443
last-modified: Fri, 20 Oct 2023 15:01:33 GMT
server: nginx
etag: "db5a7913ae828b34"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2252

Redirect headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:35 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://kffhealthnews.org/wp-content/uploads/sites/2/2022/12/Asking-Never-Hurts2022-1.jpg?resize=100,100
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

HealthBent-2022-1.jpg
kffhealthnews.org/wp-content/uploads/sites/2/2022/12/
Redirect Chain

http://www.telegramtoto.com/wp-content/uploads/sites/2/2022/12/HealthBent-2022-1.jpg?resize=100,100
https://kffhealthnews.org/wp-content/uploads/sites/2/2022/12/HealthBent-2022-1.jpg?resize=100,100

2 KB
2 KB

129ms
128ms

Image
image/webp

192.0.66.210
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kffhealthnews.org/wp-content/uploads/sites/2/2022/12/HealthBent-2022-1.jpg?resize=100,100
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: H2
Server: 192.0.66.210 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: bf4578da3953a1a036032e10bbe23f7ca7917b7e4e4a66c21ed3b23f4b81ecc1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 21:31:35 GMT
x-rq: sin2 115 147 443
last-modified: Fri, 20 Oct 2023 15:02:18 GMT
server: nginx
etag: "68d31a13f0d98ae2"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1918

Redirect headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:35 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://kffhealthnews.org/wp-content/uploads/sites/2/2022/12/HealthBent-2022-1.jpg?resize=100,100
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK wp-polyfill-inert.min.js Show response
www.telegramtoto.com/wp-includes/js/dist/vendor/ 9 KB
3 KB 165ms
156ms Script
text/javascript 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: 9d523c7a2e486701b9b8ca31c66d6748feb42466aceb730b089fff598a4b3772

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:34 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK regenerator-runtime.min.js Show response
www.telegramtoto.com/wp-includes/js/dist/vendor/ 7 KB
3 KB 156ms
148ms Script
text/javascript 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: 698ef839823efe128ae81afaaf84c89c34ea6a51e811fba9bd97d2d0cbcc5189

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:34 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK wp-polyfill.min.js Show response
www.telegramtoto.com/wp-includes/js/dist/vendor/ 18 KB
7 KB 145ms
145ms Script
text/javascript 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: b22ea3f50fdf80497bd39c88f2ec0df8814ae8d9daefd03a0b1205429785feba

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:34 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK hooks.min.js Show response
www.telegramtoto.com/wp-includes/js/dist/ 5 KB
2 KB 143ms
142ms Script
text/javascript 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: 10544f08485a40d33ca08cd5c9f29d6f89c601ea3e91b83a2ff75215a852cee4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:34 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK i18n.min.js Show response
www.telegramtoto.com/wp-includes/js/dist/ 10 KB
4 KB 139ms
139ms Script
text/javascript 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: b31dbf5f6a87624b04177ccc61ecc976e21cbf2dd74841bbe3c496437809e92e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:34 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK index.js Show response
www.telegramtoto.com/wp-content/plugins/kaiser-health-news-common/build/example-entry/ 2 B
443 B 180ms
180ms Script
text/javascript 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-content/plugins/kaiser-health-news-common/build/example-entry/index.js?ver=31d6cfe0d16ae931b73c
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: 6c179f21e6f62b629055d8ab40f454ed02e48b68563913473b857d3638e23b28

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:34 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK form.js Show response
www.telegramtoto.com/wp-content/plugins/kaiser-hubspot/assets/js/ 8 KB
3 KB 139ms
139ms Script
text/javascript 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-content/plugins/kaiser-hubspot/assets/js/form.js?ver=1.0.0
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: 5be5b91d6a04e4896f9c957f3f839e98b6fe73a4a430da1b34d952d7233086d8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:34 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK core.min.js Show response
www.telegramtoto.com/wp-includes/js/jquery/ui/ 22 KB
8 KB 146ms
146ms Script
text/javascript 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ac93af9248b020cb22e35000f4851493fbee3a84ef5328dc0a701ca467b71f8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:34 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK effect.min.js Show response
www.telegramtoto.com/wp-includes/js/jquery/ui/ 18 KB
7 KB 145ms
144ms Script
text/javascript 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.2
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: ad4e1a167d8e9f95d237b1f12dfb0a64add386a91e9f98f749eee9939ca2e419

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:34 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK menu.min.js Show response
www.telegramtoto.com/wp-includes/js/jquery/ui/ 11 KB
4 KB 159ms
159ms Script
text/javascript 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-includes/js/jquery/ui/menu.min.js?ver=1.13.2
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: fa04523aed1b774f995a4fc429facfba2871871e7ab50193bbb59ca9030f29a3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:34 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK dom-ready.min.js Show response
www.telegramtoto.com/wp-includes/js/dist/ 560 B
788 B 145ms
145ms Script
text/javascript 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: 5cbe7bbe7d61b58d37a0b666b3fd17b7ab53eb0047bae5837db07036647ea40c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:34 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK a11y.min.js Show response
www.telegramtoto.com/wp-includes/js/dist/ 3 KB
1 KB 163ms
163ms Script
text/javascript 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-includes/js/dist/a11y.min.js?ver=7032343a947cfccf5608
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: c7ef3b7ed31a2b56e7a678b412e0a7920a322faebd5a2bad1c233ef32a01ac49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:35 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK autocomplete.min.js Show response
www.telegramtoto.com/wp-includes/js/jquery/ui/ 9 KB
4 KB 142ms
142ms Script
text/javascript 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.2
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: f5e3196b15bafe0b2b427099e25264fa0a00e09e5104ac71ef4f34f8dfc4765b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:35 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 833ms
232ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?192d87d949c939be9b3f426ac3211ab0

Requested by

Host: 154.92.239.226
URL: http://154.92.239.226/aronn226.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

b50f1beac4e0b89f00f7e069b1a1a285b26a1a0794a5feebe8a80343cebd35f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 26 Oct 2023 21:31:34 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 8d6b3bc46158e23c5c9b9f82e012f830
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11261

GET
H2 200 / Show response
xn--becrfy2b5bzfbd.xn--gecrj9c/ Frame 925A 28 KB
11 KB 1717ms
469ms Document
text/html 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c:9999/?seoseo

Requested by

Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

90c0e1f107fb41c9ea8e94d7caad336bf5c9cc6a3c1e4008e1cb8e68cf2768e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

Referer: http://www.telegramtoto.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: gzip
content-length: 11415
content-type: text/html
date: Thu, 26 Oct 2023 21:24:26 GMT
etag: W/"653a5912-7053"
last-modified: Thu, 26 Oct 2023 12:18:26 GMT
server: nginx
strict-transport-security: max-age=25920000
vary: Accept-Encoding
x-cache: HIT from 74K

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ 32 KB
33 KB 680ms
108ms Font
font/woff2 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C400i%2C700%2C700i%7CSource+Sans+Pro%3A300%2C400%2C400i%2C600%2C700%2C&ver=99f9545d77419e4010c6998e5ee884bd3d9e7cc9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.telegramtoto.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 02:49:49 GMT
x-content-type-options: nosniff
age: 326505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33116
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:52:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Oct 2024 02:49:49 GMT

GET
H2 200 8eccff3d8ab2c86edcd7f06a052458cd Show response
embeds.kff.org/protected-iframe/ Frame A3D4 1 KB
882 B 551ms
97ms Document
text/html 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.kff.org/protected-iframe/8eccff3d8ab2c86edcd7f06a052458cd
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 6c9b5f6dec3be3973ad154d84622f45be5b086723f88d5015f388031daefb8c1

Request headers

Referer: http://www.telegramtoto.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 20862
cache-control: max-age=300, must-revalidate
content-encoding: gzip
content-length: 684
content-type: text/html; charset=utf-8
date: Thu, 26 Oct 2023 21:31:34 GMT
server: nginx
vary: Accept-Encoding
x-cache: grace
x-rq: sin1 123 243 443

GET
H/1.1 200
OK icon-chevron.svg
www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/images/ 1 KB
1 KB 194ms
151ms Image
text/html 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/images/icon-chevron.svg
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/css/khn.css?ver=99f9545d77419e4010c6998e5ee884bd3d9e7cc9
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/css/khn.css?ver=99f9545d77419e4010c6998e5ee884bd3d9e7cc9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:34 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=gbk
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK icon-search.svg
www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/images/ 1 KB
1 KB 175ms
152ms Image
text/html 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/images/icon-search.svg
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/css/khn.css?ver=99f9545d77419e4010c6998e5ee884bd3d9e7cc9
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/css/khn.css?ver=99f9545d77419e4010c6998e5ee884bd3d9e7cc9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:34 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=gbk
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 700ms
151ms Font
font/woff2 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.telegramtoto.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 03:34:33 GMT
x-content-type-options: nosniff
age: 237421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Oct 2024 03:34:33 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/fonts/ 76 KB
76 KB 222ms
167ms Font
text/html 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/css/font-awesome.min.css?ver=99f9545d77419e4010c6998e5ee884bd3d9e7cc9
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: 749db22e67a4d9709235538d077ab4629a0fb15409b9ef6ba44bb4c9a67dd9f5

Request headers

Referer: http://www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/css/font-awesome.min.css?ver=99f9545d77419e4010c6998e5ee884bd3d9e7cc9
Origin: http://www.telegramtoto.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:34 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=gbk
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 743ms
195ms Font
font/woff2 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.telegramtoto.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 23:12:40 GMT
x-content-type-options: nosniff
age: 253134
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Oct 2024 23:12:40 GMT

GET
H2 200 EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v18/ 29 KB
29 KB 728ms
181ms Font
font/woff2 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.telegramtoto.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 06:39:30 GMT
x-content-type-options: nosniff
age: 139924
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29588
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:28:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Oct 2024 06:39:30 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 714ms
168ms Font
font/woff2 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.telegramtoto.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 22:14:41 GMT
x-content-type-options: nosniff
age: 256613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Oct 2024 22:14:41 GMT

GET
H2

200

2023_contact-general.png
kffhealthnews.org/wp-content/uploads/sites/2/2023/04/
Redirect Chain

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/04/2023_contact-general.png
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/04/2023_contact-general.png

2 KB
2 KB

99ms
98ms

Image
image/webp

192.0.66.210
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/04/2023_contact-general.png
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: H2
Server: 192.0.66.210 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c798ebb4c94b11bf4ff1b33687f2e166f1d453a07858e289582782ec98746717

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 21:31:36 GMT
x-rq: sin2 115 120 443
last-modified: Fri, 20 Oct 2023 15:02:18 GMT
server: nginx
etag: "51f93ee332de6fd1"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2298

Redirect headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:35 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/04/2023_contact-general.png
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

2023_contact-tip.png
kffhealthnews.org/wp-content/uploads/sites/2/2023/04/
Redirect Chain

http://www.telegramtoto.com/wp-content/uploads/sites/2/2023/04/2023_contact-tip.png
https://kffhealthnews.org/wp-content/uploads/sites/2/2023/04/2023_contact-tip.png

2 KB
3 KB

99ms
98ms

Image
image/webp

192.0.66.210
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/04/2023_contact-tip.png
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: H2
Server: 192.0.66.210 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 810453ec31ab168edf81700cbf5571f3e9dbfb20e36afc128abca1a0490c8156

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 21:31:36 GMT
x-rq: sin2 116 203 443
last-modified: Fri, 20 Oct 2023 15:02:18 GMT
server: nginx
etag: "004177e096cd4f52"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2378

Redirect headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:35 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://kffhealthnews.org/wp-content/uploads/sites/2/2023/04/2023_contact-tip.png
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff
www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/fonts/ 96 KB
97 KB 159ms
158ms Font
text/html 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/fonts/fontawesome-webfont.woff?v=4.7.0
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/css/font-awesome.min.css?ver=99f9545d77419e4010c6998e5ee884bd3d9e7cc9
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: d33c152dd3dfa030d8f8176bdac86c138bb53e09227ea555409fd3c7aebbc96c

Request headers

Referer: http://www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/css/font-awesome.min.css?ver=99f9545d77419e4010c6998e5ee884bd3d9e7cc9
Origin: http://www.telegramtoto.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:34 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=gbk
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 653171c36a17f80012473bdb Show response
embed.acast.com/6155f849336c5f0012e51b95/ Frame 10E0 5 KB
3 KB 1226ms
546ms Document
text/html 3.160.188.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.acast.com/6155f849336c5f0012e51b95/653171c36a17f80012473bdb
Requested by: Host: embeds.kff.org
URL: https://embeds.kff.org/protected-iframe/8eccff3d8ab2c86edcd7f06a052458cd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.188.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-188-96.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c48a8ad8cc2c2452ea1a735efd9147263b4be992c1c03fc73f26186eebb36505

Request headers

Referer: https://embeds.kff.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: public, max-age=0, s-maxage=0
content-encoding: gzip
content-type: text/html
date: Thu, 26 Oct 2023 21:31:36 GMT
etag: W/"d01c4bb0da4c612a093d342b8b634079"
last-modified: Wed, 02 Aug 2023 13:45:33 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 3a44dad7e9e127d6bbe2dd7957b682d8.cloudfront.net (CloudFront)
x-amz-cf-id: 1EJbALPlncUhMeRkpmv6x7BO4YcAvKZzm7HGBY0lIB7J7uzDO6DnMQ==
x-amz-cf-pop: MRS52-P5
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront

GET
H/1.1 200
OK fontawesome-webfont.ttf
www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/fonts/ 162 KB
101 KB 191ms
191ms Font
text/html 154.92.239.252
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/fonts/fontawesome-webfont.ttf?v=4.7.0
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/css/font-awesome.min.css?ver=99f9545d77419e4010c6998e5ee884bd3d9e7cc9
Protocol: HTTP/1.1
Server: 154.92.239.252 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: a1071b34d35c76149348f1b6ca15284424c3f0ce5584307ea194af0ffbc04281

Request headers

Referer: http://www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/css/font-awesome.min.css?ver=99f9545d77419e4010c6998e5ee884bd3d9e7cc9
Origin: http://www.telegramtoto.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:34 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=gbk
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 261ms
261ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=740730570&si=192d87d949c939be9b3f426ac3211ab0&v=1.3.0&lv=1&sn=16370&r=0&ww=1600&u=http%3A%2F%2Fwww.telegramtoto.com%2F&tt=%E6%BE%B3%E9%97%A8%E5%85%AD%E5%90%88%E5%BC%80%E5%A5%96%E7%BB%93%E6%9E%9C-%E6%BE%B3%E9%97%A8%E5%85%AD%E5%90%88%E5%BD%A9%E8%B5%B0%E5%8A%BF%E5%9B%BE-%E6%BE%B3%E9%97%A8%E5%85%AD%E5%90%88%E5%BD%A9%E5%BC%80%E5%A5%96%E7%BB%93%E6%9E%9C%E8%B5%B0%E5%8A%BF%E5%9B%BE

Requested by

Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.telegramtoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 21:31:35 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 200 style.css
xn--becrfy2b5bzfbd.xn--gecrj9c/css/ Frame 925A 30 KB
8 KB 453ms
453ms Stylesheet
text/css 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c:9999/css/style.css

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c:9999/?seoseo

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

72d78e19fd23ca10bf2c1143eceddccb6eec634472c7a95e6126310ffa8de723

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c:9999/?seoseo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:05 GMT
content-encoding: gzip
last-modified: Fri, 04 Aug 2023 08:06:17 GMT
server: nginx
etag: W/"64ccb179-76a0"
vary: Accept-Encoding
x-cache: HIT from 74K
content-type: text/css
cache-control: max-age=43200
content-length: 7785
expires: Fri, 27 Oct 2023 09:30:05 GMT

GET
H2 200 dh.js Show response
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/ Frame 925A 14 KB
8 KB 469ms
469ms Script
application/javascript 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c:9999/dh/dh.js?time=444

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c:9999/?seoseo

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

320cdb9e509d42926738457c462478c93404defaa504e661d02b999653a72337

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c:9999/?seoseo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:05 GMT
content-encoding: gzip
last-modified: Fri, 04 Aug 2023 08:06:14 GMT
server: nginx
etag: W/"64ccb176-3765"
vary: Accept-Encoding
x-cache: HIT from 74K
content-type: application/javascript
cache-control: max-age=43200
content-length: 7937
expires: Fri, 27 Oct 2023 09:30:05 GMT

GET
H2 200 z.js Show response
v1.cnzz.com/ Frame 925A 11 KB
5 KB 1083ms
152ms Script
application/javascript 122.225.212.183
CT-HANGZHOU-IDC N...

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.cnzz.com/z.js?id=1281297434
Requested by: Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c:9999/?seoseo
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.225.212.183 , China, ASN58461 (CT-HANGZHOU-IDC No.288,Fu-chun Road, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 0ed5c21f843af53736f7e16ffd2c7cea7fdc316664adfd304064bb6747bb5581

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c:9999/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 21:28:59 GMT
via: cache49.l2cn1836[0,0,304-0,H], cache43.l2cn1836[0,0], cache121.cn3960[0,0,200-0,H], cache102.cn3960[1,0]
content-encoding: gzip
age: 156
x-swift-cachetime: 300
x-cache: HIT TCP_MEM_HIT dirn:0:1331584976
x-swift-savetime: Thu, 26 Oct 2023 21:29:00 GMT
content-length: 4780
server: Tengine
etag: W/"2177651142155176108"
vary: accept-encoding
ali-swift-global-savetime: 1698355740
content-type: application/javascript
cache-control: public, max-age=300
timing-allow-origin: *
eagleid: 7ae1d17a16983558968563726e

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 925A 273 KB
91 KB 736ms
110ms Script
application/javascript 74.125.68.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L0Y4ZFSB0F

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c:9999/?seoseo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e744319defab14a5c566e2e097d29094fc981bbf793986c21720f37e898a6f78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c:9999/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 21:31:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92455
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 26 Oct 2023 21:31:36 GMT

GET
H2 200 fonts.css
cdn.acast.com/fonts/ Frame 10E0 14 KB
1 KB 1281ms
288ms Stylesheet
text/css 54.192.111.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acast.com/fonts/fonts.css
Requested by: Host: embed.acast.com
URL: https://embed.acast.com/6155f849336c5f0012e51b95/653171c36a17f80012473bdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.111.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-111-122.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df8a872a6d0a6879c819e6278e4c68c32e4fb4013a5c738993bf89cd7c6bb4e8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://embed.acast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 07:43:14 GMT
content-encoding: gzip
via: 1.1 7c67d002cb723179087e7a16d8fc7bae.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Fri, 30 Jul 2021 14:13:57 GMT
server: AmazonS3
x-amz-cf-pop: MRS52-P2
age: 3764903
etag: W/"6998eb780acb967553206e36813e0bd6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: WpCIQWvEW0t5MJ_16GEMBjW7HSIm82ai96tWzapgHq3HqXq4K_MmmQ==

GET
H2 200 124.82df14bd.js Show response
embed.acast.com/ Frame 10E0 608 KB
165 KB 249ms
249ms Script
application/javascript 3.160.188.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.acast.com/124.82df14bd.js
Requested by: Host: embed.acast.com
URL: https://embed.acast.com/6155f849336c5f0012e51b95/653171c36a17f80012473bdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.188.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-188-96.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 67d46cfc1c7ca06c8c648251a067696258545ca597e6235c2dd7caf880756ce7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://embed.acast.com/6155f849336c5f0012e51b95/653171c36a17f80012473bdb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 10:59:22 GMT
content-encoding: gzip
via: 1.1 3a44dad7e9e127d6bbe2dd7957b682d8.cloudfront.net (CloudFront)
last-modified: Wed, 02 Aug 2023 13:45:35 GMT
server: AmazonS3
x-amz-cf-pop: MRS52-P5
age: 3839534
etag: W/"ff35fa6127280f5b91f1d099b6269fac"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: 99gi9L2VRy4mGPI6_ulXBDnY4vEhRb1AEqodyDeSpj-J-airoIcmbg==

GET
H2 200 main.a7f00742.js Show response
embed.acast.com/ Frame 10E0 148 KB
40 KB 237ms
237ms Script
application/javascript 3.160.188.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.acast.com/main.a7f00742.js
Requested by: Host: embed.acast.com
URL: https://embed.acast.com/6155f849336c5f0012e51b95/653171c36a17f80012473bdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.188.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-188-96.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 22a4bd890f9baee6bad75bffc745612ed5a5d37a329c1249b93cf60d086d4e6b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://embed.acast.com/6155f849336c5f0012e51b95/653171c36a17f80012473bdb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 10:59:29 GMT
content-encoding: gzip
via: 1.1 3a44dad7e9e127d6bbe2dd7957b682d8.cloudfront.net (CloudFront)
last-modified: Wed, 02 Aug 2023 13:45:39 GMT
server: AmazonS3
x-amz-cf-pop: MRS52-P5
age: 3839528
etag: W/"67acfc37c7383ba7c0c24b375b5d7efd"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: qxn7P5ggwZpIxNgFSLNEC7hFInR0swBIaf_S5KQObqjzKdyieGq4Cg==

GET
H2

200

/ Show response
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/ Frame A819
Redirect Chain

https://xn--becrfy2b5bzfbd.xn--gecrj9c:9999/dh
https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

10 KB
2 KB

1428ms
319ms

Document
text/html

45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c:9999/dh/dh.js?time=444

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

554010cb22dee9c2dffeb74c474a077ba51aab59a8f3b815dd378017f6c4e906

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c:9999/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: gzip
content-length: 1895
content-type: text/html
date: Thu, 26 Oct 2023 21:30:09 GMT
etag: W/"650fdc29-29be"
last-modified: Sun, 24 Sep 2023 06:50:17 GMT
server: nginx
strict-transport-security: max-age=25920000
vary: Accept-Encoding
x-cache: HIT from 74K

Redirect headers

content-length: 162
content-type: text/html
date: Thu, 26 Oct 2023 21:31:36 GMT
location: http://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
server: nginx
strict-transport-security: max-age=25920000
x-cache: MISS from 74K

GET
H2 404 search.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/images/ Frame 925A 548 B
548 B 497ms
496ms Image
text/html 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c:9999/images/search.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c:9999/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c:9999/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
content-encoding: br
date: Thu, 26 Oct 2023 21:31:36 GMT
server: nginx
x-cache: MISS from 74K
content-type: text/html

GET
H2 200 gbb.png
www-4935.com/appdons/ Frame 925A 496 B
829 B 1724ms
434ms Image
image/png 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-4935.com/appdons/gbb.png

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c:9999/?seoseo

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

f96ce3f2a157f3f4a3ed55f86e3d6f0564483d923819b61e2038a2256a9dded7

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c:9999/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:23:59 GMT
last-modified: Fri, 25 Aug 2023 15:48:53 GMT
server: Microsoft-IIS/8.5
etag: "9fc03aa66bd7d91:0"
x-powered-by: ASP.NET
x-cache: HIT from 74K
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 496

POST
H2 200 stat.htm
z6.cnzz.com/ Frame 925A 2 B
123 B 994ms
177ms Ping
text/html 223.109.148.174
CHINAMOBILE-CN Ch...

General

Check archive.org

Show headers Download Go to

Full URL: https://z6.cnzz.com/stat.htm?id=1281297434&r=http%3A%2F%2Fwww.telegramtoto.com%2F&lg=en-us&ntime=none&cnzz_eid=none&showp=1600x1200&p=https%3A%2F%2Fxn--becrfy2b5bzfbd.xn--gecrj9c%3A9999%2F%3Fseoseo&t=%E3%80%90%EF%BC%94%EF%BC%99%E3%80%91%E5%AF%BC%E8%88%AA%E7%BD%91%EF%BC%81&umuuid=18b6de6627d318-0ced1998ad56a6-683a5c5a-1d4c00-18b6de6627e6ca&h=1
Requested by: Host: v1.cnzz.com
URL: https://v1.cnzz.com/z.js?id=1281297434
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 223.109.148.174 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software: Tengine /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c:9999/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 21:31:37 GMT
content-encoding: gzip
server: Tengine
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 c.js Show response
c.cnzz.com/ Frame 925A 880 B
856 B 241ms
240ms Script
application/javascript 122.225.212.183
CT-HANGZHOU-IDC N...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.cnzz.com/c.js?web_id=1281297434&t=z
Requested by: Host: v1.cnzz.com
URL: https://v1.cnzz.com/z.js?id=1281297434
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.225.212.183 , China, ASN58461 (CT-HANGZHOU-IDC No.288,Fu-chun Road, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 130ab895e1d3ada89c3043b663fc1f4408e6acb1f49c97209532158fb96ae350

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c:9999/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 21:30:33 GMT
via: cache49.l2cn1836[0,0,304-0,H], cache58.l2cn1836[0,0], cache84.cn3960[0,0,200-0,H], cache102.cn3960[1,0]
content-encoding: gzip
age: 64
x-swift-cachetime: 319
x-cache: HIT TCP_MEM_HIT dirn:0:1410285645
x-swift-savetime: Thu, 26 Oct 2023 21:30:35 GMT
content-length: 573
server: Tengine
etag: W/"17176811633908806072"
vary: accept-encoding
ali-swift-global-savetime: 1698355833
content-type: application/javascript
cache-control: public, max-age=321
timing-allow-origin: *
eagleid: 7ae1d17a16983558971184204e

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 10E0 122 KB
47 KB 108ms
107ms Script
application/javascript 74.125.68.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TT4BJ34

Requested by

Host: embed.acast.com
URL: https://embed.acast.com/6155f849336c5f0012e51b95/653171c36a17f80012473bdb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

fdaa1c743202d0cde9a6d08632fe583db448ae8d9d991a42ac9cf91c5bc1254b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://embed.acast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 21:31:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47796
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 26 Oct 2023 21:31:37 GMT

OPTIONS
H2 204 653171c36a17f80012473bdb
feeder.acast.com/api/v1/shows/6155f849336c5f0012e51b95/episodes/ Frame 0
0 961ms
287ms Preflight 18.161.97.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://feeder.acast.com/api/v1/shows/6155f849336c5f0012e51b95/episodes/653171c36a17f80012473bdb?showInfo=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.161.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-161-97-18.mrs52.r.cloudfront.net
Software: nginx/1.23.4 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://embed.acast.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Authorization,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Punch-Cache
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
date: Thu, 26 Oct 2023 21:31:38 GMT
server: nginx/1.23.4
via: 1.1 c1dea0aa72b287ac912450e6d64e135e.cloudfront.net (CloudFront)
x-amz-cf-id: PlrI6UP0YpAmvGb9Wu4UzoS_EcfpKOHSyOlF29jxx7Rg-h0gWizMtA==
x-amz-cf-pop: MRS52-P3
x-cache: Miss from cloudfront

GET
H2 200 653171c36a17f80012473bdb Show response
feeder.acast.com/api/v1/shows/6155f849336c5f0012e51b95/episodes/ Frame 10E0 12 KB
13 KB 650ms
650ms XHR
application/json 18.161.97.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://feeder.acast.com/api/v1/shows/6155f849336c5f0012e51b95/episodes/653171c36a17f80012473bdb?showInfo=true
Requested by: Host: embed.acast.com
URL: https://embed.acast.com/124.82df14bd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.161.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-161-97-18.mrs52.r.cloudfront.net
Software: nginx/1.23.4 /
Resource Hash: 7cc47a930ba5f5fb594431c37c355ac035089a8132c08ff5a14db7324413f499

Request headers

Referer: https://embed.acast.com/
X-Requested-With: XMLHttpRequest
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 21:31:38 GMT
via: 1.1 c1dea0aa72b287ac912450e6d64e135e.cloudfront.net (CloudFront)
x-feeder-cache: HIT Thu, 26 Oct 2023 18:35:45 GMT
x-amz-cf-pop: MRS52-P3
x-cache: RefreshHit from cloudfront
content-length: 12533
x-request-id: e2vY2UGaprA8l8uTS_ClmGRY2Uw3ZA3hrY2NbmN9BKBVO8meYql1fw==
server: nginx/1.23.4
etag: "f69d56db64e05c3505b71bdb26b14734/e4e3e5a434fe90023de1f64addeea984"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=120
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YGTy1d3fLoJoVTyxuCbWKj8un4Inw8RKGLLfBZM7FTAjIrI5gkZeBw==

GET
H2 200 style.css
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/images/ Frame A819 28 KB
7 KB 430ms
429ms Stylesheet
text/css 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/images/style.css

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

dd8058151c75aa3c52c48f46a1a75e64e6039c95aaf692ecbec587a529f8f026

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:09 GMT
content-encoding: gzip
last-modified: Mon, 04 Sep 2023 05:54:32 GMT
server: nginx
etag: W/"64f57118-6e13"
vary: Accept-Encoding
x-cache: HIT from 74K
content-type: text/css
cache-control: max-age=43200
content-length: 6898
expires: Fri, 27 Oct 2023 09:30:09 GMT

GET
H2 404 sty1e.css
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/images/ Frame A819 0
0 726ms
726ms Stylesheet
text/html 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/images/sty1e.css

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
content-encoding: br
date: Thu, 26 Oct 2023 21:31:38 GMT
server: nginx
x-cache: MISS from 74K
content-type: text/html

GET
H2 200 jquery-1.11.2.min.js Show response
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/ Frame A819 94 KB
37 KB 428ms
428ms Script
application/javascript 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/jquery-1.11.2.min.js

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

d4ec583c7604001f87233d1fe0076cbd909f15a5f8c6b4c3f5dd81b462d79d32

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:09 GMT
content-encoding: gzip
last-modified: Fri, 04 Aug 2023 08:06:16 GMT
server: nginx
etag: W/"64ccb178-176de"
vary: Accept-Encoding
x-cache: HIT from 74K
content-type: application/javascript
cache-control: max-age=43200
content-length: 37499
expires: Fri, 27 Oct 2023 09:30:09 GMT

GET
DATA 200
OK truncated
/ Frame 10E0 138 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8142ec603e4c9b88e1e5567932091d8b52f36d0250e9085ad118c3a413a28fa6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 https%3A%2F%2Fassets.pippa.io%2Fshows%2F6155f849336c5f0012e51b95%2F1681229426526-679ec1c4b67797a7036e04233b263a2a.jpeg
thumborcdn.acast.com/FplESENQENVezZDR_3e5IjdDfiI=/150x150/ Frame 10E0 7 KB
7 KB 886ms
257ms Image
image/jpeg 54.192.111.68

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumborcdn.acast.com/FplESENQENVezZDR_3e5IjdDfiI=/150x150/https%3A%2F%2Fassets.pippa.io%2Fshows%2F6155f849336c5f0012e51b95%2F1681229426526-679ec1c4b67797a7036e04233b263a2a.jpeg
Requested by: Host: www.telegramtoto.com
URL: http://www.telegramtoto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.111.68 -, , ASN (),
Reverse DNS
Software: Thumbor/6.7.5 /
Resource Hash: 92ee3c27255a2dec1fc545cd546a09f0c5332cf27343133f9893aca6808e1092

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://embed.acast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 08:50:10 GMT
via: 1.1 e0bdf334d52930321c517cf8d37af32e.cloudfront.net (CloudFront)
server: Thumbor/6.7.5
x-amz-cf-pop: MRS52-P2
age: 564089
etag: "d08cd3f3a1d1b24adcca8dc54ad483f7426f26cd"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31556926,public
content-length: 6718
x-amz-cf-id: 4_W77QyPrH5NQn_9l0L98Zwo6xOM-Hyeaky0i5P7LCrj3AKHg_yb1Q==
expires: Sat, 19 Oct 2024 14:38:56 GMT

GET
H2 404 bg.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/images/ Frame A819 548 B
548 B 1066ms
1066ms Image
text/html 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/images/bg.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/images/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/images/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
content-encoding: br
date: Thu, 26 Oct 2023 21:31:39 GMT
server: nginx
x-cache: MISS from 74K
content-type: text/html

GET
H2 200 dh1.gif
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/images/ Frame A819 29 KB
29 KB 388ms
381ms Image
image/gif 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/images/dh1.gif

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

1c7d8fad3d9b303f610f49f666dbc4489d4531cd8df1e07e14def667820b97b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:35 GMT
last-modified: Tue, 05 Sep 2023 09:16:43 GMT
server: nginx
etag: "64f6f1fb-7344"
x-cache: HIT from 74K
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 29508
expires: Sat, 25 Nov 2023 21:30:35 GMT

GET
H2 200 guge.gif
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/images/ Frame A819 15 KB
15 KB 443ms
435ms Image
image/gif 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/images/guge.gif

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

cb1b34470c9ce7de324c721a0b80d505bafa298dfe9f8d9e8b681424d9b7c8a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:35 GMT
last-modified: Sun, 24 Sep 2023 06:05:02 GMT
server: nginx
etag: "650fd18e-3afb"
x-cache: HIT from 74K
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15099
expires: Sat, 25 Nov 2023 21:30:35 GMT

GET
H2 200 xg.png
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 31 KB
31 KB 492ms
485ms Image
image/png 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/xg.png

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

4ca5015305bd783617f9629e279eef127ae30c75338c7ca27220eae664d4c2ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:37 GMT
last-modified: Fri, 29 Jul 2022 08:54:34 GMT
server: nginx
etag: "62e3a04a-7c75"
x-cache: HIT from 74K
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 31861
expires: Sat, 25 Nov 2023 21:30:37 GMT

GET
H2 200 tsp.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 21 KB
21 KB 552ms
545ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/tsp.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

13feb921e15c29aab13dea66d7cb0cd0fa6936ab98f611c84e93b177abcbf368

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:35 GMT
last-modified: Fri, 04 Aug 2023 08:06:46 GMT
server: nginx
etag: "64ccb196-52b6"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 21174
expires: Sat, 25 Nov 2023 21:30:35 GMT

GET
H2 200 jct.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 19 KB
19 KB 604ms
597ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/jct.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

ca939970631bc85e554a8f7c9cb777b40c6419970096c7ba3e14c75db140c83f

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:35 GMT
last-modified: Thu, 28 Jul 2022 07:36:18 GMT
server: nginx
etag: "62e23c72-4c78"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 19576
expires: Sat, 25 Nov 2023 21:30:35 GMT

GET
H2 200 gjp.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 20 KB
20 KB 949ms
944ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/gjp.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

90011ba26499a314b785d5235571a48d5685c49a6806b0357510f704903504e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:36 GMT
last-modified: Fri, 04 Aug 2023 08:06:33 GMT
server: nginx
etag: "64ccb189-4f5d"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 20317
expires: Sat, 25 Nov 2023 21:30:36 GMT

GET
H2 200 lbw.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 22 KB
22 KB 1076ms
1071ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/lbw.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

e59f257d6006cee0f92416de1002898852d2de75317700ed3982e383d3d4980e

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:36 GMT
last-modified: Fri, 04 Aug 2023 08:06:41 GMT
server: nginx
etag: "64ccb191-568f"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 22159
expires: Sat, 25 Nov 2023 21:30:36 GMT

GET
H2 200 zgl.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 20 KB
20 KB 836ms
831ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/zgl.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

13fdac81ec84225e3d01141d4439e6935099ba8710421bb8811c295a0ca65c24

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:36 GMT
last-modified: Fri, 04 Aug 2023 08:06:50 GMT
server: nginx
etag: "64ccb19a-4f91"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 20369
expires: Sat, 25 Nov 2023 21:30:36 GMT

GET
H2 200 hdx.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 18 KB
19 KB 1108ms
1103ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/hdx.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

3fe19bea1717385161d1d796662a327d26c6ce7491a2103dce82cfcb491963bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:36 GMT
last-modified: Fri, 04 Aug 2023 08:06:35 GMT
server: nginx
etag: "64ccb18b-4981"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18817
expires: Sat, 25 Nov 2023 21:30:36 GMT

GET
H2 200 bxj.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 16 KB
16 KB 1037ms
1031ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/bxj.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

8e76b4fde746a4c9c9bb9f603e37089a8940054ead40bb02f3679c6bbb40fee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:36 GMT
last-modified: Fri, 04 Aug 2023 08:06:21 GMT
server: nginx
etag: "64ccb17d-3f9c"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 16284
expires: Sat, 25 Nov 2023 21:30:36 GMT

GET
H2 200 zdr.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 19 KB
20 KB 1092ms
1087ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/zdr.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

b437fbe47a3715560414106f0bf9f1cfc0d383aa816523dbaa35a9ace4880e30

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:36 GMT
last-modified: Fri, 04 Aug 2023 08:06:49 GMT
server: nginx
etag: "64ccb199-4de9"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 19945
expires: Sat, 25 Nov 2023 21:30:36 GMT

GET
H2 200 esl.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 48 KB
48 KB 759ms
754ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/esl.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

f7a4c19c44f0b2123505690ec21bc7b9a59ba055bd49896b5be13930ee346eda

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:36 GMT
last-modified: Wed, 16 Aug 2023 14:40:28 GMT
server: nginx
etag: "64dcdfdc-be87"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 48775
expires: Sat, 25 Nov 2023 21:30:36 GMT

GET
H2 200 dxw.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 21 KB
21 KB 1151ms
1147ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/dxw.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

2583363ae215d24b30dca9de2d311183309ef362c1fef3cb449cff85bfc4da98

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:36 GMT
last-modified: Fri, 04 Aug 2023 08:06:27 GMT
server: nginx
etag: "64ccb183-533e"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 21310
expires: Sat, 25 Nov 2023 21:30:36 GMT

GET
H2 200 wzw.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 16 KB
16 KB 662ms
656ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/wzw.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

0333582ad137d0473cdb5a450644ad48679e3be50140866464e95646940bfd3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:36 GMT
last-modified: Fri, 04 Aug 2023 08:06:47 GMT
server: nginx
etag: "64ccb197-3eba"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 16058
expires: Sat, 25 Nov 2023 21:30:36 GMT

GET
H2 200 kjw.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 29 KB
29 KB 1140ms
1135ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/kjw.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

7b9b84fc5ef5545f1d5c5ff7af91c1138ec9d7db590f511b6fbbcab7aa014cb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:36 GMT
last-modified: Fri, 04 Aug 2023 08:06:40 GMT
server: nginx
etag: "64ccb190-7200"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 29184
expires: Sat, 25 Nov 2023 21:30:36 GMT

GET
H2 200 jsp.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 23 KB
23 KB 1156ms
1151ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/jsp.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

e65850e54f24c6574377b085a8e7ec5464d1a9c896a1fafd1157a0ce1ba3350c

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:36 GMT
last-modified: Fri, 04 Aug 2023 08:06:39 GMT
server: nginx
etag: "64ccb18f-5b1f"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 23327
expires: Sat, 25 Nov 2023 21:30:36 GMT

GET
H2 200 ddjr.png
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 34 KB
34 KB 739ms
733ms Image
image/png 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ddjr.png

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

f653596799d322d1bb1e49f31b3cb803f10f05c5822d70cc196d7af25af08d55

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:35 GMT
last-modified: Fri, 04 Aug 2023 08:06:25 GMT
server: nginx
etag: "64ccb181-86c5"
x-cache: HIT from 74K
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 34501
expires: Sat, 25 Nov 2023 21:30:35 GMT

GET
H2 200 am.png
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 32 KB
32 KB 1167ms
1163ms Image
image/png 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/am.png

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

20f4438ae15593e245e9de0dcaf04c41937867e5e0fc01f969f8082147d81a8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:37 GMT
last-modified: Fri, 29 Jul 2022 08:59:13 GMT
server: nginx
etag: "62e3a161-7fdd"
x-cache: HIT from 74K
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 32733
expires: Sat, 25 Nov 2023 21:30:37 GMT

GET
H2 200 gxh.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 16 KB
17 KB 913ms
907ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/gxh.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

e54ddc28b60fc3d70816fc4f259d5bc8fb8ae4a5e6a2477e01d02ec99bf68b9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:36 GMT
last-modified: Fri, 04 Aug 2023 08:06:34 GMT
server: nginx
etag: "64ccb18a-40f3"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 16627
expires: Sat, 25 Nov 2023 21:30:36 GMT

GET
H2 200 ssz.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 17 KB
17 KB 779ms
773ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ssz.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

eb0f015fe8cb70f0628bb729d910c75df5a87f205381c99b7c169a66bacd791e

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:36 GMT
last-modified: Fri, 04 Aug 2023 08:06:44 GMT
server: nginx
etag: "64ccb194-43f3"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 17395
expires: Sat, 25 Nov 2023 21:30:36 GMT

GET
H2 200 fhw.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 17 KB
18 KB 1055ms
1050ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/fhw.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

ef47a315f1996afe7c82f9d20c4ca356baa0ce9fb37723e87ac3eabb8b57fca0

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:36 GMT
last-modified: Fri, 04 Aug 2023 08:06:30 GMT
server: nginx
etag: "64ccb186-45d1"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 17873
expires: Sat, 25 Nov 2023 21:30:36 GMT

GET
H2 200 dsb.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 15 KB
15 KB 879ms
874ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/dsb.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

66ffa63d5b51be3df60bce90d273798b68aca77fea5f5626701ea2103b634204

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:36 GMT
last-modified: Fri, 04 Aug 2023 08:06:26 GMT
server: nginx
etag: "64ccb182-3a4d"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14925
expires: Sat, 25 Nov 2023 21:30:36 GMT

GET
H2 200 mzg.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 17 KB
17 KB 1067ms
1062ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/mzg.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

946d6d11f4f2114879030f349f518c1a20513ed73899ab342deab3d400e11964

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:36 GMT
last-modified: Fri, 04 Aug 2023 08:06:42 GMT
server: nginx
etag: "64ccb192-42ee"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 17134
expires: Sat, 25 Nov 2023 21:30:36 GMT

GET
H2 200 dlm.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 19 KB
20 KB 966ms
960ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/dlm.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

4f830d205be6d2cbbda73080c6b9a2f1847bc0d017c327362461048bea5c981f

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:36 GMT
last-modified: Fri, 04 Aug 2023 08:06:26 GMT
server: nginx
etag: "64ccb182-4d4e"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 19790
expires: Sat, 25 Nov 2023 21:30:36 GMT

GET
H2 200 qdd.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 17 KB
17 KB 950ms
944ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/qdd.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

0814c01623bdab12cc042e6d4ce8565799f41e396d06d7f7a1a811dd6fae4c98

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:36 GMT
last-modified: Fri, 04 Aug 2023 08:06:43 GMT
server: nginx
etag: "64ccb193-4437"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 17463
expires: Sat, 25 Nov 2023 21:30:36 GMT

GET
H2 200 jdb.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 15 KB
16 KB 1148ms
1144ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/jdb.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

864c402103d9d02c793927c68ca1d46ad3f6fe4ef89a6d9a9e22ff5a5c46b349

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:37 GMT
last-modified: Fri, 04 Aug 2023 08:06:38 GMT
server: nginx
etag: "64ccb18e-3db3"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15795
expires: Sat, 25 Nov 2023 21:30:37 GMT

GET
H2 200 zyh.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 17 KB
18 KB 698ms
692ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/zyh.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

a26e6f456795cd1aeb320d40e3c7ee38a550f6d9c41570154e5613f65ee85bf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:37 GMT
last-modified: Fri, 04 Aug 2023 08:06:51 GMT
server: nginx
etag: "64ccb19b-458d"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 17805
expires: Sat, 25 Nov 2023 21:30:37 GMT

GET
H2 200 jbp.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 19 KB
19 KB 859ms
853ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/jbp.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

584c24060b2eab25a5957e536abc125a4732cb43555eebb12bbbdeae733d55b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:37 GMT
last-modified: Fri, 04 Aug 2023 08:06:36 GMT
server: nginx
etag: "64ccb18c-4bd8"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 19416
expires: Sat, 25 Nov 2023 21:30:37 GMT

GET
H2 200 jgf.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 26 KB
26 KB 1125ms
1120ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/jgf.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

a176f141daf74229c6be3ab345d2de4e72271cf5496b24b4da799ded0f766bf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:37 GMT
last-modified: Fri, 04 Aug 2023 08:06:39 GMT
server: nginx
etag: "64ccb18f-6890"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 26768
expires: Sat, 25 Nov 2023 21:30:37 GMT

GET
H2 200 cmw.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 18 KB
18 KB 895ms
889ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/cmw.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

2403f6e15ed786392121ee6929cd4f05d37ef0ef3003a1e81d27c91c0a0997e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:37 GMT
last-modified: Fri, 04 Aug 2023 08:06:23 GMT
server: nginx
etag: "64ccb17f-477e"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18302
expires: Sat, 25 Nov 2023 21:30:37 GMT

GET
H2 200 cbw.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 22 KB
22 KB 1081ms
1076ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/cbw.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

8535f4c24596b10813bdde488de3e86fda54338f499f822835ec906d45e6e612

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:37 GMT
last-modified: Sat, 05 Aug 2023 15:35:28 GMT
server: nginx
etag: "64ce6c40-5696"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 22166
expires: Sat, 25 Nov 2023 21:30:37 GMT

GET
H2 200 csw.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 19 KB
20 KB 1064ms
1059ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/csw.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

96a15590b67fc33d5ff3ec9758bf1dbadb5a2802bd190bb23c33f3c83509c96a

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:37 GMT
last-modified: Fri, 04 Aug 2023 08:06:24 GMT
server: nginx
etag: "64ccb180-4cdd"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 19677
expires: Sat, 25 Nov 2023 21:30:37 GMT

GET
H2 200 yqs.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 17 KB
18 KB 1047ms
1042ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/yqs.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

b0f90a0e9f6cb68a44b2b454b2e1437040358ef0a6b5fcd3d9d68d098e657d50

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:37 GMT
last-modified: Fri, 04 Aug 2023 08:06:48 GMT
server: nginx
etag: "64ccb198-456b"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 17771
expires: Sat, 25 Nov 2023 21:30:37 GMT

GET
H2 200 dyj.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 20 KB
21 KB 1088ms
1083ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/dyj.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

a1e2778c037917370dab92cefec4f6e7ed2beff42d2de4b36c9844d4858a753c

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:37 GMT
last-modified: Fri, 04 Aug 2023 08:06:28 GMT
server: nginx
etag: "64ccb184-51b3"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 20915
expires: Sat, 25 Nov 2023 21:30:37 GMT

GET
H2 200 gdh.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 21 KB
21 KB 1132ms
1127ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/gdh.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

1e7b0c4a198920fb9c1d479e4b6048cbec1ceaf60a8240130fc4de10645b19ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:37 GMT
last-modified: Fri, 04 Aug 2023 08:06:32 GMT
server: nginx
etag: "64ccb188-5273"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 21107
expires: Sat, 25 Nov 2023 21:30:37 GMT

GET
H2 200 ztw.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 18 KB
18 KB 798ms
792ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ztw.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

453c139c4da1c955642b48a9ae809119e6f86279fd30073f49f73158acc2a3c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:37 GMT
last-modified: Fri, 04 Aug 2023 08:06:50 GMT
server: nginx
etag: "64ccb19a-4726"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18214
expires: Sat, 25 Nov 2023 21:30:37 GMT

GET
H2 200 dhwz.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 56 KB
57 KB 1162ms
1158ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/dhwz.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

010d2e72519341c85dc9f8ceda7a5878c2f8b517574337081e18e2d6e49ace5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:37 GMT
last-modified: Sat, 05 Aug 2023 11:47:37 GMT
server: nginx
etag: "64ce36d9-e140"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 57664
expires: Sat, 25 Nov 2023 21:30:37 GMT

GET
H2 200 tkdq.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 19 KB
19 KB 819ms
814ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/tkdq.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

3ee8b1f9007f716f2844634e3cdddcacf93ca8eff1b3895ceb66ae650ce08c49

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:37 GMT
last-modified: Fri, 04 Aug 2023 08:06:45 GMT
server: nginx
etag: "64ccb195-4bb1"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 19377
expires: Sat, 25 Nov 2023 21:30:37 GMT

GET
H2 200 gcjl.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 30 KB
30 KB 1111ms
1107ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/gcjl.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

a5d0089f573ae2e4442698991d8685c362e3c48ae39f86db2f5e7421a7be8033

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:37 GMT
last-modified: Fri, 04 Aug 2023 08:06:31 GMT
server: nginx
etag: "64ccb187-77f2"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 30706
expires: Sat, 25 Nov 2023 21:30:37 GMT

GET
H2 200 acjl.jpg
xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/ Frame A819 30 KB
31 KB 1116ms
1112ms Image
image/jpeg 45.156.221.3
DAFEIYUN_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/img/acjl.jpg

Requested by

Host: xn--becrfy2b5bzfbd.xn--gecrj9c
URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.156.221.3 , United States, ASN61368 (DAFEIYUN_AS, GB),

Reverse DNS

gpswing.com

Software

nginx /

Resource Hash

b271094bb52976aab8cc6f29792ef87054fdf6508a27d7c34b34a4ef296c5e13

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=25920000
date: Thu, 26 Oct 2023 21:30:37 GMT
last-modified: Fri, 04 Aug 2023 08:06:20 GMT
server: nginx
etag: "64ccb17c-78c0"
x-cache: HIT from 74K
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 30912
expires: Sat, 25 Nov 2023 21:30:37 GMT

GET add_favorite
/ Frame A819 0
0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumborcdn.acast.com/FplESENQENVezZDR_3e5IjdDfiI=/150x150/https%3A%2F%2Fassets.pippa.io%2Fshows%2F6155f849336c5f0012e51b95%2F1681229426526-679ec1c4b67797a7036e04233b263a2a.jpeg
Requested by: Host: embed.acast.com
URL: https://embed.acast.com/124.82df14bd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.111.68 -, , ASN (),
Reverse DNS
Software: Thumbor/6.7.5 /
Resource Hash: 92ee3c27255a2dec1fc545cd546a09f0c5332cf27343133f9893aca6808e1092

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://embed.acast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 05:06:41 GMT
via: 1.1 e0bdf334d52930321c517cf8d37af32e.cloudfront.net (CloudFront)
server: Thumbor/6.7.5
x-amz-cf-pop: MRS52-P2
age: 318299
etag: "d08cd3f3a1d1b24adcca8dc54ad483f7426f26cd"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31556926,public
content-length: 6718
x-amz-cf-id: SIvKgZ_se6VLN0ggRdayG2h7xV7SNLze4LIn_Tas97vEYCiO0PGSfg==
expires: Tue, 22 Oct 2024 10:55:27 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: add_favorite
URL: ext:add_favorite

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.telegramtoto.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 9np235daaklstp6uvr1de6ia47
.hm.baidu.com/	1970-01-21 01:21:55	Name: HMACCOUNT_BFESS Value: 505CAD2B7DBB761F
.www.telegramtoto.com/	1970-01-21 00:31:31	Name: Hm_lvt_192d87d949c939be9b3f426ac3211ab0 Value: 1698355895
.www.telegramtoto.com/	1969-12-31 23:59:59	Name: Hm_lpvt_192d87d949c939be9b3f426ac3211ab0 Value: 1698355895

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: http://www.telegramtoto.com/ Message: Failed to decode downloaded font: http://www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/fonts/fontawesome-webfont.woff2?v=4.7.0
other	warning	URL: http://www.telegramtoto.com/ Message: OTS parsing error: invalid sfntVersion: 538998607
other	warning	URL: http://www.telegramtoto.com/ Message: Failed to decode downloaded font: http://www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/fonts/fontawesome-webfont.woff?v=4.7.0
other	warning	URL: http://www.telegramtoto.com/ Message: OTS parsing error: invalid sfntVersion: 538998607
other	warning	URL: http://www.telegramtoto.com/ Message: Failed to decode downloaded font: http://www.telegramtoto.com/wp-content/themes/kaiser-healthnews-2017/static/fonts/fontawesome-webfont.ttf?v=4.7.0
other	warning	URL: http://www.telegramtoto.com/ Message: OTS parsing error: invalid sfntVersion: 538968065
network	error	URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c:9999/images/search.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/images/sty1e.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://xn--becrfy2b5bzfbd.xn--gecrj9c/dh/images/bg.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

add_favorite
ajax.googleapis.com
c.cnzz.com
cdn.acast.com
embed.acast.com
embeds.kff.org
feeder.acast.com
fonts.googleapis.com
fonts.gstatic.com
hm.baidu.com
kffhealthnews.org
players.brightcove.net
telegramtoto.com
thumborcdn.acast.com
v1.cnzz.com
www-4935.com
www.googletagmanager.com
www.telegramtoto.com
xn--becrfy2b5bzfbd.xn--gecrj9c
z6.cnzz.com
add_favorite
103.235.46.191
122.225.212.183
142.251.10.95
154.92.239.226
154.92.239.252
172.217.194.94
18.161.97.18
192.0.66.2
192.0.66.210
223.109.148.174
23.72.45.28
3.160.188.96
45.156.221.3
54.192.111.122
54.192.111.68
74.125.68.95
74.125.68.97
010d2e72519341c85dc9f8ceda7a5878c2f8b517574337081e18e2d6e49ace5b
0188c244faa1e06e229e4e72f79d57a7cb2fc1cd88fd47d2040706bbdd442aff
0333582ad137d0473cdb5a450644ad48679e3be50140866464e95646940bfd3e
0431e0ff2408302d2891e7f42de5e5d8192c174d26adf0f8a80403ceb874f308
06fceda118e587bb3828e251effab29487aa3890279447621a44d15942b9ab3b
0814c01623bdab12cc042e6d4ce8565799f41e396d06d7f7a1a811dd6fae4c98
0bf4765178827dac393fec97dd0bce7011ac7e31308ffbd666690cc3ced9adbf
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0ed5c21f843af53736f7e16ffd2c7cea7fdc316664adfd304064bb6747bb5581
10544f08485a40d33ca08cd5c9f29d6f89c601ea3e91b83a2ff75215a852cee4
116a57b4d8e4823dfd18e96d47819d5af2f0bad8ec53f43201ac20384983c382
130ab895e1d3ada89c3043b663fc1f4408e6acb1f49c97209532158fb96ae350
13fdac81ec84225e3d01141d4439e6935099ba8710421bb8811c295a0ca65c24
13feb921e15c29aab13dea66d7cb0cd0fa6936ab98f611c84e93b177abcbf368
1ac93af9248b020cb22e35000f4851493fbee3a84ef5328dc0a701ca467b71f8
1c7d8fad3d9b303f610f49f666dbc4489d4531cd8df1e07e14def667820b97b2
1e7b0c4a198920fb9c1d479e4b6048cbec1ceaf60a8240130fc4de10645b19ec
2080747a81d8626bd33c276de5db76389db9075e6415aadd41f88fcf55a45010
20f4438ae15593e245e9de0dcaf04c41937867e5e0fc01f969f8082147d81a8a
21a025608011dacef8150bb8181241e5dab9eb605e71d978643e4547e0c83bbe
223729c890d7096dd1891deb3f7c74f6fa8c0e2df44f65375b45cdb516279d02
22a4bd890f9baee6bad75bffc745612ed5a5d37a329c1249b93cf60d086d4e6b
2403f6e15ed786392121ee6929cd4f05d37ef0ef3003a1e81d27c91c0a0997e2
2583363ae215d24b30dca9de2d311183309ef362c1fef3cb449cff85bfc4da98
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
320cdb9e509d42926738457c462478c93404defaa504e661d02b999653a72337
3ee8b1f9007f716f2844634e3cdddcacf93ca8eff1b3895ceb66ae650ce08c49
3fe19bea1717385161d1d796662a327d26c6ce7491a2103dce82cfcb491963bb
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
453c139c4da1c955642b48a9ae809119e6f86279fd30073f49f73158acc2a3c0
47792e7c20d5725e45bbd87c416fd18e33d4f76caa3631a9737e8040c2198cf4
4928ecf1ce27b8ecbba06af657f84e374babdef620edfab35861adacf1ee7b58
4c5a2f189f78f2c085cf2ea0c79e791ac765699e6d3099c651217668d370b7d9
4ca5015305bd783617f9629e279eef127ae30c75338c7ca27220eae664d4c2ba
4f830d205be6d2cbbda73080c6b9a2f1847bc0d017c327362461048bea5c981f
54bfc7621a4da3c0a6a72ddce3297612a5b8b4c0b687ca6609cb715bf8e23fc2
554010cb22dee9c2dffeb74c474a077ba51aab59a8f3b815dd378017f6c4e906
565b84baccd51b23a2f1719137d8e4cc7fb1b5754472d425b4310fad91eb8742
584c24060b2eab25a5957e536abc125a4732cb43555eebb12bbbdeae733d55b5
5be5b91d6a04e4896f9c957f3f839e98b6fe73a4a430da1b34d952d7233086d8
5cbe7bbe7d61b58d37a0b666b3fd17b7ab53eb0047bae5837db07036647ea40c
60eadcd6bd4af906533bf34e9769f46c4fd588062e172b25712d1e75c0c534ad
66ffa63d5b51be3df60bce90d273798b68aca77fea5f5626701ea2103b634204
67d46cfc1c7ca06c8c648251a067696258545ca597e6235c2dd7caf880756ce7
698ef839823efe128ae81afaaf84c89c34ea6a51e811fba9bd97d2d0cbcc5189
6a82b0a785e9986785cebae24340cfa131672e6cf305beb29f4b17138d7d87b9
6c179f21e6f62b629055d8ab40f454ed02e48b68563913473b857d3638e23b28
6c9b5f6dec3be3973ad154d84622f45be5b086723f88d5015f388031daefb8c1
6fdcb3b79c2a02da57ede7bc3288b01f99684bff0b0d7a9793ede977cb30057f
6ffb34c35f7ac60d1b832f6c43a818f3f230c5889e3afa5e0714ba606b97054d
72d78e19fd23ca10bf2c1143eceddccb6eec634472c7a95e6126310ffa8de723
749db22e67a4d9709235538d077ab4629a0fb15409b9ef6ba44bb4c9a67dd9f5
76a1b6b30efc71f84dbae0b1640f60a55942a817c2bb0a5308a3da6b4a2c889e
77c94b258544d4b6c0ac6239d347a403006783050226aa242070c16cdf8cb881
794a12c24e51cc62a3cc3ee3bec4fe663eed1d5bdf3e76ac2b3265c4169a3a80
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7b9b84fc5ef5545f1d5c5ff7af91c1138ec9d7db590f511b6fbbcab7aa014cb2
7cc47a930ba5f5fb594431c37c355ac035089a8132c08ff5a14db7324413f499
7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4
810453ec31ab168edf81700cbf5571f3e9dbfb20e36afc128abca1a0490c8156
812866e7dc2c7564b1301ad7e84ee398f6730d71f148fc84974df07ade936dde
8142ec603e4c9b88e1e5567932091d8b52f36d0250e9085ad118c3a413a28fa6
82c93d7d923aee9321ce2f750d2e365add1c7206fd06ea757953724ea2999cb8
8535f4c24596b10813bdde488de3e86fda54338f499f822835ec906d45e6e612
864c402103d9d02c793927c68ca1d46ad3f6fe4ef89a6d9a9e22ff5a5c46b349
8a730e7a0d42b7667711738ca812a7a1f99d970bc8d1e4a27fc91d3a3d4ebf27
8e76b4fde746a4c9c9bb9f603e37089a8940054ead40bb02f3679c6bbb40fee6
90011ba26499a314b785d5235571a48d5685c49a6806b0357510f704903504e3
90c0e1f107fb41c9ea8e94d7caad336bf5c9cc6a3c1e4008e1cb8e68cf2768e2
915e3a729aba509de39b031657bb81c4456eda5d7290206b683ed889d61f31b6
92ee3c27255a2dec1fc545cd546a09f0c5332cf27343133f9893aca6808e1092
946d6d11f4f2114879030f349f518c1a20513ed73899ab342deab3d400e11964
96a15590b67fc33d5ff3ec9758bf1dbadb5a2802bd190bb23c33f3c83509c96a
98b7cd3159f27b659b43703a0c394520a4717cce125d5a94958b6bb192d15519
9a723aff3483baa9295d29465b79ebe10c4a55a669b18a8631838a63ba5a572f
9b38973e1b823a5b866b6908f81079864ff964360f61fb0c93fa68cdd4d4bd92
9d523c7a2e486701b9b8ca31c66d6748feb42466aceb730b089fff598a4b3772
a1071b34d35c76149348f1b6ca15284424c3f0ce5584307ea194af0ffbc04281
a176f141daf74229c6be3ab345d2de4e72271cf5496b24b4da799ded0f766bf3
a1e2778c037917370dab92cefec4f6e7ed2beff42d2de4b36c9844d4858a753c
a26e6f456795cd1aeb320d40e3c7ee38a550f6d9c41570154e5613f65ee85bf8
a5d0089f573ae2e4442698991d8685c362e3c48ae39f86db2f5e7421a7be8033
ad4e1a167d8e9f95d237b1f12dfb0a64add386a91e9f98f749eee9939ca2e419
ad908b94154a1a89005bdfe9a580231667a99c7b31822fb9ffe9938d5aaaa8fa
aecfebb58655e1607358f9701c36c07299d6c5d0f619bc78080d073683043d5a
b0f90a0e9f6cb68a44b2b454b2e1437040358ef0a6b5fcd3d9d68d098e657d50
b22ea3f50fdf80497bd39c88f2ec0df8814ae8d9daefd03a0b1205429785feba
b271094bb52976aab8cc6f29792ef87054fdf6508a27d7c34b34a4ef296c5e13
b31dbf5f6a87624b04177ccc61ecc976e21cbf2dd74841bbe3c496437809e92e
b338633d5effc9b60162e2c85859def3711c841f65be8199085b7cb3a327a626
b437fbe47a3715560414106f0bf9f1cfc0d383aa816523dbaa35a9ace4880e30
b50f1beac4e0b89f00f7e069b1a1a285b26a1a0794a5feebe8a80343cebd35f9
bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f
bf4578da3953a1a036032e10bbe23f7ca7917b7e4e4a66c21ed3b23f4b81ecc1
c1025a50183c93dc7febc3015e7b60351214007846699fea22f28d78ebb7a8c9
c44b191a65523b90761de500a5cbc62ebafde56242c6a0c25ca6782c46a39ac0
c48a8ad8cc2c2452ea1a735efd9147263b4be992c1c03fc73f26186eebb36505
c798ebb4c94b11bf4ff1b33687f2e166f1d453a07858e289582782ec98746717
c7ef3b7ed31a2b56e7a678b412e0a7920a322faebd5a2bad1c233ef32a01ac49
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
ca939970631bc85e554a8f7c9cb777b40c6419970096c7ba3e14c75db140c83f
cb1b34470c9ce7de324c721a0b80d505bafa298dfe9f8d9e8b681424d9b7c8a1
cc24acea57a0ac09feba8117b2a6d28d16eea056440420387d42b14a82677182
cc7995e2bcfea6fbd2ae9ecc426e1a0bb96bb6682fa85c95509d9688f9ffcea0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d33c152dd3dfa030d8f8176bdac86c138bb53e09227ea555409fd3c7aebbc96c
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d4ec583c7604001f87233d1fe0076cbd909f15a5f8c6b4c3f5dd81b462d79d32
d6d5e8dc90556154970ea015a160f0a0a3cbb6fd0809ae9bc98cadb587f1d581
d7cdfbcd2796e4bf663c912976cee23121c9c3138df1aceafc58f46793d5a4dc
d9bae99261b05cc91ca4c998ff073e49274fdca40d68e0d031d383fc71cd663c
dd8058151c75aa3c52c48f46a1a75e64e6039c95aaf692ecbec587a529f8f026
df8a872a6d0a6879c819e6278e4c68c32e4fb4013a5c738993bf89cd7c6bb4e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54ddc28b60fc3d70816fc4f259d5bc8fb8ae4a5e6a2477e01d02ec99bf68b9a
e59f257d6006cee0f92416de1002898852d2de75317700ed3982e383d3d4980e
e65850e54f24c6574377b085a8e7ec5464d1a9c896a1fafd1157a0ce1ba3350c
e744319defab14a5c566e2e097d29094fc981bbf793986c21720f37e898a6f78
eb0f015fe8cb70f0628bb729d910c75df5a87f205381c99b7c169a66bacd791e
ef47a315f1996afe7c82f9d20c4ca356baa0ce9fb37723e87ac3eabb8b57fca0
f4fbbe001cca3eb9d5c4b82f43fc5da92dea743a74af8e5831bba0292126c127
f5e3196b15bafe0b2b427099e25264fa0a00e09e5104ac71ef4f34f8dfc4765b
f653596799d322d1bb1e49f31b3cb803f10f05c5822d70cc196d7af25af08d55
f7a4c19c44f0b2123505690ec21bc7b9a59ba055bd49896b5be13930ee346eda
f96ce3f2a157f3f4a3ed55f86e3d6f0564483d923819b61e2038a2256a9dded7
fa04523aed1b774f995a4fc429facfba2871871e7ab50193bbb59ca9030f29a3
fba82461a382def021d9cb7167d6c175ba7d9c43eced2f56c38676ead5a35108
fc4ab3e7723a38464750cdc759a48ef1895c621d265a9641b46cec8599694e55
fdaa1c743202d0cde9a6d08632fe583db448ae8d9d991a42ac9cf91c5bc1254b
ff8aedabb741fd7c17348bcfa846f2acabd6ccfdac358e2644820d940f61fea4

www.telegramtoto.com Open in urlscan Pro 154.92.239.252 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

137 Requests

54 %HTTPS

0 %IPv6

12 Domains

20 Subdomains

18 IPs

4 Countries

2765 kBTransfer

4829 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

137 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

www.telegramtoto.com Open in urlscan Pro
154.92.239.252 Public Scan

Screenshot
Live screenshot

Full Image

137
Requests

54 %
HTTPS

0 %
IPv6

12
Domains

20
Subdomains

18
IPs

4
Countries

2765 kB
Transfer

4829 kB
Size

4
Cookies

137 HTTP transactions
1 data transactions