www.gfkaqs.xyz Open in urlscan Pro
172.67.202.245 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://northfitnesssport.com/
Effective URL:
https://www.gfkaqs.xyz/
Submission: On December 04 via api (December 4th 2023, 1:20:31 pm UTC) from US — Scanned from US

Summary HTTP 118 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 14 domains to perform 118 HTTP transactions. The main IP is 172.67.202.245, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.gfkaqs.xyz.
TLS certificate: Issued by E1 on November 10th 2023. Valid for: 3 months.

This is the only time www.gfkaqs.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	154.209.53.17 154.209.53.17	132839 (POWERLINE...) (POWERLINE-AS-AP POWER LINE DATACENTER)
4	2607:f8b0:400... 2607:f8b0:4004:c06::61	15169 (GOOGLE) (GOOGLE)
1	182.61.201.92 182.61.201.92	38365 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
2	103.186.109.236 103.186.109.236	58543 (CHINATELE...) (CHINATELECOM-GUANGDONG-IDC Guangdong)
1	52.219.164.162 52.219.164.162	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:303... 2606:4700:3033::ac43:8b48	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2607:f8b0:400... 2607:f8b0:4004:c19::66	15169 (GOOGLE) (GOOGLE)
58	172.67.202.245 172.67.202.245	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.238.4.13 18.238.4.13	16509 (AMAZON-02) (AMAZON-02)
2	76.223.60.10 76.223.60.10	16509 (AMAZON-02) (AMAZON-02)
1	104.21.70.95 104.21.70.95	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	45.60.62.140 45.60.62.140	19551 (INCAPSULA) (INCAPSULA)
7	209.146.43.44 209.146.43.44	174 (COGENT-174) (COGENT-174)
118	14

25 154.209.53.17 (Hong Kong)

ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK)

northfitnesssport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c06::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.61.201.92 (China)

ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

ziyuan.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.186.109.236 (China)

ASN58543 (CHINATELECOM-GUANGDONG-IDC Guangdong, CN)

www.zhuti.net.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.164.162 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-1-r-w.amazonaws.com

supersportskick.s3.ap-southeast-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3033::ac43:8b48 (United States)

ASN13335 (CLOUDFLARENET, US)

stepzeed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c19::66 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

58 172.67.202.245 (United States)

ASN13335 (CLOUDFLARENET, US)

www.gfkaqs.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.4.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-13.phl51.r.cloudfront.net

fpnpmcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.60.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: a46a250059e296ddb.awsglobalaccelerator.com

api.fpjs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.70.95 (None, )

ASN13335 (CLOUDFLARENET, US)

thaicdn.gssdrf.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.60.62.140 (United States)

ASN19551 (INCAPSULA, US)

thaicdn.iuerk.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 209.146.43.44 (United States)

ASN174 (COGENT-174, US)

img.zhenqinghua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	gfkaqs.xyz www.gfkaqs.xyz	7 MB
25	northfitnesssport.com northfitnesssport.com	1 MB
7	zhenqinghua.com img.zhenqinghua.com — Cisco Umbrella Rank: 205636	588 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
4	stepzeed.com stepzeed.com	147 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	320 KB
2	fpjs.io api.fpjs.io — Cisco Umbrella Rank: 24041	1 KB
2	zhuti.net.cn www.zhuti.net.cn	26 KB
1	iuerk.xyz thaicdn.iuerk.xyz
1	gssdrf.xyz thaicdn.gssdrf.xyz	3 KB
1	fpnpmcdn.net fpnpmcdn.net — Cisco Umbrella Rank: 16351	43 KB
1	amazonaws.com supersportskick.s3.ap-southeast-1.amazonaws.com
1	baidu.com ziyuan.baidu.com — Cisco Umbrella Rank: 459652
0	matichon.co.th Failed www.matichon.co.th Failed
118	14

	Domain	Requested by
58	www.gfkaqs.xyz	northfitnesssport.com www.gfkaqs.xyz
25	northfitnesssport.com	northfitnesssport.com
7	img.zhenqinghua.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	stepzeed.com	northfitnesssport.com
4	www.googletagmanager.com	northfitnesssport.com www.gfkaqs.xyz www.googletagmanager.com
2	api.fpjs.io	fpnpmcdn.net
2	www.zhuti.net.cn	northfitnesssport.com
1	thaicdn.iuerk.xyz
1	thaicdn.gssdrf.xyz
1	fpnpmcdn.net	www.gfkaqs.xyz
1	supersportskick.s3.ap-southeast-1.amazonaws.com	northfitnesssport.com
1	ziyuan.baidu.com	northfitnesssport.com
0	www.matichon.co.th Failed	northfitnesssport.com
118	14

This site contains links to these domains. Also see Links.

Domain
dl.softmgr.qq.com
dlie.sogoucdn.com
download.mozilla.org
lin.ee

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2023-07-06` - `2024-08-06`	a year	crt.sh
zhuti.net.cn R3	`2023-10-30` - `2024-01-28`	3 months	crt.sh
*.s3-ap-southeast-1.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-09-25`	a year	crt.sh
stepzeed.com E1	`2023-12-02` - `2024-03-01`	3 months	crt.sh
gfkaqs.xyz E1	`2023-11-10` - `2024-02-08`	3 months	crt.sh
fpcdn.io Amazon RSA 2048 M03	`2023-10-10` - `2024-11-08`	a year	crt.sh
api.fpjs.io Amazon RSA 2048 M03	`2023-11-15` - `2024-12-14`	a year	crt.sh
gssdrf.xyz E1	`2023-11-10` - `2024-02-08`	3 months	crt.sh
*.awu3e.xyz R3	`2023-10-03` - `2024-01-01`	3 months	crt.sh
dl.changxingwnet.com R3	`2023-11-22` - `2024-02-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.gfkaqs.xyz/
Frame ID: A6C7C3C5566413505D309F587833124F
Requests: 148 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ruled8

Page URL History Show full URLs

http://northfitnesssport.com/ Page URL
https://www.gfkaqs.xyz/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prism (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

prism\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

118
Requests

75 %
HTTPS

23 %
IPv6

14
Domains

14
Subdomains

14
IPs

5
Countries

9618 kB
Transfer

14550 kB
Size

15
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://dl.softmgr.qq.com/original/Browser/73.0.3683.86_chrome_installer.exe
Title: google chrome

Search URL Search Domain Scan URL

URL: https://dlie.sogoucdn.com/se/sogou_explorer_8.5_0423.exe
Title: sogou browser

Search URL Search Domain Scan URL

URL: https://download.mozilla.org/?product=firefox-stub&os=win&lang=th
Title: Firefox browser

Search URL Search Domain Scan URL

URL: https://lin.ee/ac1N7a5
Title: Consult now

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://northfitnesssport.com/ Page URL
https://www.gfkaqs.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

118 HTTP transactions
30 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
northfitnesssport.com/ 80 KB
14 KB 837ms
415ms Document
text/html 154.209.53.17
POWERLINE-AS-AP P...

General

Check archive.org

Show headers Download Go to

Full URL

http://northfitnesssport.com/

Protocol

HTTP/1.1

Server

154.209.53.17 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),

Reverse DNS

Software

nginx /

Resource Hash

dd5efd6a06852c6e9845fd6295fc3b14cc1fe27684fbc649155206e3fce52852

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 04 Dec 2023 13:20:15 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK style.css
northfitnesssport.com/template/news/baike009/th-skin/css/ 385 KB
67 KB 249ms
248ms Stylesheet
text/css 154.209.53.17
POWERLINE-AS-AP P...

General

Check archive.org

Show headers Download Go to

Full URL

http://northfitnesssport.com/template/news/baike009/th-skin/css/style.css

Requested by

Host: northfitnesssport.com
URL: http://northfitnesssport.com/

Protocol

HTTP/1.1

Server

154.209.53.17 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),

Reverse DNS

Software

nginx /

Resource Hash

1ba4fcb66f37462dc808ac4043427f2e8702954e204939183ec2376187aad6ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://northfitnesssport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 13:20:15 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 05:29:50 GMT
Server: nginx
ETag: W/"64cc8cce-602e2"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Tue, 05 Dec 2023 01:20:15 GMT

GET
H/1.1 200
OK jquery.min.js Show response
northfitnesssport.com/template/news/baike009/th-skin/js/ 89 KB
35 KB 493ms
249ms Script
application/javascript 154.209.53.17
POWERLINE-AS-AP P...

General

Check archive.org

Show headers Download Go to

Full URL

http://northfitnesssport.com/template/news/baike009/th-skin/js/jquery.min.js

Requested by

Host: northfitnesssport.com
URL: http://northfitnesssport.com/

Protocol

HTTP/1.1

Server

154.209.53.17 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),

Reverse DNS

Software

nginx /

Resource Hash

99564a929c901621d6f9a0bd189639172aa1906d065edfc83b9acf2e6d5d12e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://northfitnesssport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 13:20:15 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Mon, 31 Jul 2023 17:11:40 GMT
Server: nginx
ETag: W/"64c7eb4c-16311"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Tue, 05 Dec 2023 01:20:15 GMT

GET
H/1.1 200
OK zblogphp.js Show response
northfitnesssport.com/template/news/baike009/th-skin/js/ 7 KB
3 KB 489ms
245ms Script
application/javascript 154.209.53.17
POWERLINE-AS-AP P...

General

Check archive.org

Show headers Download Go to

Full URL

http://northfitnesssport.com/template/news/baike009/th-skin/js/zblogphp.js

Requested by

Host: northfitnesssport.com
URL: http://northfitnesssport.com/

Protocol

HTTP/1.1

Server

154.209.53.17 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),

Reverse DNS

Software

nginx /

Resource Hash

11b10a45b9fc3622b9a8eaf5181e0bd403af74ecfbbc9541cdce396a8e47b332

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://northfitnesssport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 13:20:15 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Mon, 31 Jul 2023 17:11:42 GMT
Server: nginx
ETag: W/"64c7eb4e-1c24"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Tue, 05 Dec 2023 01:20:15 GMT

GET
H/1.1 200
OK c_html_js_add.js Show response
northfitnesssport.com/template/news/baike009/th-skin/js/ 4 KB
2 KB 490ms
245ms Script
application/javascript 154.209.53.17
POWERLINE-AS-AP P...

General

Check archive.org

Show headers Download Go to

Full URL

http://northfitnesssport.com/template/news/baike009/th-skin/js/c_html_js_add.js

Requested by

Host: northfitnesssport.com
URL: http://northfitnesssport.com/

Protocol

HTTP/1.1

Server

154.209.53.17 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),

Reverse DNS

Software

nginx /

Resource Hash

b54c4bd96e4991d236f7b4776f31cace5f3d479c0cbe75f811e7c1082f50ff5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://northfitnesssport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 13:20:15 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 05:29:50 GMT
Server: nginx
ETag: W/"64cc8cce-11b5"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Tue, 05 Dec 2023 01:20:15 GMT

GET
H/1.1 200
OK style_1.css
northfitnesssport.com/template/news/baike009/th-skin/css/ 17 KB
4 KB 484ms
247ms Stylesheet
text/css 154.209.53.17
POWERLINE-AS-AP P...

General

Check archive.org

Show headers Download Go to

Full URL

http://northfitnesssport.com/template/news/baike009/th-skin/css/style_1.css

Requested by

Host: northfitnesssport.com
URL: http://northfitnesssport.com/

Protocol

HTTP/1.1

Server

154.209.53.17 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),

Reverse DNS

Software

nginx /

Resource Hash

cba564b2110438cb9e3325c5f934819625adf3393a922d0333dcbf78eeab9522

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://northfitnesssport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 13:20:15 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Mon, 31 Jul 2023 17:11:40 GMT
Server: nginx
ETag: W/"64c7eb4c-43c2"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Tue, 05 Dec 2023 01:20:15 GMT

GET
H/1.1 200
OK 4c4kvyfyuhqlrmpaxccobofdedqlrfza4c4khyfyxeqoboeu4c4lsihaxcnobofn4c4kkihaxgboboff4c4ic.png
northfitnesssport.com/images/logo/ 0
286 B 581ms
334ms Image
text/html 154.209.53.17
POWERLINE-AS-AP P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://northfitnesssport.com/images/logo/4c4kvyfyuhqlrmpaxccobofdedqlrfza4c4khyfyxeqoboeu4c4lsihaxcnobofn4c4kkihaxgboboff4c4ic.png?w=180

Requested by

Host: northfitnesssport.com
URL: http://northfitnesssport.com/

Protocol

HTTP/1.1

Server

154.209.53.17 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://northfitnesssport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 13:20:15 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Connection: keep-alive

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 138ms
67ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JVB9KQ5X28

Requested by

Host: northfitnesssport.com
URL: http://northfitnesssport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

924036d97568844a881bd31cb945cb7dccc4198f7979d886a2b15aa3ed268114

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://northfitnesssport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92983
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 13:20:18 GMT

GET
H/1.1 200
OK script.js Show response
northfitnesssport.com/template/news/baike009/th-skin/js/ 31 KB
11 KB 247ms
246ms Script
application/javascript 154.209.53.17
POWERLINE-AS-AP P...

General

Check archive.org

Show headers Download Go to

Full URL

http://northfitnesssport.com/template/news/baike009/th-skin/js/script.js

Requested by

Host: northfitnesssport.com
URL: http://northfitnesssport.com/

Protocol

HTTP/1.1

Server

154.209.53.17 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),

Reverse DNS

Software

nginx /

Resource Hash

84497161102bcf8dd0c4ed70ece7f81997d310aa279a2760cace4896f8a41844

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://northfitnesssport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 13:20:15 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Mon, 31 Jul 2023 17:11:42 GMT
Server: nginx
ETag: W/"64c7eb4e-7a62"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Tue, 05 Dec 2023 01:20:15 GMT

GET
H/1.1 200
OK close.png
northfitnesssport.com/template/news/baike009/th-skin/picture/ 1 KB
2 KB 249ms
248ms Image
image/png 154.209.53.17
POWERLINE-AS-AP P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://northfitnesssport.com/template/news/baike009/th-skin/picture/close.png

Requested by

Host: northfitnesssport.com
URL: http://northfitnesssport.com/

Protocol

HTTP/1.1

Server

154.209.53.17 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),

Reverse DNS

Software

nginx /

Resource Hash

890f7a2dad2c3a64cac10c49053b0193055639b6694a089d1601cb703014991c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://northfitnesssport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 13:20:15 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 31 Jul 2023 17:11:42 GMT
Server: nginx
ETag: "64c7eb4e-5a0"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1440
Expires: Wed, 03 Jan 2024 13:20:15 GMT

GET
H/1.1 200
OK wechat.svg
northfitnesssport.com/template/news/baike009/th-skin/picture/ 4 KB
4 KB 253ms
253ms Image
image/svg+xml 154.209.53.17
POWERLINE-AS-AP P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://northfitnesssport.com/template/news/baike009/th-skin/picture/wechat.svg

Requested by

Host: northfitnesssport.com
URL: http://northfitnesssport.com/

Protocol

HTTP/1.1

Server

154.209.53.17 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),

Reverse DNS

Software

nginx /

Resource Hash

8418a8301bd25c7f8014559861fbb63d086be5197517e22912355b60b12cae89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://northfitnesssport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 13:20:16 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 31 Jul 2023 17:11:40 GMT
Server: nginx
ETag: "64c7eb4c-1025"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4133

GET
H/1.1 200
OK alipay.svg
northfitnesssport.com/template/news/baike009/th-skin/picture/ 3 KB
3 KB 248ms
248ms Image
image/svg+xml 154.209.53.17
POWERLINE-AS-AP P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://northfitnesssport.com/template/news/baike009/th-skin/picture/alipay.svg

Requested by

Host: northfitnesssport.com
URL: http://northfitnesssport.com/

Protocol

HTTP/1.1

Server

154.209.53.17 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),

Reverse DNS

Software

nginx /

Resource Hash

a1fbf298ab4249b1a9ac37952802b74185e2de270766331fbc109566294014be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://northfitnesssport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 13:20:16 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 31 Jul 2023 17:11:40 GMT
Server: nginx
ETag: "64c7eb4c-b0c"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2828

GET
H/1.1 200
OK theme.js Show response
northfitnesssport.com/template/news/baike009/th-skin/js/ 93 KB
28 KB 247ms
247ms Script
application/javascript 154.209.53.17
POWERLINE-AS-AP P...

General

Check archive.org

Show headers Download Go to

Full URL

http://northfitnesssport.com/template/news/baike009/th-skin/js/theme.js

Requested by

Host: northfitnesssport.com
URL: http://northfitnesssport.com/

Protocol

HTTP/1.1

Server

154.209.53.17 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),

Reverse DNS

Software

nginx /

Resource Hash

14d093d94978be4384debb072fb608a0c82d014ebde1f8cedc2947c4eb0135f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://northfitnesssport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 13:20:16 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 05:37:00 GMT
Server: nginx
ETag: W/"64cc8e7c-17345"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Tue, 05 Dec 2023 01:20:16 GMT

GET
H/1.1 200
OK customer.js Show response
northfitnesssport.com/template/news/baike009/th-skin/js/ 7 KB
3 KB 248ms
248ms Script
application/javascript 154.209.53.17
POWERLINE-AS-AP P...

General

Check archive.org

Show headers Download Go to

Full URL

http://northfitnesssport.com/template/news/baike009/th-skin/js/customer.js

Requested by

Host: northfitnesssport.com
URL: http://northfitnesssport.com/

Protocol

HTTP/1.1

Server

154.209.53.17 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),

Reverse DNS

Software

nginx /

Resource Hash

52b8e2d10d909ef6cf22a3ce5214609e2a599c60fbdca1f0ab93b4acfcb3720f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://northfitnesssport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 13:20:16 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 05:00:22 GMT
Server: nginx
ETag: W/"64cc85e6-1b55"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Tue, 05 Dec 2023 01:20:16 GMT

GET
H/1.1 404
Not Found image.gif
ziyuan.baidu.com/ 0
0 2018ms
369ms Image
text/html 182.61.201.92
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ziyuan.baidu.com/image.gif
Requested by: Host: northfitnesssport.com
URL: http://northfitnesssport.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 182.61.201.92 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://northfitnesssport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 prism.js Show response
www.zhuti.net.cn/zb_users/plugin/UEditor/third-party/prism/ 60 KB
25 KB 2288ms
510ms Script
application/javascript 103.186.109.236
CHINATELECOM-GUAN...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zhuti.net.cn/zb_users/plugin/UEditor/third-party/prism/prism.js

Requested by

Host: northfitnesssport.com
URL: http://northfitnesssport.com/template/news/baike009/th-skin/js/c_html_js_add.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.186.109.236 , China, ASN58543 (CHINATELECOM-GUANGDONG-IDC Guangdong, CN),

Reverse DNS

Software

nginx /

Resource Hash

5867cef615756cb75b523c11e29d88f770ddb40fd51bc39cd60e3ba86d004fdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://northfitnesssport.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 04 Dec 2023 13:20:17 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 29 Mar 2023 07:53:38 GMT
server: nginx
etag: W/"6423ee82-eecb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Tue, 05 Dec 2023 01:20:17 GMT

GET
H2 200 prism.css
www.zhuti.net.cn/zb_users/plugin/UEditor/third-party/prism/ 4 KB
2 KB 2024ms
248ms Stylesheet
text/css 103.186.109.236
CHINATELECOM-GUAN...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zhuti.net.cn/zb_users/plugin/UEditor/third-party/prism/prism.css

Requested by

Host: northfitnesssport.com
URL: http://northfitnesssport.com/template/news/baike009/th-skin/js/c_html_js_add.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.186.109.236 , China, ASN58543 (CHINATELECOM-GUANGDONG-IDC Guangdong, CN),

Reverse DNS

Software

nginx /

Resource Hash

e82e0b58f5c11f55f08603ea35e2aa7612d4e5986e5cb6bc2d4c53e3c1c9c149

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://northfitnesssport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:17 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 29 Mar 2023 07:53:38 GMT
server: nginx
etag: W/"6423ee82-1039"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Tue, 05 Dec 2023 01:20:17 GMT

GET
H/1.1 200
OK images.jpg
northfitnesssport.com/pic/ 10 KB
10 KB 250ms
249ms Image
image/jpeg 154.209.53.17
POWERLINE-AS-AP P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://northfitnesssport.com/pic/images.jpg

Requested by

Host: northfitnesssport.com
URL: http://northfitnesssport.com/

Protocol

HTTP/1.1

Server

154.209.53.17 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),

Reverse DNS

Software

nginx /

Resource Hash

5d0741a39741431fae5c67a0adc87e2bd3a343a512c84bf596518e3aa697a3cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://northfitnesssport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 13:20:18 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Tue, 31 Oct 2023 06:02:17 GMT
Server: nginx
ETag: "65409869-26cb"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9931
Expires: Wed, 03 Jan 2024 13:20:18 GMT

GET
H/1.1 200
OK istockphoto-890702334-1024x1024.jpg
northfitnesssport.com/pic/ 139 KB
139 KB 251ms
250ms Image
image/jpeg 154.209.53.17
POWERLINE-AS-AP P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://northfitnesssport.com/pic/istockphoto-890702334-1024x1024.jpg

Requested by

Host: northfitnesssport.com
URL: http://northfitnesssport.com/

Protocol

HTTP/1.1

Server

154.209.53.17 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://northfitnesssport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 13:20:18 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Thu, 02 Nov 2023 07:01:10 GMT
Server: nginx
ETag: "65434936-22b49"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 142153
Expires: Wed, 03 Jan 2024 13:20:18 GMT

GET
H/1.1 200
OK 309975902_10160732955404974_2342002449519368020_n-1.jpg
northfitnesssport.com/pic/ 106 KB
106 KB 248ms
248ms Image
image/jpeg 154.209.53.17
POWERLINE-AS-AP P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://northfitnesssport.com/pic/309975902_10160732955404974_2342002449519368020_n-1.jpg

Requested by

Host: northfitnesssport.com
URL: http://northfitnesssport.com/

Protocol

HTTP/1.1

Server

154.209.53.17 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://northfitnesssport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 13:20:18 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Tue, 31 Oct 2023 05:38:56 GMT
Server: nginx
ETag: "654092f0-1a67f"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 108159
Expires: Wed, 03 Jan 2024 13:20:18 GMT

GET
H/1.1 200
OK b5b05c60-e2ff-4084-9c72-18c22c7b27d6.jpg
northfitnesssport.com/pic/ 265 KB
265 KB 249ms
248ms Image
image/jpeg 154.209.53.17
POWERLINE-AS-AP P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://northfitnesssport.com/pic/b5b05c60-e2ff-4084-9c72-18c22c7b27d6.jpg

Requested by

Host: northfitnesssport.com
URL: http://northfitnesssport.com/

Protocol

HTTP/1.1

Server

154.209.53.17 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://northfitnesssport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 13:20:18 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Thu, 02 Nov 2023 07:06:19 GMT
Server: nginx
ETag: "65434a6b-422e5"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 271077
Expires: Wed, 03 Jan 2024 13:20:18 GMT

GET
H/1.1 200
OK imt5UcQtwNg2CNWAuQqA.jpg
northfitnesssport.com/pic/ 207 KB
207 KB 248ms
248ms Image
image/jpeg 154.209.53.17
POWERLINE-AS-AP P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://northfitnesssport.com/pic/imt5UcQtwNg2CNWAuQqA.jpg

Requested by

Host: northfitnesssport.com
URL: http://northfitnesssport.com/

Protocol

HTTP/1.1

Server

154.209.53.17 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://northfitnesssport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 13:20:18 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Tue, 31 Oct 2023 05:47:47 GMT
Server: nginx
ETag: "65409503-33a8d"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 211597
Expires: Wed, 03 Jan 2024 13:20:18 GMT

GET
H/1.1 200
OK unnamed.png
northfitnesssport.com/pic/ 47 KB
48 KB 248ms
247ms Image
image/png 154.209.53.17
POWERLINE-AS-AP P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://northfitnesssport.com/pic/unnamed.png

Requested by

Host: northfitnesssport.com
URL: http://northfitnesssport.com/

Protocol

HTTP/1.1

Server

154.209.53.17 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://northfitnesssport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 13:20:18 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Tue, 31 Oct 2023 05:42:40 GMT
Server: nginx
ETag: "654093d0-bd9d"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 48541
Expires: Wed, 03 Jan 2024 13:20:18 GMT

GET
H/1.1 200
OK %E0%B8%9B%E0%B8%81%E0%B8%AD%E0%B8%B1%E0%B8%9E%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87-supersportskick.jpg
supersportskick.s3.ap-southeast-1.amazonaws.com/2023/11/%E0%B8%9B%E0%B8%81%E0%B8%AD%E0%B8%B1%E0%B8%9E%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87/ 68 KB
0 974ms
321ms Image
image/jpeg 52.219.164.162
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://supersportskick.s3.ap-southeast-1.amazonaws.com/2023/11/%E0%B8%9B%E0%B8%81%E0%B8%AD%E0%B8%B1%E0%B8%9E%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87/%E0%B8%9B%E0%B8%81%E0%B8%AD%E0%B8%B1%E0%B8%9E%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87-supersportskick.jpg
Requested by: Host: northfitnesssport.com
URL: http://northfitnesssport.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.164.162 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://northfitnesssport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 13:20:20 GMT
Last-Modified: Sat, 04 Nov 2023 06:40:34 GMT
Server: AmazonS3
x-amz-request-id: PD82Y03DKSBWVHFY
ETag: "855866e73bcfa501382e6139707d43b2"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 1143068
x-amz-id-2: DSj4BVj3xEkCwV2BGz88+gOlwNBQlapNpHzu3R4T5M2b7P8bdDhJyviM5m/+1k1ugyJKD8Cv1ZE=

GET
H2 200 football-PhY1cm7kGH.jpg
stepzeed.com/picture/ 31 KB
31 KB 311ms
132ms Image
image/jpeg 2606:4700:3033::ac43:8b48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stepzeed.com/picture/football-PhY1cm7kGH.jpg
Requested by: Host: northfitnesssport.com
URL: http://northfitnesssport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:8b48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e48e2f4745beb447ec59900202da3cab6684af0b9daa3631dfeac57166358698

Request headers

accept-language: en-US,en;q=0.9
Referer: http://northfitnesssport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:18 GMT
cf-cache-status: MISS
last-modified: Sun, 15 Mar 2020 05:48:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e6dc1a5-7bf3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DhDwqrZXpsN5%2F9MFzBpES0RF1JIsiE3%2FYYsN38vBjnc6Krp5XyE5jGITLzdq1izIOmoHm2t1dgTkdGdSQO2P8fY6vCv6XIh9icBwSYRLk4HREbY44g3LvrUPIxotMK0PNopxqcvUU39nxNs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 830458960e104bc7-BUF
alt-svc: h3=":443"; ma=86400
content-length: 31731

GET
H2 200 football-DwLo5sfWOw.jpg
stepzeed.com/picture/ 32 KB
33 KB 265ms
142ms Image
image/jpeg 2606:4700:3033::ac43:8b48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stepzeed.com/picture/football-DwLo5sfWOw.jpg
Requested by: Host: northfitnesssport.com
URL: http://northfitnesssport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:8b48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7ee0335577160abed158601afd142953d5d5a7003c090afc82a0543f4b7cec0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://northfitnesssport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:18 GMT
cf-cache-status: MISS
last-modified: Sun, 26 Apr 2020 06:23:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5ea528d8-8131"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ODEN%2B3Mj8o3y6XDbbXX2KMGD9s2tqGUr5UikBQ465XSYQHQLN2Xg%2BhLtFRmsHwOekaukx%2FHhjAvAvkF4mIY2K8bAbiG8IOsI4och6b3ljJOJgTapLCVnwNOtuiRyDRPuYcrJYL3K8Oz5IfA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 830458960e0f4bc7-BUF
alt-svc: h3=":443"; ma=86400
content-length: 33073

GET 2023-11-05T221015Z_726985025_UP1EJB51PL27C_RTRMADP_3_SOCCER-SPAIN-MAD-RAY-728x520.jpg
www.matichon.co.th/wp-content/uploads/2023/11/ 0
0

GET S__183574533.jpg
northfitnesssport.com/pic/ 0
0

GET 2023-10-21T180545Z_1653826997_UP1EJAL1E9J9B_RTRMADP_3_SOCCER-ITALY-TOR-INT-REPORT1-728x520.jpg
www.matichon.co.th/wp-content/uploads/2023/10/ 0
0

GET
H2 200 football-lX2EV6vRMO.jpg
stepzeed.com/picture/ 22 KB
23 KB 295ms
175ms Image
image/jpeg 2606:4700:3033::ac43:8b48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stepzeed.com/picture/football-lX2EV6vRMO.jpg
Requested by: Host: northfitnesssport.com
URL: http://northfitnesssport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:8b48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2f7f719c5116382bb1df2e95ed86098299b38527249f8210af3be3c97d67665

Request headers

accept-language: en-US,en;q=0.9
Referer: http://northfitnesssport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:18 GMT
cf-cache-status: MISS
last-modified: Thu, 05 Mar 2020 05:44:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e6091d9-591f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=phw9myED5JfAegOsvTrLio9gOMJ75wb0RF04L%2FwIBgt5ShU0LnndQzins%2BLzPDbGgVKeRSrm2wnC%2Br4mNuE9SqI20lQ9dzXqVc137RW%2Fei7Fv1RZ73h8K4pfYZA1F2m%2BEilZnMn%2FnM46I1Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 830458960e114bc7-BUF
alt-svc: h3=":443"; ma=86400
content-length: 22815

GET
H2 200 football-jhC6mXnqFE.jpg
stepzeed.com/picture/ 60 KB
61 KB 297ms
176ms Image
image/jpeg 2606:4700:3033::ac43:8b48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stepzeed.com/picture/football-jhC6mXnqFE.jpg
Requested by: Host: northfitnesssport.com
URL: http://northfitnesssport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:8b48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae8982a0a7a70260e1e1812ded0d5f6fe6c7a73b7e26a308aa846f844e093ff2

Request headers

accept-language: en-US,en;q=0.9
Referer: http://northfitnesssport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:19 GMT
cf-cache-status: MISS
last-modified: Sat, 25 Apr 2020 03:51:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5ea3b3c7-f0e7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gQHu8DsiXv%2BCVSNQvbP7KFwFPeTlzS4llIW%2FZAgrERNiLmcQS3HZDw6wjSm8LwqVAaTh4pYgPE2rU3IH8Bq9DTkx%2BLOaYAOMVaJKBjxkrWIEnnQrxmZvDDfC0AOOOxGl59L%2BDXRo4%2FRnsdo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 830458960e124bc7-BUF
alt-svc: h3=":443"; ma=86400
content-length: 61671

GET 2023-10-05T195253Z_1055483544_UP1EJA51J8228_RTRMADP_3_SOCCER-EUROPA-HAI-PAN-REPORT-728x520.jpg
www.matichon.co.th/wp-content/uploads/2023/10/ 0
0

GET
H/1.1 200
OK close.svg
northfitnesssport.com/template/news/baike009/th-skin/fonts/ 3 KB
3 KB 1183ms
253ms Image
image/svg+xml 154.209.53.17
POWERLINE-AS-AP P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://northfitnesssport.com/template/news/baike009/th-skin/fonts/close.svg

Requested by

Host: northfitnesssport.com
URL: http://northfitnesssport.com/template/news/baike009/th-skin/css/style.css

Protocol

HTTP/1.1

Server

154.209.53.17 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://northfitnesssport.com/template/news/baike009/th-skin/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 13:20:19 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 04 Aug 2023 05:18:38 GMT
Server: nginx
ETag: "64cc8a2e-b55"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2901

GET
H/1.1 200
OK harmonyos_sans_sc_medium.subset.woff2
northfitnesssport.com/template/news/baike009/th-skin/fonts/ 445 KB
0 485ms
247ms Font
font/woff2 154.209.53.17
POWERLINE-AS-AP P...

General

Check archive.org

Show headers Download Go to

Full URL

http://northfitnesssport.com/template/news/baike009/th-skin/fonts/harmonyos_sans_sc_medium.subset.woff2

Requested by

Host: northfitnesssport.com
URL: http://northfitnesssport.com/template/news/baike009/th-skin/css/style.css

Protocol

HTTP/1.1

Server

154.209.53.17 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://northfitnesssport.com/template/news/baike009/th-skin/css/style.css
Origin: http://northfitnesssport.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 13:20:19 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 31 Jul 2023 17:11:42 GMT
Server: nginx
ETag: "64c7eb4e-dd6e8"
Content-Type: font/woff2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 906984

GET
H/1.1 200
OK font-woff2.woff2
northfitnesssport.com/template/news/baike009/th-skin/fonts/ 7 KB
7 KB 976ms
248ms Font
font/woff2 154.209.53.17
POWERLINE-AS-AP P...

General

Check archive.org

Show headers Download Go to

Full URL

http://northfitnesssport.com/template/news/baike009/th-skin/fonts/font-woff2.woff2

Requested by

Host: northfitnesssport.com
URL: http://northfitnesssport.com/template/news/baike009/th-skin/css/style.css

Protocol

HTTP/1.1

Server

154.209.53.17 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://northfitnesssport.com/template/news/baike009/th-skin/css/style.css
Origin: http://northfitnesssport.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 13:20:19 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 31 Jul 2023 17:11:42 GMT
Server: nginx
ETag: "64c7eb4e-1c90"
Content-Type: font/woff2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7312

GET
H/1.1 200
OK FjallaOne-Regular.ttf
northfitnesssport.com/template/news/baike009/th-skin/font/ 39 KB
12 KB 1360ms
397ms Font
text/html 154.209.53.17
POWERLINE-AS-AP P...

General

Check archive.org

Show headers Download Go to

Full URL

http://northfitnesssport.com/template/news/baike009/th-skin/font/FjallaOne-Regular.ttf

Requested by

Host: northfitnesssport.com
URL: http://northfitnesssport.com/template/news/baike009/th-skin/css/style.css

Protocol

HTTP/1.1

Server

154.209.53.17 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://northfitnesssport.com/template/news/baike009/th-skin/css/style.css
Origin: http://northfitnesssport.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 13:20:19 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK VnGv17WtmNR8fpZ9cdZs.jpg
northfitnesssport.com/pic/ 127 KB
127 KB 1285ms
244ms Image
image/jpeg 154.209.53.17
POWERLINE-AS-AP P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://northfitnesssport.com/pic/VnGv17WtmNR8fpZ9cdZs.jpg

Requested by

Host: northfitnesssport.com
URL: http://northfitnesssport.com/

Protocol

HTTP/1.1

Server

154.209.53.17 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://northfitnesssport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 13:20:20 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Tue, 31 Oct 2023 06:01:32 GMT
Server: nginx
ETag: "6540983c-1fa68"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 129640
Expires: Wed, 03 Jan 2024 13:20:20 GMT

GET
H/1.1 200
OK body5-1.jpg
northfitnesssport.com/pic/ 119 KB
0 1285ms
245ms Image
image/jpeg 154.209.53.17
POWERLINE-AS-AP P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://northfitnesssport.com/pic/body5-1.jpg

Requested by

Host: northfitnesssport.com
URL: http://northfitnesssport.com/

Protocol

HTTP/1.1

Server

154.209.53.17 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://northfitnesssport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 13:20:20 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Thu, 02 Nov 2023 06:40:47 GMT
Server: nginx
ETag: "6543446f-10aa2a"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1092138
Expires: Wed, 03 Jan 2024 13:20:20 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
248 B 118ms
44ms Ping
text/plain 2607:f8b0:4004:c19::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-JVB9KQ5X28&gtm=45je3bt0v9169962751&_p=1701696018676&gcd=11l1l1l1l1&dma=0&cid=1046219052.1701696019&ul=en-us&sr=1600x1200&_s=1&sid=1701696018&sct=1&seg=0&dl=http%3A%2F%2Fnorthfitnesssport.com%2F&dt=slot%20%E0%B9%81%E0%B8%95%E0%B8%81%20%E0%B8%87%E0%B9%88%E0%B8%B2%E0%B8%A2%20%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B8%A1%E0%B8%B5%20%E0%B8%82%E0%B8%B1%E0%B9%89%E0%B8%99%20%E0%B8%95%E0%B9%88%E0%B9%8D%E0%B8%B2%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%81%E0%B8%B5%E0%B8%AC%E0%B8%B2%20%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%9F%E0%B8%B8%E0%B8%95%E0%B8%9A%E0%B8%AD%E0%B8%A5&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4565
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JVB9KQ5X28
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c19::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://northfitnesssport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 13:20:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://northfitnesssport.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Primary Request / Show response
www.gfkaqs.xyz/ 17 KB
12 KB 782ms
703ms Document
text/html 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gfkaqs.xyz/
Requested by: Host: northfitnesssport.com
URL: http://northfitnesssport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.33
Resource Hash: 898e89757fdc3ac35768e8194e3137b4931fa1d4c5f13084c216a9e7546f476f

Request headers

Referer: http://northfitnesssport.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, Source, Accept-Currency
access-control-allow-methods: POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers: Authorization, Set-Cookie
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 83045899f9a136b7-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 13:20:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=su8MCO2fzyRl6i1ZHscuhXmfMZ52TC0nEHayglr9iN1y1pOVGPV1mU%2BJXkddaS0HWjCRp2aPxvKkbxEkgoAJIWhpgfWJjo9A3thj0I3Th2SD6Vy%2BBpZRBHLPYdDgQP5JUA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.2.33
x-ratelimit-limit: 300
x-ratelimit-remaining: 299

POST collect
www.google-analytics.com/g/ 0
0

GET
H2 200 langjs Show response
www.gfkaqs.xyz/ 267 KB
74 KB 416ms
409ms Script
application/javascript 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gfkaqs.xyz/langjs
Requested by: Host: www.gfkaqs.xyz
URL: https://www.gfkaqs.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.33
Resource Hash: 18083b6c1e1893d11f9d0beee5f7bfd90f074dd911480d6ebc3eafd633d58209

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:20 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.2.33
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: "4c5e46809ecb63f6fcdea369f9200a7123f90d4d"
x-ratelimit-remaining: 299
access-control-allow-methods: POST, PUT, GET, DELETE, HEAD, OPTION
content-type: application/javascript; charset=utf-8
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Uk2q65hZVBitkk9BkT2uF8bVOoxZ2gMDcMeGLi%2Fs%2FJc5XT4391XUvprbr96go4zPTqekDx4yPkRM5%2F237X8jWcy8W8AMayMdEZzfwXfGmfm2xCQyG%2BH4o5l0eZfK1Hgxg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Authorization, Set-Cookie
cache-control: public, max-age=3600, s-maxage=120, stale-while-revalidate=3600, stale-if-error=3600, no-transform, private
access-control-allow-credentials: true
x-ratelimit-limit: 300
cf-ray: 8304589f3f7636b7-YYZ
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, Source, Accept-Currency

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 187 KB
68 KB 60ms
54ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-216184968-1

Requested by

Host: www.gfkaqs.xyz
URL: https://www.gfkaqs.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8e9d603924ce0c93e95dbdd4972cf12cb42abea0bf1b8236100706296d995a11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 69065
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 13:20:20 GMT

GET
H2 200 0.9c2f962e345395fdf66f.css
www.gfkaqs.xyz/webx/thai/desktop/styles/ 9 KB
2 KB 40ms
34ms Stylesheet
text/css 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gfkaqs.xyz/webx/thai/desktop/styles/0.9c2f962e345395fdf66f.css?v=23.09.07.97572

Requested by

Host: www.gfkaqs.xyz
URL: https://www.gfkaqs.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7879bdfa80b78ef49786bc8e66f3bdd0174ee05b02d0ade6f0a9fcf3f53c1057

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:20 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4913
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1
last-modified: Tue, 07 Nov 2023 17:59:58 GMT
server: cloudflare
etag: W/"654a7b1e-2421"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DF%2B%2FbDRDDhZpZ43ZzIKNPBCFlOzJMy4v6rxkqyt6S2M4yhl5Ymda55BY%2BJP459hmodnew3f9xQuMuZcymf%2BI4K0GKxM6CnBw0a8xgKYgfbv%2FxYf6Q5umiBR3ZZT7DskEQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 8304589f3f7436b7-YYZ
expires: Thu, 07 Dec 2023 04:02:42 GMT

GET
H2 200 index.9c2f.css
www.gfkaqs.xyz/webx/thai/desktop/styles/ 1 MB
196 KB 48ms
42ms Stylesheet
text/css 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gfkaqs.xyz/webx/thai/desktop/styles/index.9c2f.css?v=23.09.07.97572

Requested by

Host: www.gfkaqs.xyz
URL: https://www.gfkaqs.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a24ccdf94012cd228d284feffbf26985d02c97bc65982361884e2eb41cfa06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:20 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 39304
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1
last-modified: Tue, 07 Nov 2023 17:59:58 GMT
server: cloudflare
etag: W/"654a7b1e-15125c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15OeDCSasyCqW53T17T2A2lQmPu%2FLW1BjX3wX%2BD9gunZxfkjRFm8JsylGm3ZSEbsc2MJh45dGAaWpukqiP%2FQPB%2BjeYlYaCMcxXyJPfbAmrbbH20AQzFkLWzoUbLtnkXxiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 8304589f3f7536b7-YYZ
expires: Sun, 10 Dec 2023 05:14:40 GMT

GET
H2 200 chunk.vendor.447e.js Show response
www.gfkaqs.xyz/webx/thai/desktop/javascript/ 766 KB
236 KB 77ms
72ms Script
application/x-javascript 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gfkaqs.xyz/webx/thai/desktop/javascript/chunk.vendor.447e.js?v=23.09.07.97572

Requested by

Host: www.gfkaqs.xyz
URL: https://www.gfkaqs.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48cfe55e60f4bfed580a0384f7aff9b58fd6431c46ae17793de704348c5433e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:20 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45815
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1
last-modified: Tue, 07 Nov 2023 17:59:57 GMT
server: cloudflare
etag: W/"654a7b1d-bf60a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HM6qthcY81zSJOWE%2Bbrv%2F3SVzmroOAdYubc%2B6ruHvyPHaUENUfFYcbYl%2FCQ8VTBxW7ITVDhZGrt1bVjFepdVX443bvDpXa2suQRqp3z4SzJc3%2FBJHGyw9WMCbPu1klc8Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=604800
cf-ray: 8304589f3f7936b7-YYZ
expires: Wed, 06 Dec 2023 02:34:04 GMT

GET
H2 200 base.9c2f.js Show response
www.gfkaqs.xyz/webx/thai/desktop/javascript/ 10 KB
4 KB 45ms
39ms Script
application/x-javascript 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gfkaqs.xyz/webx/thai/desktop/javascript/base.9c2f.js?v=23.09.07.97572

Requested by

Host: www.gfkaqs.xyz
URL: https://www.gfkaqs.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef3126465166728369e668d99516a95e58e6f9cee7e6967cdad2c187490a75d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:20 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4913
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1
last-modified: Tue, 07 Nov 2023 17:59:57 GMT
server: cloudflare
etag: W/"654a7b1d-26b1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Yv2SyzZJDKSJMhyxBacLya77D1FJMbiJYGnJwsRnWbO8MCqqj%2BHWZmyrLpMIaPY1cjCYM1btiWB3dZQGW7C5EnzPZn9AXVM0VZxyD35%2Fq3xzIo5FW1mPeUhH9fG5N9k2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=604800
cf-ray: 8304589f3f7b36b7-YYZ
expires: Wed, 06 Dec 2023 02:34:04 GMT

GET
H2 200 bootstrap.9c2f.js Show response
www.gfkaqs.xyz/webx/thai/desktop/javascript/ 9 KB
4 KB 41ms
36ms Script
application/x-javascript 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gfkaqs.xyz/webx/thai/desktop/javascript/bootstrap.9c2f.js?v=23.09.07.97572

Requested by

Host: www.gfkaqs.xyz
URL: https://www.gfkaqs.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9081a1b133ff7e4431abe889822ce12bbe6a795c9148c5aa39c20ee9be344fad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:20 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4913
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1
last-modified: Tue, 07 Nov 2023 17:59:57 GMT
server: cloudflare
etag: W/"654a7b1d-25ef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ay9jqgg6YP4pdiAH0b%2FP6EiIr9v0NLENzMkli25cb9o7myZYEfuXWECZwpDVltho6v91CSzFa0VrVeBAUCmSTQ4zIKBzncvw6ZsCMCpT%2BQQzzixv7l7ukg0Ig03px7IRnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=604800
cf-ray: 8304589f3f7c36b7-YYZ
expires: Sun, 10 Dec 2023 05:14:40 GMT

GET
H2 200 index.9c2f.js Show response
www.gfkaqs.xyz/webx/thai/desktop/javascript/ 982 KB
246 KB 73ms
72ms Script
application/x-javascript 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gfkaqs.xyz/webx/thai/desktop/javascript/index.9c2f.js?v=23.09.07.97572

Requested by

Host: www.gfkaqs.xyz
URL: https://www.gfkaqs.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1b8bacb41b0c1812dda29921c2d28b783592932f731a7b8be9eb557d87926d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:20 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4913
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1
last-modified: Tue, 07 Nov 2023 17:59:57 GMT
server: cloudflare
etag: W/"654a7b1d-f5711"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UIM2E2ipmPNctp73Nm7V%2BzpXLE3VS7xPkzWl2vf%2FR8XrvyOaIlAwrPFjSli6OvG16Iq7lOQUaxzk0gDGzfV9nNLtBDvx6LnTE8Losku%2F1Sm0jEarYFiUjSVnlZC18rBD%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=604800
cf-ray: 8304589f3f7f36b7-YYZ
expires: Wed, 06 Dec 2023 00:26:52 GMT

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0051913dbf93613c3474174f5f0c83d395cc532e2d070d998d8faecf0f9f487

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
83 KB 132ms
111ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BMFBXX9PVL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-216184968-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f544d00cdddbeb889ed4b9229e2398b0b3c4cbd7918e80883ba748e73e9885b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85399
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 13:20:21 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
78 KB 130ms
109ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-13DBJW3C0C&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-216184968-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0e4afbfdb60c314664d574f35479249762348e140d286f52ec3c1f92a3843778

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79474
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 13:20:21 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 51ms
36ms Script
text/javascript 2607:f8b0:4004:c19::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-216184968-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 13:01:01 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1160
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 04 Dec 2023 15:01:01 GMT

GET
H3 200 / Show response
www.gfkaqs.xyz/api/settings/ 4 KB
2 KB 704ms
703ms XHR
application/json 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gfkaqs.xyz/api/settings/?fields=
Requested by: Host: www.gfkaqs.xyz
URL: https://www.gfkaqs.xyz/webx/thai/desktop/javascript/chunk.vendor.447e.js?v=23.09.07.97572
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.33
Resource Hash: 84972bf81dc3e4c07bed4655606cbc9202daf156e7772d77aa34f046cc412800

Request headers

Accept-Language: en-US,en;q=0.9
Source: 1
Authorization: bearer undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/vnd.sc-api.v1.json
Accept: application/json, text/plain, */*
Referer: https://www.gfkaqs.xyz/
UUID
Accept-Currency: thb

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.2.33
alt-svc: h3=":443"; ma=86400
x-runtime: 0.077
server: cloudflare
vary: Accept-Encoding
x-ratelimit-remaining: 299
content-type: application/json
access-control-max-age: 86400
access-control-allow-methods: POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers: Authorization, Set-Cookie
cache-control: max-age=0, no-cache, no-store, private
access-control-allow-credentials: true
x-ratelimit-limit: 300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=45B3wcWfQcySiqk6RThDLIYC6RuG9k%2Btg7%2BacL97f8Iy910afeJ38t6huaR6tJoQYbFNu4nCG3ewNZ0iew%2B895Hycejdz40FXhZwxmvD9nxVRcB4HMdbEXFHVgLHh4PW1w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 830458a6a89d548b-YYZ
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, Source, Accept-Currency

GET
H3 200 recommend Show response
www.gfkaqs.xyz/api/ads/ 69 B
700 B 754ms
753ms XHR
application/json 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gfkaqs.xyz/api/ads/recommend
Requested by: Host: www.gfkaqs.xyz
URL: https://www.gfkaqs.xyz/webx/thai/desktop/javascript/chunk.vendor.447e.js?v=23.09.07.97572
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.33
Resource Hash: b13e5b68614541ae67b4b12733ca77cf5b94b0b887c08820c470bc46bffef14f

Request headers

Accept-Language: en-US,en;q=0.9
Source: 1
Authorization: bearer undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/vnd.sc-api.v1.json
Accept: application/json, text/plain, */*
Referer: https://www.gfkaqs.xyz/
UUID
Accept-Currency: thb

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.2.33
alt-svc: h3=":443"; ma=86400
x-runtime: 0.090
server: cloudflare
vary: Accept-Encoding
x-ratelimit-remaining: 299
content-type: application/json
access-control-max-age: 86400
access-control-allow-methods: POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers: Authorization, Set-Cookie
cache-control: max-age=0, no-cache, no-store, private
access-control-allow-credentials: true
x-ratelimit-limit: 300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qsnEW64imXMGvEPRqVAPDHYDVNoqNH1UvkHX6B3bBbAPv4V97G8rgtEfGlxnHg393BRtiUKO7nxBDwVUK2dw%2BPfZpwtsCieUiInU3G0l%2Bdtm4f4ykzeY7bORsxzI7znvQA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 830458a6b8a4548b-YYZ
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, Source, Accept-Currency

GET
H2 200 loader_v3.8.5.js Show response
fpnpmcdn.net/v3/Qf03IlZvWYpiAIoayrbo/ 128 KB
43 KB 338ms
42ms Script
text/javascript 18.238.4.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fpnpmcdn.net/v3/Qf03IlZvWYpiAIoayrbo/loader_v3.8.5.js

Requested by

Host: www.gfkaqs.xyz
URL: https://www.gfkaqs.xyz/webx/thai/desktop/javascript/chunk.vendor.447e.js?v=23.09.07.97572

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-13.phl51.r.cloudfront.net

Software

CloudFront /

Resource Hash

93f83570bda95caee88501257d0187235320b0b74ada5dc2d5c31058fc5e2dd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Nov 2023 21:40:37 GMT
via: 1.1 4ceb2989b2985c33abee5da8ac0ecbcc.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 488384
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
server: CloudFront
etag: W/"1H3IOnH600MgJpWjgZ6bOKrpoRk"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3665, s-maxage=582094
timing-allow-origin: *
x-amz-cf-id: hc-ad_waQ8Uv1hJxi6hFIIyzx8TV94JSUF0vzgDjfK95d5SP5QbHuA==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 43ms
42ms XHR
text/plain 2607:f8b0:4004:c19::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1042277622&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gfkaqs.xyz%2F&dr=http%3A%2F%2Fnorthfitnesssport.com%2F&ul=en-us&de=UTF-8&dt=ruled8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=266637490&gjid=1095025377&cid=755955087.1701696022&tid=UA-216184968-1&_gid=1746201588.1701696022&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1710782792

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gfkaqs.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 13:20:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gfkaqs.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 52ms
52ms Ping
text/plain 2607:f8b0:4004:c19::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-13DBJW3C0C&gtm=45je3bt0v9109910463&_p=1701696021132&gcd=11l1l1l1l1&dma=0&cid=755955087.1701696022&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1701696021&sct=1&seg=0&dl=https%3A%2F%2Fwww.gfkaqs.xyz%2F&dr=http%3A%2F%2Fnorthfitnesssport.com%2F&dt=ruled8&en=page_view&_fv=1&_ss=1&tfd=2294
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-13DBJW3C0C&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c19::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 13:20:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gfkaqs.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 42ms
41ms Ping
text/plain 2607:f8b0:4004:c19::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-BMFBXX9PVL&gtm=45je3bt0v878597460&_p=1701696021132&gcd=11l1l1l1l1&dma=0&cid=755955087.1701696022&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1701696021&sct=1&seg=0&dl=https%3A%2F%2Fwww.gfkaqs.xyz%2F&dr=http%3A%2F%2Fnorthfitnesssport.com%2F&dt=ruled8&en=page_view&_fv=1&_ss=1&tfd=2308
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BMFBXX9PVL&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c19::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 13:20:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gfkaqs.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wVl1 Show response
api.fpjs.io/t2ocDa/sudno/ 96 B
464 B 175ms
54ms XHR
text/plain 76.223.60.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fpjs.io/t2ocDa/sudno/wVl1

Requested by

Host: fpnpmcdn.net
URL: https://fpnpmcdn.net/v3/Qf03IlZvWYpiAIoayrbo/loader_v3.8.5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.223.60.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a46a250059e296ddb.awsglobalaccelerator.com

Software

nginx/1.22.1 /

Resource Hash

46bba08477e85e0500aece1bedd9a48f2a6e8e9609cd8d48762c84809a16c9bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
server: nginx/1.22.1
x-content-type-options: nosniff
x-frame-options: DENY
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Retry-After
cache-control: max-age=31536000, immutable, private
timing-allow-origin: *
x-robots-tag: noindex
content-length: 96

GET
H3 200 methods.js Show response
www.gfkaqs.xyz/webx/thai/static/ 335 KB
17 KB 282ms
281ms Script
application/x-javascript 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gfkaqs.xyz/webx/thai/static/methods.js?380f400f

Requested by

Host: www.gfkaqs.xyz
URL: https://www.gfkaqs.xyz/webx/thai/desktop/javascript/index.9c2f.js?v=23.09.07.97572

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13e689ded4f00a9d10e94bdb927ea4a8defb5a6ea8da5b41689b02c3e71f5ad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1
last-modified: Tue, 17 Oct 2023 03:59:08 GMT
server: cloudflare
etag: W/"652e068c-53ced"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2FG6hSmtREdG%2Fe3uhMlqX%2BHbKDeB4DuhiMz%2FteHZ3YouGYcEKxJXQTM2Te9JIwEx8Udmz7M8B1HW0ReNqTZmgMFIwz5zmXZ3l17SI7qvLmFsog0SWKBtrUfbYdXxIvRmuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=604800
cf-ray: 830458ab8ce5548b-YYZ
expires: Sat, 09 Dec 2023 00:06:46 GMT

GET
H2 200 qr_code.png
thaicdn.gssdrf.xyz/thai/ 2 KB
3 KB 1113ms
951ms Image
image/png 104.21.70.95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thaicdn.gssdrf.xyz/thai/qr_code.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.70.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1b631d47da0320afbcf89ee2d832218e92edf73e3847dd828c37768f9602f9f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:23 GMT
cf-cache-status: HIT
last-modified: Wed, 18 Oct 2023 10:47:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652fb7c7-9ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DGfyBkv2hLZLv8ZB1aaNUpxGeS5052XHbd15zhZmfCNaXk8%2FW%2FBIKMUWD1siKtGpHMtPwbz%2F7LioAciYg3VoGFyagVJd0RfyKE8IaCY1KE0Hz0mRTFG6VIs8cwSQ6rnojVLt75w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458acca01a22e-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 2506
expires: Thu, 07 Dec 2023 23:22:05 GMT

GET
H3 200 312f3a.png
www.gfkaqs.xyz/webx/thai/desktop/images/ 10 KB
11 KB 344ms
340ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/webx/thai/desktop/images/312f3a.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fe891473d8d6ac3f24c5c3d2a6774cdcbe8ed90628d84140c6bc9257a3049f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 10627
x-xss-protection: 1
last-modified: Tue, 17 Oct 2023 03:57:23 GMT
server: cloudflare
etag: "652e0623-2983"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cq2hQW0vhVRRyPpUAuvVZ8F5iFbyvS8Qznl%2B4ywQJGtRtfBY9dujkJDtYVIdMJNRmNjD0w4lsAjoKhGnJ2xVTH9wrnNM5BaHn9vUav%2F9YwBa1ICycYn8tYnO0w671xA1Gw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458abcd08548b-YYZ
expires: Thu, 07 Dec 2023 04:52:59 GMT

GET
DATA 200
OK truncated
/ 894 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bfb7c0f7bcde6a3a2b77ce814a65902257e36a0fd18c08958d53a710a5af9b0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 73c9a6.png
www.gfkaqs.xyz/webx/thai/desktop/images/ 12 KB
13 KB 307ms
295ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/webx/thai/desktop/images/73c9a6.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa56b6e91349e5a4ec23ec116b233aea77368d19e30890a907769322b299d9f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 12552
x-xss-protection: 1
last-modified: Tue, 17 Oct 2023 03:57:26 GMT
server: cloudflare
etag: "652e0626-3108"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FnGwkBobtEWV%2BPN8SGfPdu1yHmt7ny92LuKbK1MUxoSZEg%2F5X7V2Zzv7tVR9QvmPKFbtyYCP4RlFXZSsAZ9k47cXNsAfZ8o1Cj7gvII5gwoTfT%2Bm0cgt7hTfJsoAUnSLtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458abdd13548b-YYZ
expires: Wed, 06 Dec 2023 05:03:21 GMT

GET
DATA 200
OK truncated
/ 815 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5fb5a5909e5abe1e91f38cc13e92f9276712460063920838225f941aacb46a7d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 f9b50b.png
www.gfkaqs.xyz/webx/thai/desktop/images/ 13 KB
13 KB 338ms
329ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/webx/thai/desktop/images/f9b50b.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3304502c51491ab00ecc7f8bc15e28d22d3a1707dfb2d8fa4e6edfc17736779a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 12913
x-xss-protection: 1
last-modified: Tue, 17 Oct 2023 03:57:40 GMT
server: cloudflare
etag: "652e0634-3271"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wEb44QCaodlodTX8xEwDNTuSa1fOz2DYbssLZFQOh9Yihl6TVW5eD3VYGzjFuc1XfdBuBiH7iAbtPJKLJG0UN9UqA9wevydV80O2g8FcP8V9NRgoGRThJqc8dier46YJVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458abdd16548b-YYZ
expires: Wed, 06 Dec 2023 23:31:53 GMT

GET
DATA 200
OK truncated
/ 561 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1b34bc91b851016219b349ad6731287edd8a672a397270649ce7e0182bb124c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 630e14.png
www.gfkaqs.xyz/webx/thai/desktop/images/ 11 KB
11 KB 291ms
282ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/webx/thai/desktop/images/630e14.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9088f66a8a5423a4e327b87527edaff838f348a45343bf012c3834397e29fa30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 11018
x-xss-protection: 1
last-modified: Tue, 17 Oct 2023 03:57:25 GMT
server: cloudflare
etag: "652e0625-2b0a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJWoLdwlU%2BTlNhOa79tYfHyCnGofHA0amb4sFix2gjmdkPkVcMNXG7bz%2BSsnfiauXpgFYrAY4kDlT18PrDNVEvmjSfiJIOjePCDrUv0By6XyJJSyPoP8Ma7ox3G5DWIQVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458abdd17548b-YYZ
expires: Wed, 06 Dec 2023 05:03:21 GMT

GET
DATA 200
OK truncated
/ 487 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c79846a535029361b34983a93c7bd2e5826224dad5aa7b9d35a09b38ca04b8a4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 f58eb6.png
www.gfkaqs.xyz/webx/thai/desktop/images/ 13 KB
13 KB 334ms
325ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/webx/thai/desktop/images/f58eb6.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e164dfb9bec8ff2337a09bd27a2274e8e43fa6a150c926081ce576fc66b97167

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 13308
x-xss-protection: 1
last-modified: Tue, 17 Oct 2023 03:57:40 GMT
server: cloudflare
etag: "652e0634-33fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kxKl8Jy69ojhUKM%2FYD2t8ciQnsugS%2Bi2cA6WKYkvDRwXtNzqPXqkNxce%2FTLH7KYbBeuiFziRVD50vGB%2F3zHBnk9URTbQxpeU%2FaAsc84rVnjeTwJ8r9%2FU8TVVGyifJNl%2BDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458abdd19548b-YYZ
expires: Thu, 07 Dec 2023 04:53:01 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2a332d6aa89b634f4d90cb3af077b1aa112c5e5bb136e2bc3e4a1ae6d597ba7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 532c19.png
www.gfkaqs.xyz/webx/thai/desktop/images/ 11 KB
12 KB 338ms
329ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/webx/thai/desktop/images/532c19.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f9d38d67b7b0e69c576f0fa75164e7c938e2b2d32f0eba69e34ad419f4ebc6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 11424
x-xss-protection: 1
last-modified: Tue, 17 Oct 2023 03:57:23 GMT
server: cloudflare
etag: "652e0623-2ca0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qA%2FVI1uJv3J00tJT%2F%2FWh9DHxzRj5DHIFW7n8P69XszKDelDO3B6FnICGaDreHPShh8xwIc86yWiWnQ39vugOHXbyBH9GZyVFpJwMBis85MhIVDNh6wbr5k2l0D5Cc%2FSsIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458abdd1a548b-YYZ
expires: Fri, 08 Dec 2023 22:15:41 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e9c5f1c0a361dc70ffc23bb9441a3c757d6b9ba1c144e4f589a314ad7bd3a81

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 7118b3.png
www.gfkaqs.xyz/webx/thai/desktop/images/ 14 KB
14 KB 280ms
274ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/webx/thai/desktop/images/7118b3.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

512301e3f8f76756501abdeed83e91bf51c91cfa518525a6185af2d31ae9c704

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 14256
x-xss-protection: 1
last-modified: Tue, 17 Oct 2023 03:57:26 GMT
server: cloudflare
etag: "652e0626-37b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ru5mkdntTWfkCwBV%2BKHEsvcPoJSvQMRTGi0DHt2LivdINxm5BP5ZTO0HXXGU3uCUVx6VQNMxo%2Bzw31nCMVl5xofWusp9D7iDCkMvSedfdRIRM7VsldZkQdqeYnZZLaW6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458abdd1b548b-YYZ
expires: Tue, 05 Dec 2023 02:19:28 GMT

GET
DATA 200
OK truncated
/ 692 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 903ae51c143c5e81e749f26ccacd27d5e4e508f97952e0d4911556fb731fe3a4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 70781e.png
www.gfkaqs.xyz/webx/thai/desktop/images/ 55 KB
55 KB 354ms
346ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/webx/thai/desktop/images/70781e.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a00ad9ffd47141673d80b0c22c589d7dbe5efbeb5bb3684737a0430151b5b4f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 56272
x-xss-protection: 1
last-modified: Tue, 17 Oct 2023 03:57:25 GMT
server: cloudflare
etag: "652e0625-dbd0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X5ULiy8krgoFiFcJMV50kVOJ87pYsJ%2BaBmaq%2BJb0biuMAJ3C6ZirI5%2F1R7RhCrUNxxW4fYZd3eBnngJrSAhyOPzIsGGgoUm38nngF03LhGzzX1v9PYcrUHq6HXsWiAPAKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458abdd1d548b-YYZ
expires: Thu, 07 Dec 2023 04:53:01 GMT

GET
H3 200 9cabdf.png
www.gfkaqs.xyz/webx/thai/desktop/images/ 11 KB
12 KB 310ms
302ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/webx/thai/desktop/images/9cabdf.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

febd7c6eb7796742b9e031038233f919cc7e6b7ae2b734513c97cbb346f7daa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 11366
x-xss-protection: 1
last-modified: Tue, 17 Oct 2023 03:57:32 GMT
server: cloudflare
etag: "652e062c-2c66"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8vw7S%2Fq8QTqTgtPtkE2h1bA9bamLALpo5RQ5FUdoSf42tkBTMJMm9KYT22NjM7AHRYFDpvDPf54nhpXzOWZiFRv9qOgdxeV9cLBZUOWxepvYi8w%2F%2Bw%2F%2B5cExZQxVaPN9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458abdd1e548b-YYZ
expires: Fri, 08 Dec 2023 09:58:03 GMT

GET
H3 200 9b18b0.png
www.gfkaqs.xyz/webx/thai/desktop/images/ 12 KB
12 KB 335ms
328ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/webx/thai/desktop/images/9b18b0.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3536a5828f4a36892866d326400cc153da7e86199b3277d9313982ca905f695

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 12285
x-xss-protection: 1
last-modified: Tue, 17 Oct 2023 03:57:32 GMT
server: cloudflare
etag: "652e062c-2ffd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJot6d6psrvpLPMqP1G1kX8LNJPBOjmVn8v4Cf%2BK9V3Jaa7Pe0EZykPurK7Xr0jm7THcn%2BZDD2m9DvtPVR6LBDJlaVSH%2FUGT9y9Q8MT0Bp5hi7SvqoFNWKtMEGjEHOwFIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458abdd1f548b-YYZ
expires: Thu, 07 Dec 2023 04:53:02 GMT

GET
DATA 200
OK truncated
/ 776 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a972af7e4af512224941b9db0cc59c3a1301820a9489d2d132c2c0336d1f12b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 afdc8a.png
www.gfkaqs.xyz/webx/thai/desktop/images/ 9 KB
10 KB 336ms
328ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/webx/thai/desktop/images/afdc8a.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb78f14ef94c36574fef2c68ad4674d9bb6ee7446ccfeac1ce95df99815b0054

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 9406
x-xss-protection: 1
last-modified: Tue, 17 Oct 2023 03:57:34 GMT
server: cloudflare
etag: "652e062e-24be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=81Tstqr3FwEkY9bMMUNR18CwzlAuliyKAQDPGkASTPTlEX0piF2ZbkRgeSkrObvHcKFiiEeyGAlNiRJ5uQJd8DuVJTuK1hfPjG7IeD88F%2F84ormOZ1OPDqcUMNKRRzmJow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458abdd21548b-YYZ
expires: Fri, 08 Dec 2023 09:58:03 GMT

GET
DATA 200
OK truncated
/ 1019 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e8767f47755b786ba33a8a5edb441065bd14711365ffffcc61811028bfee1d2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 972598.png
www.gfkaqs.xyz/webx/thai/desktop/images/ 9 KB
9 KB 331ms
324ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/webx/thai/desktop/images/972598.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e7b4f8bf9362cf56e8730fe72912e821ecab67d0e375b6941a7cb07aab9ecfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 9169
x-xss-protection: 1
last-modified: Tue, 17 Oct 2023 03:57:30 GMT
server: cloudflare
etag: "652e062a-23d1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4f%2FWV7DqMYXYjx8PX49Esla%2FKKcqrbKofPrsrFLR%2BN0QBq79BqX0no5q%2BKwQ2oE1KoK1FwqLzUDp%2FwxSgQyi8TjwvkPgWVubgP95Bu76sk%2FULIkv6p6%2Bw93r%2FpBWFVQBrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458abdd22548b-YYZ
expires: Tue, 05 Dec 2023 23:51:57 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ae76b043d8bec80721516f45acde1261b4c4d0a87e81202072e5c1bdc45e2c0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ed2d04.png
www.gfkaqs.xyz/webx/thai/desktop/images/ 61 KB
61 KB 347ms
341ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/webx/thai/desktop/images/ed2d04.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4e44ed193bbeb101dad5f8cf7cfb37c22278c018b0125ee005680fbd0a62c1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 62287
x-xss-protection: 1
last-modified: Tue, 17 Oct 2023 03:57:40 GMT
server: cloudflare
etag: "652e0634-f34f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnSTBYKT2rX0kPNoxrD%2FF7f%2Fz48tcfmPznSNVWb8Hp6Q8hAPgcqAcUL%2FLpZsxW3G8x%2F1WlDgL8ToaDVeMlCe7GkkRBpGet1C1hjPkqhlIKv151OnAza6RslxlMkTJsS7wg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458abdd23548b-YYZ
expires: Thu, 07 Dec 2023 04:53:02 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5982787564cca0095afcdd77636631d8a60098cf44b9187d9a9250287828fafa

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 a00b7c.png
www.gfkaqs.xyz/webx/thai/desktop/images/ 12 KB
13 KB 323ms
316ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/webx/thai/desktop/images/a00b7c.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5d81caf518ff0554ec211e33c639f908942c46ae57bb117e9733fa6937b514b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 12554
x-xss-protection: 1
last-modified: Tue, 17 Oct 2023 03:57:32 GMT
server: cloudflare
etag: "652e062c-310a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ORd6nTFTMPc6OBR%2BaTcq0LAT8lcAUpvj4Xjw3nxoGXAqC9goeNu63qEYJ7yXkmiEJpLJY3gjPwvq7XGrma7xtgny5%2FEtkpiny506PRfto5ylRpyiy7OdVFIvSJiELF4uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458abdd24548b-YYZ
expires: Tue, 05 Dec 2023 21:42:59 GMT

GET
DATA 200
OK truncated
/ 736 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 851fc285c69980f41dd0f6dd869544b10a525d97f0d8e26851c08cb9177ab6b1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ef643b.png
www.gfkaqs.xyz/webx/thai/desktop/images/ 133 KB
134 KB 294ms
288ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/webx/thai/desktop/images/ef643b.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e9e9195ff15c9ab7224d8dc4fbf10a78177cbfbb35d0e70c3b1f92926c69d33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 136525
x-xss-protection: 1
last-modified: Tue, 17 Oct 2023 03:57:40 GMT
server: cloudflare
etag: "652e0634-2154d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0f6lVcilGmxryIlRrQIYyljh0One%2FUeBJkXV06gRTY5E5W03Wz%2FOKMifDRMOFEF3qzgThc6zuwE30Fj3xIxwEmoBlwo2Z2GAuJGjhX0wvb4aue%2B0RrexpOasR%2Bai1Fs7JA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458abdd25548b-YYZ
expires: Sat, 09 Dec 2023 01:14:13 GMT

GET
H3 200 49b320.png
www.gfkaqs.xyz/webx/thai/desktop/images/ 91 KB
91 KB 389ms
382ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/webx/thai/desktop/images/49b320.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cea52a097bc0bb0ae696bc87358912573af70c9a0a229c4ca91837cd118da67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 93109
x-xss-protection: 1
last-modified: Tue, 17 Oct 2023 03:57:23 GMT
server: cloudflare
etag: "652e0623-16bb5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=usIQg5duEpdREfJ9B9NV%2FKbkAqteKGI8lGoBR014KNKbxXZbKqsPRTTZ4WRZrzKE2lrHLl94xkbD2Lez61%2FajsNKD8eRyIgvy3vGOCAkm3PHjW0wjlg3Eh6NDCU4ok%2FjNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458abdd26548b-YYZ
expires: Wed, 06 Dec 2023 04:09:01 GMT

GET
H3 200 67ff65.png
www.gfkaqs.xyz/webx/thai/desktop/images/ 128 KB
128 KB 330ms
323ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/webx/thai/desktop/images/67ff65.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fa33546cd51a8360eecee5854385bc8f56e66751ade71fe404f7f224e907226

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 130839
x-xss-protection: 1
last-modified: Tue, 17 Oct 2023 03:57:25 GMT
server: cloudflare
etag: "652e0625-1ff17"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZLuR1rAPw%2B9asa2lErUpoyTFgPlO2fm0fg%2F4lpb%2FE25wcYU3AFWJ3VQuluU6ttvwu%2FGNGsJaU0I9PXKPsO%2BDt5KNcSLm%2BuaGsYji1PF3zbZm%2Bp7p%2BRtvAcKuJ0oniOsMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458abdd29548b-YYZ
expires: Wed, 06 Dec 2023 04:09:01 GMT

GET
H3 200 eaf7a5.png
www.gfkaqs.xyz/webx/thai/desktop/images/ 127 KB
127 KB 356ms
350ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/webx/thai/desktop/images/eaf7a5.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f591592c03766061aa25e095949d306c55743c6db3c2019a252926ee8810965d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 129746
x-xss-protection: 1
last-modified: Tue, 17 Oct 2023 03:57:40 GMT
server: cloudflare
etag: "652e0634-1fad2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AsHz6rOHz8LieHTY3WkwnByq56IEGXnbGbzufpSdAzUxHJWK16RaJJ5jSBlGX1%2Fg6ts%2FgKzPVnDRh00TSw23dEvDnWjRLf11h4grlWSn%2B8as2HOr8h4tW0qFXYnKEwMq%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458abdd2a548b-YYZ
expires: Thu, 07 Dec 2023 04:53:02 GMT

GET
H3 200 29cf9a.png
www.gfkaqs.xyz/webx/thai/desktop/images/ 353 KB
353 KB 38ms
31ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/webx/thai/desktop/images/29cf9a.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e985fd957073ade0fd08cb61462b50d1070842a2d6243a8b6ab5269f1720c9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 289458
alt-svc: h3=":443"; ma=86400
content-length: 361295
x-xss-protection: 1
last-modified: Tue, 17 Oct 2023 03:57:22 GMT
server: cloudflare
etag: "652e0622-5834f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2pgnzxU5jeYsSzp2JPoOfw%2BJM3ABYUFvC3LkcH0ekMHcXOwYj3YflexQLoGzs0RPjenaNgSj3jqkXR5Ni5dF7j9%2FFFPZ9oMt%2Fl6uDnGyXyxhPsMScndX0lUsxZqBYIRL2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458abdd2b548b-YYZ
expires: Tue, 05 Dec 2023 02:19:28 GMT

GET
H3 200 43e749.png
www.gfkaqs.xyz/webx/thai/desktop/images/ 9 KB
9 KB 326ms
320ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/webx/thai/desktop/images/43e749.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02ac38ed4950f70d5bae2898a50c4a99f17b827e5b9da368afd050a2de86d38c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 9096
x-xss-protection: 1
last-modified: Tue, 17 Oct 2023 03:57:23 GMT
server: cloudflare
etag: "652e0623-2388"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5GHHZ%2Biqk29TO2wVLe28kWzNgSn%2BeibxzdSZko06oGB86AttYUQo%2BrS3hjRkt%2BOq4SGXMVeim9gqRyF9KWxr%2Fmno4cPnjeYS0yFAG6MAck27eGuuLEfw%2BZbAYGfJQlrRfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458abdd2d548b-YYZ
expires: Thu, 07 Dec 2023 08:53:33 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac7fe2e173a9dd5774d4afeb1ccbc7651daf2cb8b418e3a2d3690c7023e3b220

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 403 line_qr_code.png
thaicdn.iuerk.xyz/thai/ 0
0 188ms
37ms Image
text/html 45.60.62.140
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thaicdn.iuerk.xyz/thai/line_qr_code.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.62.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 banners Show response
www.gfkaqs.xyz/api/ads/1/ 2 KB
1 KB 461ms
461ms XHR
application/json 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gfkaqs.xyz/api/ads/1/banners?limit=20
Requested by: Host: www.gfkaqs.xyz
URL: https://www.gfkaqs.xyz/webx/thai/desktop/javascript/chunk.vendor.447e.js?v=23.09.07.97572
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.33
Resource Hash: a3233f8b863056161dbba3fbbc73c2e0c04e54923d5242609ea974e6a6e61cc4

Request headers

Accept-Language: en-US,en;q=0.9
Source: 1
Authorization: bearer undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/vnd.sc-api.v1.json
Accept: application/json, text/plain, */*
Referer: https://www.gfkaqs.xyz/
UUID
Accept-Currency: thb

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.2.33
alt-svc: h3=":443"; ma=86400
x-runtime: 0.082
server: cloudflare
vary: Accept-Encoding
x-ratelimit-remaining: 299
content-type: application/json
access-control-max-age: 86400
access-control-allow-methods: POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers: Authorization, Set-Cookie
cache-control: max-age=0, no-cache, no-store, private
access-control-allow-credentials: true
x-ratelimit-limit: 300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O5PZ3hhXjbpuGzcJIMhFgMfQ4lNCjmj6W7tjQQfqUnuCgFwJbf58cdLiD1rtoegRJ25ZPwsZbHdYy6VlCLb0UDwkCWsD3Cn0W7l6tEATdkZhPCI5hGCUReHcNauLk9Uarg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 830458abfd44548b-YYZ
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, Source, Accept-Currency

GET
H3 200 list Show response
www.gfkaqs.xyz/api/notice/ 3 KB
1 KB 461ms
461ms XHR
application/json 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gfkaqs.xyz/api/notice/list?page=1&per_page=10&sort=-istop,-sendtime
Requested by: Host: www.gfkaqs.xyz
URL: https://www.gfkaqs.xyz/webx/thai/desktop/javascript/chunk.vendor.447e.js?v=23.09.07.97572
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.33
Resource Hash: bd99e2c100abe549a04fc937e7087a37d152ead222494e560618a34edda8cc7a

Request headers

Accept-Language: en-US,en;q=0.9
Source: 1
Authorization: bearer undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/vnd.sc-api.v1.json
Accept: application/json, text/plain, */*
Referer: https://www.gfkaqs.xyz/
UUID
Accept-Currency: thb

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.2.33
alt-svc: h3=":443"; ma=86400
x-runtime: 0.103
server: cloudflare
vary: Accept-Encoding
x-ratelimit-remaining: 299
content-type: application/json
access-control-max-age: 86400
access-control-allow-methods: POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers: Authorization, Set-Cookie
cache-control: max-age=0, no-cache, no-store, private
access-control-allow-credentials: true
x-ratelimit-limit: 300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lbbp2np5teg4EsRPqGeGuRPSxqeQwhv7uVqRW5535Ik7iT1269PkAjROIIfbz7BKe3nIr3L%2BvJpTOCYyjGkiwpue%2Fa1Dx%2FEtrZo%2BjsIlBodlJ62ftOLRbgdmWwQ7EFHT8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 830458ac0d45548b-YYZ
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, Source, Accept-Currency

GET
H3 200 lists Show response
www.gfkaqs.xyz/api/game/jokertha/ 7 KB
2 KB 693ms
692ms XHR
application/json 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gfkaqs.xyz/api/game/jokertha/lists?page=1&per_page=50&type_name=&is_hot=1&source=
Requested by: Host: www.gfkaqs.xyz
URL: https://www.gfkaqs.xyz/webx/thai/desktop/javascript/chunk.vendor.447e.js?v=23.09.07.97572
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.33
Resource Hash: 05c75d6ab975b591b954abea45ba355b65d28643859fc7270677f4c0a0268134

Request headers

Accept-Language: en-US,en;q=0.9
Source: 1
Authorization: bearer undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/vnd.sc-api.v1.json
Accept: application/json, text/plain, */*
Referer: https://www.gfkaqs.xyz/
UUID
Accept-Currency: thb

Response headers

date: Mon, 04 Dec 2023 13:20:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.2.33
alt-svc: h3=":443"; ma=86400
x-runtime: 0.089
server: cloudflare
vary: Accept-Encoding
x-ratelimit-remaining: 299
content-type: application/json
access-control-max-age: 86400
access-control-allow-methods: POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers: Authorization, Set-Cookie
cache-control: max-age=0, no-cache, no-store, private
access-control-allow-credentials: true
x-ratelimit-limit: 300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wm6pR08M2l4eZVcItPQHNi13ttr4OUApv5AQafHaLWxDwa1F%2Bd64z5B0nPkBi5H3SWd0yIJaYmoi4PjV2%2BlWFwo5Np%2FKA1qrZlmGNSbDm%2Fmpy6GoYXeod5bEysQCaFxpww%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 830458ac0d4b548b-YYZ
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, Source, Accept-Currency

GET
H3 200 popular Show response
www.gfkaqs.xyz/api/game/ 1 KB
1 KB 717ms
716ms XHR
application/json 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gfkaqs.xyz/api/game/popular?source=
Requested by: Host: www.gfkaqs.xyz
URL: https://www.gfkaqs.xyz/webx/thai/desktop/javascript/chunk.vendor.447e.js?v=23.09.07.97572
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.33
Resource Hash: 50f227a42c7d22a796da5ff533679f0a7d9ef6e2e46bae3c2eb895ddfdf380dc

Request headers

Accept-Language: en-US,en;q=0.9
Source: 1
Authorization: bearer undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/vnd.sc-api.v1.json
Accept: application/json, text/plain, */*
Referer: https://www.gfkaqs.xyz/
UUID
Accept-Currency: thb

Response headers

date: Mon, 04 Dec 2023 13:20:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.2.33
alt-svc: h3=":443"; ma=86400
x-runtime: 0.129
server: cloudflare
vary: Accept-Encoding
x-ratelimit-remaining: 299
content-type: application/json
access-control-max-age: 86400
access-control-allow-methods: POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers: Authorization, Set-Cookie
cache-control: max-age=0, no-cache, no-store, private
access-control-allow-credentials: true
x-ratelimit-limit: 300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zN3%2FjFt35tZBILhWbFiTnabOjdafRprT6lDWjTBj60X3aefsHdf7lvVN%2B6Vw7hbS8to6Ftj%2BCDBk%2FNM2lzxYIe6y6w1K7CtKhai2LHYbGxSWFpIMnfJvfBBN7OIIqZPkgw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 830458ac0d4f548b-YYZ
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, Source, Accept-Currency

GET
H3 200 banner Show response
www.gfkaqs.xyz/api/activity/ 69 B
705 B 709ms
708ms XHR
application/json 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gfkaqs.xyz/api/activity/banner
Requested by: Host: www.gfkaqs.xyz
URL: https://www.gfkaqs.xyz/webx/thai/desktop/javascript/chunk.vendor.447e.js?v=23.09.07.97572
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.33
Resource Hash: b13e5b68614541ae67b4b12733ca77cf5b94b0b887c08820c470bc46bffef14f

Request headers

Accept-Language: en-US,en;q=0.9
Source: 1
Authorization: bearer undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/vnd.sc-api.v1.json
Accept: application/json, text/plain, */*
Referer: https://www.gfkaqs.xyz/
UUID
Accept-Currency: thb

Response headers

date: Mon, 04 Dec 2023 13:20:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.2.33
alt-svc: h3=":443"; ma=86400
x-runtime: 0.071
server: cloudflare
vary: Accept-Encoding
x-ratelimit-remaining: 299
content-type: application/json
access-control-max-age: 86400
access-control-allow-methods: POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers: Authorization, Set-Cookie
cache-control: max-age=0, no-cache, no-store, private
access-control-allow-credentials: true
x-ratelimit-limit: 300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FSe8tZKOM%2FwWZoIjov18uDQ81fhEsZ%2Fbnt4IzicojwVOZ7%2BUVx1NXPZx0Nxy5yqtkoY05%2BIPtOMoDQBd2GkidbjhZJ4GvuYXZwNAS1%2BpJ0x8xg9vuaN1PeoP6PklkPu2HA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 830458ac0d52548b-YYZ
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, Source, Accept-Currency

GET
H3 200 sale-info Show response
www.gfkaqs.xyz/api/lottery/ 18 KB
2 KB 1973ms
1973ms XHR
application/json 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gfkaqs.xyz/api/lottery/sale-info
Requested by: Host: www.gfkaqs.xyz
URL: https://www.gfkaqs.xyz/webx/thai/desktop/javascript/chunk.vendor.447e.js?v=23.09.07.97572
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.33
Resource Hash: b5ebc06db28da4ba4f354dd146c138af58622a03bbbf884c22c7c09db08fb65f

Request headers

Accept-Language: en-US,en;q=0.9
Source: 1
Authorization: bearer undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/vnd.sc-api.v1.json
Accept: application/json, text/plain, */*
Referer: https://www.gfkaqs.xyz/
UUID
Accept-Currency: thb

Response headers

date: Mon, 04 Dec 2023 13:20:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.2.33
alt-svc: h3=":443"; ma=86400
x-runtime: 1.403
server: cloudflare
vary: Accept-Encoding
x-ratelimit-remaining: 299
content-type: application/json
access-control-max-age: 86400
access-control-allow-methods: POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers: Authorization, Set-Cookie
cache-control: max-age=0, no-cache, no-store, private
access-control-allow-credentials: true
x-ratelimit-limit: 300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzaTDeXteFGCpQWOlOwrPT7%2FBFT6fpAMauZqQShFOMz2KDbiWtB3SMUMIlSpLxhm2Fm%2F4VWHA9iTFVb68ZlBWWZ0JVaJ5%2FtJFTIUnfbyqrE%2B7LUAXFic2Lmlmc47fElVqg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 830458ac0d56548b-YYZ
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, Source, Accept-Currency

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d34cb4a068a555feb82c6f9c62c90e534bd33c8d8145c6a3f60c79967a73d173

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 624 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3c8df88194cf6b263f9c9d07ccecd38f854699b882a0962416f1285871be542

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 193 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e33c5f741b39c67dec321e7414b6074a5d6ae7532a30739e67f64d78761ccadd

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3cf5ee39a75adb7c399ffd4e7e94fc25eba239c241cd86a5118a0e274181c413

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 534 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96f60d5c0254f5a97e5cf2994dce4f7e2739c22b62672e62c720f0635415e9f1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 395 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8227c854bca89ccd74e393deb7d5a87d53944e0ab8841c5ecd179c54b3ad9f13

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 385 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 959e739e559a5e1150313b14a8629c480d385dae1a05b892bcb004b2b29f5d51

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 512 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e53213908aec8f8bf897f95d7929c11e724c95c792ae88672194c15b1221dce

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 591 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b11d1f4ebd65dfc7278dd8609207835fd9515af6225776140fe971635dc10ba9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 360 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e0d57c49edf33f77c1588159629aed1e9edae7fb6ed8d44beabdaf123183beb

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 375 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6c1dc5156292c01b7f9bd9f5efeb5be0bb86d5ffb9ef97ceb4a86b4a9383225

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 423 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea10c9828b6a5abe99347587b410aa16dbad7ea044aa07284c88a06b5bcdad6f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 466 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06de98860df99f79b0119546810986a424cb579f5adc53248abd0106cb277c3c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 736 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f4d2a18b35f5b4b0f5fb7704a8fc4f89274b588f5c82ae5b0e6f42c991f1d2f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 e2ea76.jpg
www.gfkaqs.xyz/webx/thai/desktop/images/ 398 KB
399 KB 332ms
331ms Image
image/jpeg 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/webx/thai/desktop/images/e2ea76.jpg

Requested by

Host: www.gfkaqs.xyz
URL: https://www.gfkaqs.xyz/webx/thai/desktop/styles/index.9c2f.css?v=23.09.07.97572

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe7e966e732e9a1fa9166e283aef4e1752145da296a28b0f8b6c21daaab4912f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/webx/thai/desktop/styles/index.9c2f.css?v=23.09.07.97572
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 407853
x-xss-protection: 1
last-modified: Tue, 17 Oct 2023 03:57:40 GMT
server: cloudflare
etag: "652e0634-6392d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R6MxxbE7AVWVJLQCVHV%2B2m7GoIzXtwt%2FiyFGIeRbxyDl0NsmVsWu35PGvOwJUXXGPJ%2FEYf8cmKNy6B18DbzkijbyddyMdKEdABQ4IrldusKKY7O8UNniicohGbl5bhMt1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458ac1d65548b-YYZ
expires: Wed, 06 Dec 2023 05:03:21 GMT

GET
H3 200 550947.png
www.gfkaqs.xyz/webx/thai/desktop/images/ 15 KB
15 KB 335ms
335ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/webx/thai/desktop/images/550947.png

Requested by

Host: www.gfkaqs.xyz
URL: https://www.gfkaqs.xyz/webx/thai/desktop/styles/index.9c2f.css?v=23.09.07.97572

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

034ed61393ad1977ef0f33afd4c20531a9a88bfa8f845d0a8a788a6b380f5027

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/webx/thai/desktop/styles/index.9c2f.css?v=23.09.07.97572
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 15241
x-xss-protection: 1
last-modified: Tue, 17 Oct 2023 03:57:23 GMT
server: cloudflare
etag: "652e0623-3b89"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v67tRYpXBmfSBUPI5LOuf4BovAm%2FjK75mgiP9hIr8OWpCZD%2FMFDtHojPkOci7u%2F5m2TxthMLyrQ5lIxupxDvpEad8NWm3VjOb%2BaF%2Ffvcq5B%2FAAzF3%2Bo1fbUaikABB%2FXiWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458ac1d67548b-YYZ
expires: Sat, 09 Dec 2023 06:42:40 GMT

GET
H3 200 13ed84.png
www.gfkaqs.xyz/webx/thai/desktop/images/ 17 KB
18 KB 338ms
338ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/webx/thai/desktop/images/13ed84.png

Requested by

Host: www.gfkaqs.xyz
URL: https://www.gfkaqs.xyz/webx/thai/desktop/styles/index.9c2f.css?v=23.09.07.97572

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d01f39d2e0785692bda5bc39adcd2b322978b4c74512a73cca1433409eba91ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/webx/thai/desktop/styles/index.9c2f.css?v=23.09.07.97572
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 17660
x-xss-protection: 1
last-modified: Tue, 17 Oct 2023 03:57:20 GMT
server: cloudflare
etag: "652e0620-44fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LRtaqtb9BaXwtcggzO%2FqjfWytzZsv4jbPKKWc7HVlWuCmF1xZ68ti5jYfmURKTnhSW%2FXOLDmLL78dQLODynBq2L3Yjl4iYvbKaSFr9MogENfoOB6EYvHVv6%2BBz25JEYCJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458ac1d68548b-YYZ
expires: Fri, 08 Dec 2023 09:58:03 GMT

GET
H3 200 20e7db.png
www.gfkaqs.xyz/webx/thai/desktop/images/ 20 KB
21 KB 341ms
340ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/webx/thai/desktop/images/20e7db.png

Requested by

Host: www.gfkaqs.xyz
URL: https://www.gfkaqs.xyz/webx/thai/desktop/styles/index.9c2f.css?v=23.09.07.97572

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22ecc348e9b1adfee9857c297a8617ce55d7c9f98de47b5fce6dfd49e49b4f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/webx/thai/desktop/styles/index.9c2f.css?v=23.09.07.97572
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 20757
x-xss-protection: 1
last-modified: Tue, 17 Oct 2023 03:57:20 GMT
server: cloudflare
etag: "652e0620-5115"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DdNOxgRLj6YRxBOJxMNX9EmyLoIAl9K3O2Xu%2BX6QP%2BZ5PbPO72DWCaK5LrZz9iEexIWHmatPILC8X%2Bnj7c8Y3U8NEwAryi2fpySAiTkj%2BbIbrItZMVH5mB%2BpsuoZbspevw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458ac1d6a548b-YYZ
expires: Fri, 08 Dec 2023 02:12:29 GMT

GET
H3 200 24e59b.png
www.gfkaqs.xyz/webx/thai/desktop/images/ 17 KB
18 KB 345ms
344ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/webx/thai/desktop/images/24e59b.png

Requested by

Host: www.gfkaqs.xyz
URL: https://www.gfkaqs.xyz/webx/thai/desktop/styles/index.9c2f.css?v=23.09.07.97572

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5dc0b8707c2e6fad344302420f45431f7d7c1b2de33e3d6f0323c47649ed7e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/webx/thai/desktop/styles/index.9c2f.css?v=23.09.07.97572
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 17581
x-xss-protection: 1
last-modified: Tue, 17 Oct 2023 03:57:20 GMT
server: cloudflare
etag: "652e0620-44ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Tk0JSerxUZnK3bCzn2h0oHKEX%2FvCcPtarY1%2FubHHX2pHqkD%2FtSQz0OZ19cMeU%2F1466cH9JHLCVYueKSzg%2FEU1m%2FJ7QN5SuP%2FwFveVo9wx9s5uNcov10uzX0qu%2FLLeHvoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458ac1d6c548b-YYZ
expires: Thu, 07 Dec 2023 00:42:30 GMT

GET
H3 200 c5cae2.png
www.gfkaqs.xyz/webx/thai/desktop/images/ 15 KB
15 KB 345ms
345ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/webx/thai/desktop/images/c5cae2.png

Requested by

Host: www.gfkaqs.xyz
URL: https://www.gfkaqs.xyz/webx/thai/desktop/styles/index.9c2f.css?v=23.09.07.97572

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b56d99686ad5e375e1d3a301b884f837a6ea0a7d03cc744994f5089baa5269d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/webx/thai/desktop/styles/index.9c2f.css?v=23.09.07.97572
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 15214
x-xss-protection: 1
last-modified: Tue, 17 Oct 2023 03:57:40 GMT
server: cloudflare
etag: "652e0634-3b6e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9tDqy9TRCuhOnLSfwX6JdQrJOTU%2BN9qf%2FoyHv1tX5yu6AJjmP%2BZuIMLYGyScYZRjYhy1poDxAO2MeZJ%2F28SD65gAHxCg8VPDZxYXMi3RdP1MxcP4sbrZNgeoiNwTvgEFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458ac1d70548b-YYZ
expires: Fri, 08 Dec 2023 00:57:03 GMT

GET
H3 200 f9f7ea.png
www.gfkaqs.xyz/webx/thai/desktop/images/ 12 KB
13 KB 364ms
364ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/webx/thai/desktop/images/f9f7ea.png

Requested by

Host: www.gfkaqs.xyz
URL: https://www.gfkaqs.xyz/webx/thai/desktop/styles/index.9c2f.css?v=23.09.07.97572

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5ca9fc5e9069fc54c8d234a46eedd660ea4c501a12b4e0c0e1e76277427bb1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/webx/thai/desktop/styles/index.9c2f.css?v=23.09.07.97572
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 12585
x-xss-protection: 1
last-modified: Tue, 17 Oct 2023 03:57:40 GMT
server: cloudflare
etag: "652e0634-3129"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qESnjc4TgGlGdzBjeZTeVXXgbo5fhly9p4nXQ63iSK%2BmYcRj4xUBTM5yrEoteKYO2kDcWq1TMENdu%2BXMK3jdvfXvUKGpNvHRuA6vOiTqLjaC0%2Fo%2FTSGciBzluJhIRjv8pA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458ac1d72548b-YYZ
expires: Wed, 06 Dec 2023 03:06:57 GMT

GET
DATA 200
OK truncated
/ 665 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3fa623f9948421bbde93fd42e2b14c5fa26e4b383bd4ab641d3c464d5fd16e4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 enable Show response
www.gfkaqs.xyz/api/account/mobile/captcha/ 86 B
718 B 628ms
627ms XHR
application/json 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gfkaqs.xyz/api/account/mobile/captcha/enable
Requested by: Host: www.gfkaqs.xyz
URL: https://www.gfkaqs.xyz/webx/thai/desktop/javascript/chunk.vendor.447e.js?v=23.09.07.97572
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.33
Resource Hash: 7e13434ddb6397c49a1f47cc60963e451fa73c19f3da2b22bd05ead1e2951991

Request headers

Accept-Language: en-US,en;q=0.9
Source: 1
Authorization: bearer undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/vnd.sc-api.v1.json
Accept: application/json, text/plain, */*
Referer: https://www.gfkaqs.xyz/
UUID
Accept-Currency: thb

Response headers

date: Mon, 04 Dec 2023 13:20:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.2.33
alt-svc: h3=":443"; ma=86400
x-runtime: 0.074
server: cloudflare
vary: Accept-Encoding
x-ratelimit-remaining: 299
content-type: application/json
access-control-max-age: 86400
access-control-allow-methods: POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers: Authorization, Set-Cookie
cache-control: max-age=0, no-cache, no-store, private
access-control-allow-credentials: true
x-ratelimit-limit: 300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WDmCRDFDmK3MeaoysTb5pFxEexL%2FfCL3KUNcLvssyqPv9aCsviv%2Fh629iMQ6XOIL4sb4a57ocmDW5%2FZVuIaIbfcfeW2T2mx0k%2FiRs%2BCJ%2BrHr2pksGy58G%2Fhyub8k8dAqWg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 830458ac9dcc548b-YYZ
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, Source, Accept-Currency

GET
H3 200 guubuyy
www.gfkaqs.xyz/s1/ 74 B
74 B 690ms
690ms Image
text/html 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gfkaqs.xyz/s1/guubuyy?flag=visitcount&21155
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.2.33
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, PUT, GET, DELETE, HEAD, OPTION
content-type: text/html; charset=UTF-8
x-ratelimit-remaining: 299
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MAjY7xXzo%2FBCTv6iJonZp5GzHAf2uexQqhcsoT8jeZY66w%2FLYhvNHdaqyq3OR7rwDnqghfzkX%2BLeoPsSJepXOo6o0Jf%2B1JbqMWNzIWrK8qTKuISOS0RBOi9Z5q6K0MYRIA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Authorization, Set-Cookie
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: private
x-ratelimit-limit: 300
cf-ray: 830458ac9dcf548b-YYZ
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, Source, Accept-Currency

POST
H2 200 / Show response
api.fpjs.io/ 375 B
892 B 277ms
160ms XHR
text/plain 76.223.60.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fpjs.io/?ci=js/3.8.29&ii=fingerprintjs-pro-react/2.6.1/react/16.14.0&ii=fingerprintjs-pro-spa/1.2.1

Requested by

Host: fpnpmcdn.net
URL: https://fpnpmcdn.net/v3/Qf03IlZvWYpiAIoayrbo/loader_v3.8.5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.223.60.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a46a250059e296ddb.awsglobalaccelerator.com

Software

nginx/1.22.1 /

Resource Hash

49231f37c4350ac24adf483ac7ed445b1c1e2debad18d0e4433d7f55c0819412

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.gfkaqs.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Dec 2023 13:20:22 GMT
content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
server: nginx/1.22.1
x-content-type-options: nosniff
vary: Origin
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: https://www.gfkaqs.xyz
access-control-expose-headers: Retry-After
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 375

GET
H3 200 1696094380.png
www.gfkaqs.xyz/uploads/attachments/1/202310/ 469 KB
469 KB 315ms
315ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/uploads/attachments/1/202310/1696094380.png?v=23.09.07.97572

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6112837ddb9c0fdfa3eb89473f643930d77b2fbb44b7a38803b78767162d69e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 479756
x-xss-protection: 1
last-modified: Sat, 30 Sep 2023 17:19:40 GMT
server: cloudflare
etag: "651858ac-7520c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SyAKMP3m%2BGsAb6IOsYLWw5qPeylZghWrnqwTCpF0v7xLQtwXeGUGfClP%2FogiTw17AvkDqihVLrBHKBLHIGFXVCrJPthI6zK9esHerO%2FAwdSf585zcM4ge%2F4YUISPKKKloQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458aeffad548b-YYZ
expires: Sat, 09 Dec 2023 02:09:36 GMT

GET
H3 200 1664731077.png
www.gfkaqs.xyz/uploads/attachments/1/202210/ 663 KB
663 KB 288ms
286ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/uploads/attachments/1/202210/1664731077.png?v=23.09.07.97572

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84db66eb158bb43c753c21a803ac245eac14208dc643ab4467dbe8469390cae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 678482
x-xss-protection: 1
last-modified: Sun, 02 Oct 2022 17:17:56 GMT
server: cloudflare
etag: "6339c7c4-a5a52"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jbKgh9BWqGr5SYKagkEvouuz8DB%2BVK72%2BH%2BrLMihRrtHaWlr%2B48iIl7M4gEAb09RYin0Odgq0XwgUJHdcgkaOrZBm3TOXVOah%2Bn79zlo6y4uzs5I3DcaDrA2%2B2P%2BXhEag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458aeffae548b-YYZ
expires: Tue, 05 Dec 2023 23:51:58 GMT

GET
H3 200 1696094074.png
www.gfkaqs.xyz/uploads/attachments/1/202310/ 736 KB
737 KB 285ms
283ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/uploads/attachments/1/202310/1696094074.png?v=23.09.07.97572

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2c826a10e237978437ae361df99ea3158f2b0a4d2548e1bf4b91ce14024a86b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 754071
x-xss-protection: 1
last-modified: Sat, 30 Sep 2023 17:14:34 GMT
server: cloudflare
etag: "6518577a-b8197"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zLcCrbxZhWXsW6GJxGX62O%2BEP7hif1KJdkceR3%2Bg%2B0LsDh4jZZ4T6RxcTay0bBDwnybd5bm%2FCx0LZwHEPG129KESjS5BBGxadpmU4A3kEWHcb%2BPFWaA2GqUJRw%2Fj93RMAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458aeffaf548b-YYZ
expires: Thu, 07 Dec 2023 04:53:00 GMT

GET
H3 200 1696094141.png
www.gfkaqs.xyz/uploads/attachments/1/202310/ 523 KB
524 KB 454ms
453ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/uploads/attachments/1/202310/1696094141.png?v=23.09.07.97572

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17bf0080f476ad743218f10a4b385f41d2fd2fba57baa205c071184997b8b84b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 535792
x-xss-protection: 1
last-modified: Sat, 30 Sep 2023 17:15:41 GMT
server: cloudflare
etag: "651857bd-82cf0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BdOPC5jcCc%2BDW%2FI8IsoH6J3vn3mO9j7ysu2NMYVX8WXCqEIwt4kf2PED3WNkDctluV4jiW2BPhCxQz1MqN1q9dI%2ByXU5LElf4OPud%2FrsfiweDQB3ZSr%2FAK2aykvU7rJwZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458aeffb1548b-YYZ
expires: Tue, 05 Dec 2023 03:14:15 GMT

GET
H3 200 1696094216.png
www.gfkaqs.xyz/uploads/attachments/1/202310/ 903 KB
903 KB 456ms
455ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/uploads/attachments/1/202310/1696094216.png?v=23.09.07.97572

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44547e10bf582b5c2c2c57c15e96a57c61e8d58c3683ab8317df4dfa8e851773

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 924330
x-xss-protection: 1
last-modified: Sat, 30 Sep 2023 17:16:56 GMT
server: cloudflare
etag: "65185808-e1aaa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ITlB%2Bw34H3yr4fmqRWff8MjTumowucn6p3WE%2BdkcAiiNu72Jb%2F7WOOf4V4X9PzlDzZDssyBoqv6FqAR2ri32U8kwyzQBR%2BL7urFTa4GXsylkgR%2BBWPbXp%2Be0AbtFWCuV2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458aeffb2548b-YYZ
expires: Thu, 07 Dec 2023 08:28:30 GMT

GET
H3 200 1696094256.png
www.gfkaqs.xyz/uploads/attachments/1/202310/ 384 KB
384 KB 475ms
474ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/uploads/attachments/1/202310/1696094256.png?v=23.09.07.97572

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93f8f3f9b053c9ac5d258c9012e707a419c0775e99196747f6b6ce05dc85af23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 392983
x-xss-protection: 1
last-modified: Sat, 30 Sep 2023 17:17:36 GMT
server: cloudflare
etag: "65185830-5ff17"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HYRhEVt8Fkaid2uN3qKf6AqVRY1q04NXL8mRhr1XjtuQCSzsyx9d1N6Nr41ZoFQhFnyGGzp4ZOiUoAKkomY1DrUKLfr2QrvIONEDj%2Fqxc%2Bpent7n1FmFs6sNllp43rTDHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458aeffb3548b-YYZ
expires: Mon, 11 Dec 2023 09:24:40 GMT

GET
H3 200 1701373017.png
www.gfkaqs.xyz/uploads/attachments/1/202312/ 905 KB
906 KB 576ms
575ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/uploads/attachments/1/202312/1701373017.png?v=23.09.07.97572

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

517786be22a95a61f53e230a95b01690af9dfd826be990dfd87f31c6d83b75c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 926801
x-xss-protection: 1
last-modified: Thu, 30 Nov 2023 19:36:57 GMT
server: cloudflare
etag: "6568e459-e2451"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jNctogIf9nXtd2KYUaMeK%2BH%2BGPTF6DdSJdCOQ0WeGDjwRsC%2BsdHLSakMQ8OMgQ2hGOsqUrrTNR68AhDUUslZg9m5LTnmPQBEfkFTIRwvb7lbKQH%2FDkw9vRzQoi%2B2WGByA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458aeffb5548b-YYZ
expires: Thu, 07 Dec 2023 20:32:36 GMT

GET
DATA 200
OK truncated
/ 320 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e382cc72e6c4d72a984d73f6a36833d1d720d2f71c824a403f7ab53e44bba7a6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 4omkmmpnwqokn.png
img.zhenqinghua.com/gameimages/landscape/ 69 KB
70 KB 1713ms
312ms Image
image/png 209.146.43.44
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.zhenqinghua.com/gameimages/landscape/4omkmmpnwqokn.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.146.43.44 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: /
Resource Hash: dfde1f642d858aab35f068823d916c4eedc6b3ec0302ef59a421305932152b87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Expires: Thu, 04 Jan 2024 08:08:34 GMT
Date: Mon, 04 Dec 2023 13:20:24 GMT
X-Amz-Cf-Pop: SIN2-P2
Age: 28876539
x-amz-meta-sha256: dfde1f642d858aab35f068823d916c4eedc6b3ec0302ef59a421305932152b87
X-Cache: HIT
Connection: keep-alive
Content-Length: 71013
Last-Modified: Mon, 04 May 2020 06:42:31 GMT
ETag: "7174254d28298faad674f2983d41e1e3"
Access-Control-Max-Age: 31536000
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-CD-Ver: 202211
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: IsgTibKuXc2XsT_FA4GHrlAR06KY-YsKWdSVkhLTUK3jAAfND_aqvg==
x-amz-meta-s3b-last-modified: 20200503T212340Z

GET
H3 200 20220524125506_311.png
www.gfkaqs.xyz/uploads/attachments/othergamepic/jltha/2205/ 67 KB
67 KB 293ms
291ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/uploads/attachments/othergamepic/jltha/2205/20220524125506_311.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4905d50a234f1a7fde68538cab94a27183beaadeb6e8a03415be631033f272d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 68263
x-xss-protection: 1
last-modified: Tue, 24 May 2022 04:55:06 GMT
server: cloudflare
etag: "628c652a-10aa7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YokzLo13e8LFSgU4vEa5qt3JWwlxBHWUwaVqJkWbI%2B1aXPvig1h4GPvmPhdBLOd%2Bn9%2B3%2BoFYFq20o7rqhxL7Pb5tNDtiG37E7EIRMtIliO0td20iJgMM8PtXqh6CcC%2FqPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458b088f0548b-YYZ
expires: Thu, 07 Dec 2023 06:24:46 GMT

GET
H3 200 20220524125539_311.png
www.gfkaqs.xyz/uploads/attachments/othergamepic/jltha/2205/ 68 KB
68 KB 328ms
326ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/uploads/attachments/othergamepic/jltha/2205/20220524125539_311.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

418b8cef0d9ae0e6c04ab5414a5fe65c6b7a83808792d33d62e7f247a736f3be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 69540
x-xss-protection: 1
last-modified: Tue, 24 May 2022 04:55:39 GMT
server: cloudflare
etag: "628c654b-10fa4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3ykPex9QABhP06AfYP6D0jZ9gTZr11FI0SZQFa7BLsTovSWVO661Hn15iVq6fm4BnJvJm4YPM8TN4uIYUpi6gP1vxlGf%2Fk%2FOnvD68s9cYCh8M8YLsW8JgIH6LJTk3CnIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458b088f2548b-YYZ
expires: Thu, 07 Dec 2023 06:24:46 GMT

GET
H3 200 20220524125720_311.png
www.gfkaqs.xyz/uploads/attachments/othergamepic/thb_cq/2205/ 89 KB
90 KB 566ms
564ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/uploads/attachments/othergamepic/thb_cq/2205/20220524125720_311.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0345d4d86edb9a95ef6c1d4a3932074a6a1dea192b673f3e31579d7ed13deb05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 91180
x-xss-protection: 1
last-modified: Tue, 24 May 2022 04:57:20 GMT
server: cloudflare
etag: "628c65b0-1642c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pyu9ZdWT0nDDuYGEIY0V1UNJUcfGnimr%2B63LEwml%2Bnoc9Hdwymnoudg0YuG89woLICB%2BhhLTldTQCu1KXbAva73gx4%2FTSczV7QnhEv4SuyVrcSXFOuKv1%2Byxn48jMYmSQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458b088f4548b-YYZ
expires: Thu, 07 Dec 2023 06:24:46 GMT

GET
H3 200 20220524125825_311.png
www.gfkaqs.xyz/uploads/attachments/othergamepic/thb_cq/2205/ 67 KB
68 KB 319ms
317ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/uploads/attachments/othergamepic/thb_cq/2205/20220524125825_311.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad9ae769555a6ecea6732caedb283ad2891764954542e781f9d4e720277f2a5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 69009
x-xss-protection: 1
last-modified: Tue, 24 May 2022 04:58:25 GMT
server: cloudflare
etag: "628c65f1-10d91"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBu2tt0aEJVwWpYUnu%2F8KmKbwXFR%2BCKJfYG77MALxGkEAYewB510DbpVsf8eWLwd5yn0t9FM9KQdxBXinhtToQtmbYn9Tfp5PEVkad%2Fmu8UW0rKQrJkgm97TcXb8iL928Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458b088f5548b-YYZ
expires: Tue, 05 Dec 2023 21:43:14 GMT

GET
H3 200 20220524130029_311.png
www.gfkaqs.xyz/uploads/attachments/othergamepic/ratha/2205/ 80 KB
81 KB 281ms
279ms Image
image/png 172.67.202.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gfkaqs.xyz/uploads/attachments/othergamepic/ratha/2205/20220524130029_311.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.245 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a980eeb859861d1ee6f7482f0e17df6ad2b863c6136edf222940752487fe6a08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 82279
x-xss-protection: 1
last-modified: Tue, 24 May 2022 05:00:29 GMT
server: cloudflare
etag: "628c666d-14167"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHUQM2wKYeM9R1kHMkQQ0WY3CK0KnTpLaisNCP8xX60fpN4KPiSDws6hDu08OgMWzyjiWKaE5qEzFlJKPcqt5ZNfPMVXElZxSQ2O3XnlXa0CB33Yt78apDLiJNxP12vBHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 830458b088f6548b-YYZ
expires: Fri, 08 Dec 2023 09:58:04 GMT

GET
H/1.1 200
OK nqyun5dpcjtsy.png
img.zhenqinghua.com/gameimages/landscape/ 83 KB
84 KB 1681ms
288ms Image
image/png 209.146.43.44
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.zhenqinghua.com/gameimages/landscape/nqyun5dpcjtsy.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.146.43.44 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: /
Resource Hash: 91c7e5fcbb2871cd28df43f1b800ae636d64eaf80bd2e08b0ae44f2b8d629d4f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Expires: Thu, 04 Jan 2024 08:02:10 GMT
Date: Mon, 04 Dec 2023 13:20:24 GMT
X-Amz-Cf-Pop: SIN2-P2
Age: 28876694
x-amz-meta-sha256: 91c7e5fcbb2871cd28df43f1b800ae636d64eaf80bd2e08b0ae44f2b8d629d4f
X-Cache: HIT
Connection: keep-alive
Content-Length: 84859
Last-Modified: Mon, 31 May 2021 05:18:35 GMT
ETag: "046f6296262c4b5b7ef0ee0e12d11b77"
Access-Control-Max-Age: 31536000
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-CD-Ver: 202211
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: t_LSUrdPZZCRvnKVHjWpzeuAGCKZj_gzvvJtogJxsdVHL0zasEufCQ==
x-amz-meta-s3b-last-modified: 20201224T101722Z

GET
H/1.1 200
OK uafejs6a58xp6.png
img.zhenqinghua.com/gameimages/landscape/ 85 KB
86 KB 1686ms
293ms Image
image/png 209.146.43.44
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.zhenqinghua.com/gameimages/landscape/uafejs6a58xp6.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.146.43.44 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: /
Resource Hash: 09284f2cc160e8ec774c3a42d499904e15773c9d52cba06ce1c260d184a42c3c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Expires: Thu, 04 Jan 2024 08:01:49 GMT
Date: Mon, 04 Dec 2023 13:20:24 GMT
X-Amz-Cf-Pop: SIN2-P2
Age: 28876714
x-amz-meta-sha256: 09284f2cc160e8ec774c3a42d499904e15773c9d52cba06ce1c260d184a42c3c
X-Cache: HIT
Connection: keep-alive
Content-Length: 87437
Last-Modified: Mon, 31 May 2021 05:18:36 GMT
ETag: "350477ffb14c2811c832d7ccf0b76810"
Access-Control-Max-Age: 31536000
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-CD-Ver: 202211
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Ft6wEFudOCUFRSaSJETMngIP7PQESvlDxoyU2ruKh2uKRwSSbtufHA==
x-amz-meta-s3b-last-modified: 20210317T103943Z

GET
H/1.1 200
OK jzpssktmfyw1h.png
img.zhenqinghua.com/gameimages/landscape/ 85 KB
86 KB 1686ms
294ms Image
image/png 209.146.43.44
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.zhenqinghua.com/gameimages/landscape/jzpssktmfyw1h.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.146.43.44 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: /
Resource Hash: 8d71932fa6212ba52f5127f14fd6eb50ad0ae33a42775a4453af92899c6c942b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Expires: Thu, 04 Jan 2024 08:02:00 GMT
Date: Mon, 04 Dec 2023 13:20:24 GMT
X-Amz-Cf-Pop: SIN2-P2
Age: 28876704
x-amz-meta-sha256: 8d71932fa6212ba52f5127f14fd6eb50ad0ae33a42775a4453af92899c6c942b
X-Cache: HIT
Connection: keep-alive
Content-Length: 87086
Last-Modified: Mon, 31 May 2021 05:18:34 GMT
ETag: "cf8e6bac404f411d215930d4a5f74347"
Access-Control-Max-Age: 31536000
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-CD-Ver: 202211
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: N1r-Ivla8WjlvKFRCvjRU2idiR2nH4M7iZFzFX1AuTT2dt6lViw0pA==
x-amz-meta-s3b-last-modified: 20210525T043538Z

GET
H/1.1 200
OK 7b6c7rcs16kjk.png
img.zhenqinghua.com/gameimages/landscape/ 86 KB
87 KB 1711ms
318ms Image
image/png 209.146.43.44
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.zhenqinghua.com/gameimages/landscape/7b6c7rcs16kjk.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.146.43.44 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: /
Resource Hash: 57bc1692dd131ef6ae419c0fa7b39cedf62a5475f1ab630745b1d99a80c2b591

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Expires: Thu, 04 Jan 2024 08:01:49 GMT
Date: Mon, 04 Dec 2023 13:20:24 GMT
X-Amz-Cf-Pop: SIN2-P2
Age: 28876714
x-amz-meta-sha256: 57bc1692dd131ef6ae419c0fa7b39cedf62a5475f1ab630745b1d99a80c2b591
X-Cache: HIT
Connection: keep-alive
Content-Length: 88357
Last-Modified: Mon, 31 May 2021 05:18:33 GMT
ETag: "52ac937bf60fc02d804f7afda797e978"
Access-Control-Max-Age: 31536000
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-CD-Ver: 202211
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 2bAbpIzoWtk3PUmQiNClkn8JuyOYyLakx5Xh0YNxEJQHoFNuH5x4Tg==
x-amz-meta-s3b-last-modified: 20210128T040938Z

GET
H/1.1 200
OK uwf5zss55dc7h.png
img.zhenqinghua.com/gameimages/landscape/ 94 KB
95 KB 1707ms
314ms Image
image/png 209.146.43.44
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.zhenqinghua.com/gameimages/landscape/uwf5zss55dc7h.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.146.43.44 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: /
Resource Hash: 77a913f359506f0e6516a8b376391a4b639df64921bd12744b35f87f06982e46

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Expires: Thu, 04 Jan 2024 08:01:49 GMT
Date: Mon, 04 Dec 2023 13:20:24 GMT
X-Amz-Cf-Pop: SIN2-P2
Age: 28876714
x-amz-meta-sha256: 77a913f359506f0e6516a8b376391a4b639df64921bd12744b35f87f06982e46
X-Cache: HIT
Connection: keep-alive
Content-Length: 96478
Last-Modified: Tue, 30 Mar 2021 07:48:36 GMT
ETag: "ef042b22a03ee947fbf79e1f674e0b6a"
Access-Control-Max-Age: 31536000
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-CD-Ver: 202211
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: JqiESLNAok8p6teHuZ4ZQ0r6aSyuaKvMluspyvH-ZfbYq3fxGGwHvQ==
x-amz-meta-s3b-last-modified: 20201125T041734Z

GET
H/1.1 200
OK 3fx69pizs144w.png
img.zhenqinghua.com/gameimages/landscape/ 80 KB
80 KB 291ms
291ms Image
image/png 209.146.43.44
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.zhenqinghua.com/gameimages/landscape/3fx69pizs144w.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.146.43.44 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: /
Resource Hash: 9ee15bbcde575d4980bc0d189e2db157b392396cd1fb011b86460f59fbe7cab7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Expires: Thu, 04 Jan 2024 08:01:49 GMT
Date: Mon, 04 Dec 2023 13:20:25 GMT
X-Amz-Cf-Pop: SIN2-P2
Age: 28876715
x-amz-meta-sha256: 9ee15bbcde575d4980bc0d189e2db157b392396cd1fb011b86460f59fbe7cab7
X-Cache: HIT
Connection: keep-alive
Content-Length: 81608
Last-Modified: Tue, 30 Mar 2021 07:48:35 GMT
ETag: "afc1c6cb29689b0c3a5205a5cb52eec3"
Access-Control-Max-Age: 31536000
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-CD-Ver: 202211
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Az3wUWa8d67am9uNxMiFSFihBt339Op2OcaFoV-5BsNOLuVhttFFYw==
x-amz-meta-s3b-last-modified: 20201125T073705Z

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 42ms
41ms Ping
text/plain 2607:f8b0:4004:c19::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-BMFBXX9PVL&gtm=45je3bt0v878597460&_p=1701696021132&gcd=11l1l1l1l1&dma=0&cid=755955087.1701696022&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEAI&_s=2&sid=1701696021&sct=1&seg=0&dl=https%3A%2F%2Fwww.gfkaqs.xyz%2F&dr=http%3A%2F%2Fnorthfitnesssport.com%2F&dt=ruled8&en=scroll&epn.percent_scrolled=90&_et=8&tfd=7322
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BMFBXX9PVL&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c19::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gfkaqs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 13:20:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gfkaqs.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.matichon.co.th
URL: https://www.matichon.co.th/wp-content/uploads/2023/11/2023-11-05T221015Z_726985025_UP1EJB51PL27C_RTRMADP_3_SOCCER-SPAIN-MAD-RAY-728x520.jpg

Domain: northfitnesssport.com
URL: http://northfitnesssport.com/pic/S__183574533.jpg

Domain: www.matichon.co.th
URL: https://www.matichon.co.th/wp-content/uploads/2023/10/2023-10-21T180545Z_1653826997_UP1EJAL1E9J9B_RTRMADP_3_SOCCER-ITALY-TOR-INT-REPORT1-728x520.jpg

Domain: www.matichon.co.th
URL: https://www.matichon.co.th/wp-content/uploads/2023/10/2023-10-05T195253Z_1055483544_UP1EJA51J8228_RTRMADP_3_SOCCER-EUROPA-HAI-PAN-REPORT-728x520.jpg

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/g/collect?v=2&tid=G-JVB9KQ5X28&gtm=45je3bt0v9169962751&_p=1701696018676&gcd=11l1l1l1l1&dma=0&cid=1046219052.1701696019&ul=en-us&sr=1600x1200&_s=2&sid=1701696018&sct=1&seg=0&dl=http%3A%2F%2Fnorthfitnesssport.com%2F&dt=slot%20%E0%B9%81%E0%B8%95%E0%B8%81%20%E0%B8%87%E0%B9%88%E0%B8%B2%E0%B8%A2%20%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B8%A1%E0%B8%B5%20%E0%B8%82%E0%B8%B1%E0%B9%89%E0%B8%99%20%E0%B8%95%E0%B9%88%E0%B9%8D%E0%B8%B2%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%81%E0%B8%B5%E0%B8%AC%E0%B8%B2%20%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%9F%E0%B8%B8%E0%B8%95%E0%B8%9A%E0%B8%AD%E0%B8%A5&en=user_engagement&_et=1265&tfd=5837

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
northfitnesssport.com/	1969-12-31 23:59:59	Name: timezone Value: -10
.baidu.com/	1970-01-21 01:27:12	Name: BAIDUID_BFESS Value: 33E98E479DB163B70390E7B94D298DFF:FG=1
.northfitnesssport.com/	1970-01-21 02:17:36	Name: _ga Value: GA1.1.1046219052.1701696019
www.gfkaqs.xyz/	1969-12-31 23:59:59	Name: _sessionHandler Value: ea4d40e31995a954604ada60ad8529bcf2fe452a31f5f9619f0ec79646a338ea
.northfitnesssport.com/	1970-01-21 02:17:36	Name: _ga_JVB9KQ5X28 Value: GS1.1.1701696018.1.0.1701696020.0.0.0
www.gfkaqs.xyz/	1970-01-20 17:24:48	Name: lang Value: en-US
www.gfkaqs.xyz/	1970-01-20 17:24:48	Name: currency Value: thb
.gfkaqs.xyz/	1970-01-20 16:43:02	Name: _gid Value: GA1.2.1746201588.1701696022
.gfkaqs.xyz/	1970-01-20 16:41:36	Name: _gat_gtag_UA_216184968_1 Value: 1
.gfkaqs.xyz/	1970-01-21 02:17:36	Name: _ga_13DBJW3C0C Value: GS1.1.1701696021.1.0.1701696021.0.0.0
.gfkaqs.xyz/	1970-01-21 02:17:36	Name: _ga Value: GA1.1.755955087.1701696022
.gfkaqs.xyz/	1970-01-21 02:17:36	Name: _ga_BMFBXX9PVL Value: GS1.1.1701696021.1.0.1701696021.0.0.0
www.gfkaqs.xyz/	1969-12-31 23:59:59	Name: register-uri Value: #/register/s1/guubuyy
.fpjs.io/	1970-01-21 01:27:12	Name: _iidt Value: 7S572zPFkFGYyRK8uBEtftkZVFo5P7UUcnF5fS8P76b/5dgMtmhUJiNFesT3binOI+OeNLgQ9r/zS6rHJxgHeZs=
.gfkaqs.xyz/	1970-01-21 01:27:12	Name: _vid_t Value: 2LAUyz+Y9PR4Dqp0w8ke/4GP0J8QgeSr5EtrSk6skYdXNinthzhRNdwUBxQ4yHhbOxqj8iNTSvIuKXD7QSvxaUs=

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://northfitnesssport.com/template/news/baike009/th-skin/js/c_html_js_add.js(Line 103) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.zhuti.net.cn/zb_users/plugin/UEditor/third-party/prism/prism.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://northfitnesssport.com/template/news/baike009/th-skin/js/c_html_js_add.js(Line 103) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.zhuti.net.cn/zb_users/plugin/UEditor/third-party/prism/prism.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://ziyuan.baidu.com/image.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: http://northfitnesssport.com/ Message: Failed to decode downloaded font: http://northfitnesssport.com/template/news/baike009/th-skin/font/FjallaOne-Regular.ttf
other	warning	URL: http://northfitnesssport.com/ Message: OTS parsing error: invalid sfntVersion: 1008813135
network	error	URL: https://thaicdn.iuerk.xyz/thai/line_qr_code.png Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.fpjs.io
fpnpmcdn.net
img.zhenqinghua.com
northfitnesssport.com
stepzeed.com
supersportskick.s3.ap-southeast-1.amazonaws.com
thaicdn.gssdrf.xyz
thaicdn.iuerk.xyz
www.gfkaqs.xyz
www.google-analytics.com
www.googletagmanager.com
www.matichon.co.th
www.zhuti.net.cn
ziyuan.baidu.com
northfitnesssport.com
www.google-analytics.com
www.matichon.co.th
103.186.109.236
104.21.70.95
154.209.53.17
172.67.202.245
18.238.4.13
182.61.201.92
209.146.43.44
2606:4700:3033::ac43:8b48
2607:f8b0:4004:c06::61
2607:f8b0:4004:c19::66
45.60.62.140
52.219.164.162
76.223.60.10
02ac38ed4950f70d5bae2898a50c4a99f17b827e5b9da368afd050a2de86d38c
0345d4d86edb9a95ef6c1d4a3932074a6a1dea192b673f3e31579d7ed13deb05
034ed61393ad1977ef0f33afd4c20531a9a88bfa8f845d0a8a788a6b380f5027
05c75d6ab975b591b954abea45ba355b65d28643859fc7270677f4c0a0268134
06de98860df99f79b0119546810986a424cb579f5adc53248abd0106cb277c3c
09284f2cc160e8ec774c3a42d499904e15773c9d52cba06ce1c260d184a42c3c
0cea52a097bc0bb0ae696bc87358912573af70c9a0a229c4ca91837cd118da67
0e4afbfdb60c314664d574f35479249762348e140d286f52ec3c1f92a3843778
0fa33546cd51a8360eecee5854385bc8f56e66751ade71fe404f7f224e907226
11b10a45b9fc3622b9a8eaf5181e0bd403af74ecfbbc9541cdce396a8e47b332
13e689ded4f00a9d10e94bdb927ea4a8defb5a6ea8da5b41689b02c3e71f5ad5
14d093d94978be4384debb072fb608a0c82d014ebde1f8cedc2947c4eb0135f7
17bf0080f476ad743218f10a4b385f41d2fd2fba57baa205c071184997b8b84b
18083b6c1e1893d11f9d0beee5f7bfd90f074dd911480d6ebc3eafd633d58209
1ba4fcb66f37462dc808ac4043427f2e8702954e204939183ec2376187aad6ff
1e53213908aec8f8bf897f95d7929c11e724c95c792ae88672194c15b1221dce
1e7b4f8bf9362cf56e8730fe72912e821ecab67d0e375b6941a7cb07aab9ecfa
22ecc348e9b1adfee9857c297a8617ce55d7c9f98de47b5fce6dfd49e49b4f5e
24a24ccdf94012cd228d284feffbf26985d02c97bc65982361884e2eb41cfa06
2ae76b043d8bec80721516f45acde1261b4c4d0a87e81202072e5c1bdc45e2c0
3304502c51491ab00ecc7f8bc15e28d22d3a1707dfb2d8fa4e6edfc17736779a
3cf5ee39a75adb7c399ffd4e7e94fc25eba239c241cd86a5118a0e274181c413
418b8cef0d9ae0e6c04ab5414a5fe65c6b7a83808792d33d62e7f247a736f3be
44547e10bf582b5c2c2c57c15e96a57c61e8d58c3683ab8317df4dfa8e851773
46bba08477e85e0500aece1bedd9a48f2a6e8e9609cd8d48762c84809a16c9bc
48cfe55e60f4bfed580a0384f7aff9b58fd6431c46ae17793de704348c5433e1
4905d50a234f1a7fde68538cab94a27183beaadeb6e8a03415be631033f272d8
49231f37c4350ac24adf483ac7ed445b1c1e2debad18d0e4433d7f55c0819412
4a972af7e4af512224941b9db0cc59c3a1301820a9489d2d132c2c0336d1f12b
50f227a42c7d22a796da5ff533679f0a7d9ef6e2e46bae3c2eb895ddfdf380dc
512301e3f8f76756501abdeed83e91bf51c91cfa518525a6185af2d31ae9c704
517786be22a95a61f53e230a95b01690af9dfd826be990dfd87f31c6d83b75c0
52b8e2d10d909ef6cf22a3ce5214609e2a599c60fbdca1f0ab93b4acfcb3720f
57bc1692dd131ef6ae419c0fa7b39cedf62a5475f1ab630745b1d99a80c2b591
5867cef615756cb75b523c11e29d88f770ddb40fd51bc39cd60e3ba86d004fdc
5982787564cca0095afcdd77636631d8a60098cf44b9187d9a9250287828fafa
5d0741a39741431fae5c67a0adc87e2bd3a343a512c84bf596518e3aa697a3cb
5dc0b8707c2e6fad344302420f45431f7d7c1b2de33e3d6f0323c47649ed7e58
5e0d57c49edf33f77c1588159629aed1e9edae7fb6ed8d44beabdaf123183beb
5e985fd957073ade0fd08cb61462b50d1070842a2d6243a8b6ab5269f1720c9a
5f4d2a18b35f5b4b0f5fb7704a8fc4f89274b588f5c82ae5b0e6f42c991f1d2f
5fb5a5909e5abe1e91f38cc13e92f9276712460063920838225f941aacb46a7d
6112837ddb9c0fdfa3eb89473f643930d77b2fbb44b7a38803b78767162d69e1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
77a913f359506f0e6516a8b376391a4b639df64921bd12744b35f87f06982e46
7879bdfa80b78ef49786bc8e66f3bdd0174ee05b02d0ade6f0a9fcf3f53c1057
7e13434ddb6397c49a1f47cc60963e451fa73c19f3da2b22bd05ead1e2951991
7f9d38d67b7b0e69c576f0fa75164e7c938e2b2d32f0eba69e34ad419f4ebc6b
8227c854bca89ccd74e393deb7d5a87d53944e0ab8841c5ecd179c54b3ad9f13
8418a8301bd25c7f8014559861fbb63d086be5197517e22912355b60b12cae89
84497161102bcf8dd0c4ed70ece7f81997d310aa279a2760cace4896f8a41844
84972bf81dc3e4c07bed4655606cbc9202daf156e7772d77aa34f046cc412800
84db66eb158bb43c753c21a803ac245eac14208dc643ab4467dbe8469390cae5
851fc285c69980f41dd0f6dd869544b10a525d97f0d8e26851c08cb9177ab6b1
890f7a2dad2c3a64cac10c49053b0193055639b6694a089d1601cb703014991c
898e89757fdc3ac35768e8194e3137b4931fa1d4c5f13084c216a9e7546f476f
8d71932fa6212ba52f5127f14fd6eb50ad0ae33a42775a4453af92899c6c942b
8e8767f47755b786ba33a8a5edb441065bd14711365ffffcc61811028bfee1d2
8e9d603924ce0c93e95dbdd4972cf12cb42abea0bf1b8236100706296d995a11
903ae51c143c5e81e749f26ccacd27d5e4e508f97952e0d4911556fb731fe3a4
9081a1b133ff7e4431abe889822ce12bbe6a795c9148c5aa39c20ee9be344fad
9088f66a8a5423a4e327b87527edaff838f348a45343bf012c3834397e29fa30
91c7e5fcbb2871cd28df43f1b800ae636d64eaf80bd2e08b0ae44f2b8d629d4f
924036d97568844a881bd31cb945cb7dccc4198f7979d886a2b15aa3ed268114
93f83570bda95caee88501257d0187235320b0b74ada5dc2d5c31058fc5e2dd5
93f8f3f9b053c9ac5d258c9012e707a419c0775e99196747f6b6ce05dc85af23
959e739e559a5e1150313b14a8629c480d385dae1a05b892bcb004b2b29f5d51
96f60d5c0254f5a97e5cf2994dce4f7e2739c22b62672e62c720f0635415e9f1
99564a929c901621d6f9a0bd189639172aa1906d065edfc83b9acf2e6d5d12e2
9bfb7c0f7bcde6a3a2b77ce814a65902257e36a0fd18c08958d53a710a5af9b0
9e9c5f1c0a361dc70ffc23bb9441a3c757d6b9ba1c144e4f589a314ad7bd3a81
9e9e9195ff15c9ab7224d8dc4fbf10a78177cbfbb35d0e70c3b1f92926c69d33
9ee15bbcde575d4980bc0d189e2db157b392396cd1fb011b86460f59fbe7cab7
9fe891473d8d6ac3f24c5c3d2a6774cdcbe8ed90628d84140c6bc9257a3049f6
a00ad9ffd47141673d80b0c22c589d7dbe5efbeb5bb3684737a0430151b5b4f3
a1fbf298ab4249b1a9ac37952802b74185e2de270766331fbc109566294014be
a2f7f719c5116382bb1df2e95ed86098299b38527249f8210af3be3c97d67665
a3233f8b863056161dbba3fbbc73c2e0c04e54923d5242609ea974e6a6e61cc4
a3c8df88194cf6b263f9c9d07ccecd38f854699b882a0962416f1285871be542
a3fa623f9948421bbde93fd42e2b14c5fa26e4b383bd4ab641d3c464d5fd16e4
a5ca9fc5e9069fc54c8d234a46eedd660ea4c501a12b4e0c0e1e76277427bb1c
a7ee0335577160abed158601afd142953d5d5a7003c090afc82a0543f4b7cec0
a980eeb859861d1ee6f7482f0e17df6ad2b863c6136edf222940752487fe6a08
aa56b6e91349e5a4ec23ec116b233aea77368d19e30890a907769322b299d9f9
ac7fe2e173a9dd5774d4afeb1ccbc7651daf2cb8b418e3a2d3690c7023e3b220
ad9ae769555a6ecea6732caedb283ad2891764954542e781f9d4e720277f2a5b
ae8982a0a7a70260e1e1812ded0d5f6fe6c7a73b7e26a308aa846f844e093ff2
b11d1f4ebd65dfc7278dd8609207835fd9515af6225776140fe971635dc10ba9
b13e5b68614541ae67b4b12733ca77cf5b94b0b887c08820c470bc46bffef14f
b3536a5828f4a36892866d326400cc153da7e86199b3277d9313982ca905f695
b54c4bd96e4991d236f7b4776f31cace5f3d479c0cbe75f811e7c1082f50ff5d
b56d99686ad5e375e1d3a301b884f837a6ea0a7d03cc744994f5089baa5269d0
b5d81caf518ff0554ec211e33c639f908942c46ae57bb117e9733fa6937b514b
b5ebc06db28da4ba4f354dd146c138af58622a03bbbf884c22c7c09db08fb65f
bd99e2c100abe549a04fc937e7087a37d152ead222494e560618a34edda8cc7a
c1b8bacb41b0c1812dda29921c2d28b783592932f731a7b8be9eb557d87926d0
c2a332d6aa89b634f4d90cb3af077b1aa112c5e5bb136e2bc3e4a1ae6d597ba7
c4e44ed193bbeb101dad5f8cf7cfb37c22278c018b0125ee005680fbd0a62c1e
c6c1dc5156292c01b7f9bd9f5efeb5be0bb86d5ffb9ef97ceb4a86b4a9383225
c79846a535029361b34983a93c7bd2e5826224dad5aa7b9d35a09b38ca04b8a4
cba564b2110438cb9e3325c5f934819625adf3393a922d0333dcbf78eeab9522
d01f39d2e0785692bda5bc39adcd2b322978b4c74512a73cca1433409eba91ca
d1b631d47da0320afbcf89ee2d832218e92edf73e3847dd828c37768f9602f9f
d2c826a10e237978437ae361df99ea3158f2b0a4d2548e1bf4b91ce14024a86b
d34cb4a068a555feb82c6f9c62c90e534bd33c8d8145c6a3f60c79967a73d173
dd5efd6a06852c6e9845fd6295fc3b14cc1fe27684fbc649155206e3fce52852
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfde1f642d858aab35f068823d916c4eedc6b3ec0302ef59a421305932152b87
e0051913dbf93613c3474174f5f0c83d395cc532e2d070d998d8faecf0f9f487
e164dfb9bec8ff2337a09bd27a2274e8e43fa6a150c926081ce576fc66b97167
e1b34bc91b851016219b349ad6731287edd8a672a397270649ce7e0182bb124c
e33c5f741b39c67dec321e7414b6074a5d6ae7532a30739e67f64d78761ccadd
e382cc72e6c4d72a984d73f6a36833d1d720d2f71c824a403f7ab53e44bba7a6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48e2f4745beb447ec59900202da3cab6684af0b9daa3631dfeac57166358698
e82e0b58f5c11f55f08603ea35e2aa7612d4e5986e5cb6bc2d4c53e3c1c9c149
ea10c9828b6a5abe99347587b410aa16dbad7ea044aa07284c88a06b5bcdad6f
ef3126465166728369e668d99516a95e58e6f9cee7e6967cdad2c187490a75d1
f544d00cdddbeb889ed4b9229e2398b0b3c4cbd7918e80883ba748e73e9885b6
f591592c03766061aa25e095949d306c55743c6db3c2019a252926ee8810965d
fb78f14ef94c36574fef2c68ad4674d9bb6ee7446ccfeac1ce95df99815b0054
fe7e966e732e9a1fa9166e283aef4e1752145da296a28b0f8b6c21daaab4912f
febd7c6eb7796742b9e031038233f919cc7e6b7ae2b734513c97cbb346f7daa7

www.gfkaqs.xyz Open in urlscan Pro 172.67.202.245 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

118 Requests

75 %HTTPS

23 %IPv6

14 Domains

14 Subdomains

14 IPs

5 Countries

9618 kBTransfer

14550 kBSize

15 Cookies

4 Outgoing links

Page URL History

Redirected requests

118 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 30 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.gfkaqs.xyz Open in urlscan Pro
172.67.202.245 Public Scan

Screenshot
Live screenshot

Full Image

118
Requests

75 %
HTTPS

23 %
IPv6

14
Domains

14
Subdomains

14
IPs

5
Countries

9618 kB
Transfer

14550 kB
Size

15
Cookies

118 HTTP transactions
30 data transactions