Submitted URL: https://r345f.shop/
Effective URL: https://www.r345f.shop/
Submission: On October 02 via api from JP — Scanned from JP

Summary

This website contacted 13 IPs in 7 countries across 13 domains to perform 132 HTTP transactions. The main IP is 185.162.229.2, located in Armenia and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.r345f.shop.
TLS certificate: Issued by WE1 on September 30th 2024. Valid for: 3 months.
This is the only time www.r345f.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 58 185.162.229.2 209242 (CLOUDFLAR...)
1 185.162.229.3 209242 (CLOUDFLAR...)
2 2404:6800:400... 15169 (GOOGLE)
1 142.250.198.3 15169 (GOOGLE)
1 104.18.27.46 13335 (CLOUDFLAR...)
3 2404:6800:400... 15169 (GOOGLE)
1 23.62.20.111 20940 (AKAMAI-ASN1)
12 185.162.228.37 209242 (CLOUDFLAR...)
3 23.50.118.172 20940 (AKAMAI-ASN1)
2 2620:1ec:bdf::46 8075 (MICROSOFT...)
2 2404:6800:400... 15169 (GOOGLE)
29 185.162.228.4 209242 (CLOUDFLAR...)
132 13
Apex Domain
Subdomains
Transfer
58 r345f.shop
r345f.shop
www.r345f.shop
rgs-je-clientapi.r345f.shop Failed
2 MB
29 deimosphobos.net
statistics.deimosphobos.net
51 KB
12 hogoxiyfctcdpjbu.com
go.cms.hogoxiyfctcdpjbu.com — Cisco Umbrella Rank: 619764
cms.hogoxiyfctcdpjbu.com — Cisco Umbrella Rank: 586762 Failed
80 KB
4 livechatinc.com
cdn.livechatinc.com — Cisco Umbrella Rank: 6020
api.livechatinc.com — Cisco Umbrella Rank: 5752
secure.livechatinc.com Failed
34 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 57
277 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
2 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 715
c.clarity.ms — Cisco Umbrella Rank: 1434 Failed
d.clarity.ms Failed
28 KB
2 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 1380
2 KB
1 walletconnect.com
verify.walletconnect.com — Cisco Umbrella Rank: 56229
1 gstatic.com
www.gstatic.com
217 KB
1 fjykjczttspydxcx.com
geoapi.fjykjczttspydxcx.com
845 B
0 curacao-egaming.com Failed
verification.curacao-egaming.com Failed
0 withgoogle.com Failed
csp.withgoogle.com Failed
132 13
Domain Requested by
57 www.r345f.shop www.r345f.shop
29 statistics.deimosphobos.net
9 cms.hogoxiyfctcdpjbu.com
3 api.livechatinc.com cdn.livechatinc.com
3 go.cms.hogoxiyfctcdpjbu.com www.r345f.shop
3 www.googletagmanager.com www.r345f.shop
www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
2 www.clarity.ms www.r345f.shop
www.clarity.ms
2 www.recaptcha.net www.r345f.shop
www.gstatic.com
1 cdn.livechatinc.com www.r345f.shop
1 verify.walletconnect.com www.r345f.shop
1 www.gstatic.com www.recaptcha.net
1 geoapi.fjykjczttspydxcx.com www.r345f.shop
1 r345f.shop 1 redirects
0 secure.livechatinc.com Failed cdn.livechatinc.com
0 d.clarity.ms Failed www.clarity.ms
0 c.clarity.ms Failed
0 rgs-je-clientapi.r345f.shop Failed www.r345f.shop
0 verification.curacao-egaming.com Failed
0 csp.withgoogle.com Failed
132 20
Subject Issuer Validity Valid
r345f.shop
WE1
2024-09-30 -
2024-12-29
3 months crt.sh
fjykjczttspydxcx.com
WE1
2024-09-11 -
2024-12-10
3 months crt.sh
misc.google.com
WR2
2024-09-16 -
2024-12-09
3 months crt.sh
*.gstatic.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
walletconnect.com
WE1
2024-09-04 -
2024-12-03
3 months crt.sh
*.google-analytics.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
livechat.com
DigiCert TLS RSA SHA256 2020 CA1
2024-07-10 -
2025-07-10
a year crt.sh
go.cms.hogoxiyfctcdpjbu.com
WE1
2024-09-11 -
2024-12-10
3 months crt.sh
hogoxiyfctcdpjbu.com
WE1
2024-09-26 -
2024-12-25
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2024-09-04 -
2025-09-04
a year crt.sh
deimosphobos.net
Cloudflare Inc ECC CA-3
2024-01-09 -
2024-12-31
a year crt.sh

This page contains 4 frames:

Primary Page: https://www.r345f.shop/
Frame ID: 08E9CF2BF33AC94EF25E3D9F7F2A4733
Requests: 133 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdHNLMiAAAAAN7XCvnN565O3LzegR9UWZWWcBp_&co=aHR0cHM6Ly93d3cucjM0NWYuc2hvcDo0NDM.&hl=ja&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=y2ohyhtsgq56
Frame ID: 58BE3F7E502C3C6497910FEDF91E5DF1
Requests: 1 HTTP requests in this frame

Frame: https://verify.walletconnect.com/45f4062f4f6427f9e6eab952d2452b3c
Frame ID: 4FF1379285FECADDD405C956410C76AA
Requests: 1 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=14748966&group=0&embedded=1&widget_version=3&unique_groups=1&use_parent_storage=1
Frame ID: 1093A34C2D96DE23464587A32BCAB865
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

بری بت | سایت پیش بینی ورزشی، شرط بندی و کازینو آنلاین

Page URL History Show full URLs

  1. https://r345f.shop/ HTTP 301
    https://www.r345f.shop/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.livechatinc\.com/.*tracking\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

132
Requests

86 %
HTTPS

33 %
IPv6

13
Domains

20
Subdomains

13
IPs

7
Countries

3218 kB
Transfer

7909 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://r345f.shop/ HTTP 301
    https://www.r345f.shop/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 98
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3AFB6D1B3D6D4A3DBCA945BDC79E1745&RedC=c.clarity.ms&MXFR=280F821160766D710B46971D6476636C HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3AFB6D1B3D6D4A3DBCA945BDC79E1745&MUID=21D0BB85C68467DC3914AE89C7766673

132 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.r345f.shop/
Redirect Chain
  • https://r345f.shop/
  • https://www.r345f.shop/
2 KB
1 KB
Document
General
Full URL
https://www.r345f.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
411e0844cd1a2321458143204ea57bb0a1b15ec40ed98e5932977240b462a583

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
max-age=60
cf-cache-status
DYNAMIC
cf-ray
8cc46e2f8f8ce025-NRT
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 02 Oct 2024 11:42:41 GMT
expires
Wed, 02 Oct 2024 11:43:40 GMT
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0sc8OSG%2Bmh9knKdB8IiGztWFY4kqneiVmB5n9idGodeGUqqFG64A8f23mb1d7zeD2EW54iqujDi5Lk2nfvgcpfrlHi9e139aC008cL7JeEJeLVAmxXvqkhAl9VHe4Eieeg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
8cc46e2ae95ae025-NRT
content-type
text/html
date
Wed, 02 Oct 2024 11:42:40 GMT
location
https://www.r345f.shop/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oRR%2B5PxwOAOaKy6rhNOtDzaY%2Bw9eTFtvdQOnnlGgnMhmjZWWSo%2BlKIwZPpAeYfUTHjMiZ1E11B4sO%2Bd3lBm2gA3PzetZUfgF6IcyKVr%2Bd0BLsl26P%2Fh2sDfPF%2FzT"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
speculation
www.r345f.shop/cdn-cgi/
128 B
458 B
Other
General
Full URL
https://www.r345f.shop/cdn-cgi/speculation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.r345f.shop
Referer
https://www.r345f.shop/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UlkRiaYe1bZx2fzU8fuuTjD0C2RG2%2FkhV9fxXaTgWGYBJKLh1bdOi0mGIakLL2jjjOJH2CSxjEygFh%2BsKPdMZS3ShHH7dn401YkcJIqop%2FUtAR7kJ9oLqICcaEMn313K2w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e32bba2e025-NRT
access-control-allow-origin
https://www.r345f.shop
content-length
128
date
Wed, 02 Oct 2024 11:42:41 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
custom.css
www.r345f.shop/
1 KB
870 B
Stylesheet
General
Full URL
https://www.r345f.shop/custom.css
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a096dafb4800ac12d49d9bddd52cbd230caefb549dc48553bb31247b95569c0e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66e09d3c-4f8"
age
111
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cc%2FeBducU4EIN7TPNeiEPcmUe%2B4MomFDQv4F16lyjkkEp86TfG7Du80GshWe8S8p9ZPEYl4DcBAleQCZM8Ma79b253j6GhjTOY6B6ETcOPzY5dZFOW8r8DY0Ol2KnC6WIA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e32bba7e025-NRT
expires
Wed, 02 Oct 2024 12:40:49 GMT
date
Wed, 02 Oct 2024 11:42:41 GMT
content-type
text/css
last-modified
Tue, 10 Sep 2024 19:25:48 GMT
vary
Accept-Encoding
server
cloudflare
index-91f1e5fc.js
www.r345f.shop/assets/
3 MB
816 KB
Script
General
Full URL
https://www.r345f.shop/assets/index-91f1e5fc.js
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
252b4401a69819bb8356bd0e518ef0a8df0d7876d2c324d0ebfe142bfbc56b0f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.r345f.shop
Referer
https://www.r345f.shop/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66e09d44-2ffe3f"
age
111
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UMkmnSIaU8epQXbEmlI4xHOZBj2xFbVQYqlKZ6drcsmeJaWUJDK%2FpLspyq5oUetrnvmWgC4taoshNYgSYcmHTrUKx7LKY8RvXBtFCXHg7mQBpE1oJzgIb098cAJiBxlAIA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e32bbabe025-NRT
expires
Wed, 02 Oct 2024 12:40:49 GMT
date
Wed, 02 Oct 2024 11:42:41 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
server
cloudflare
index-c36ed3ad.css
www.r345f.shop/assets/
1 MB
188 KB
Stylesheet
General
Full URL
https://www.r345f.shop/assets/index-c36ed3ad.css
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c36ed3ad8fe4700eef3585f01f44f908f5375d7e581d3864085856e02a3012d4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66e09d44-118d4b"
age
111
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4eC2RWbcrXI2RBafeehWXKoUfNILTFT0CeUAisZud8buEj8M4Y1pZ0I9KqO33m8RlQAz%2B0LNBsnu5W6cw%2BJ04Tdu9%2Fk6OmicoZw5X9zGrQnyodRjQ7YkEt10E4i8m%2BzR8A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e32bba8e025-NRT
expires
Wed, 02 Oct 2024 12:40:49 GMT
date
Wed, 02 Oct 2024 11:42:41 GMT
content-type
text/css
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
server
cloudflare
firebase-messaging-sw.js
www.r345f.shop/
1 KB
854 B
Script
General
Full URL
https://www.r345f.shop/firebase-messaging-sw.js
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfd2569e73e258055115d0ba4371301fdf011f610745f57306ba51ad1e2beba4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66e09d3c-47d"
age
111
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zonCFIQtWzT84fTR2ZgykUrvx3szska893hWefuGaZxDNMcOJpGcYmpxrf1LVwKwCF483kYlmialJqQRKvM9onVrgP8VzX2q5YM0oLuJVBxD5AsjfYGGNjGBXAiteh8rzw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e32bbade025-NRT
expires
Wed, 02 Oct 2024 12:40:49 GMT
date
Wed, 02 Oct 2024 11:42:41 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Sep 2024 19:25:48 GMT
vary
Accept-Encoding
server
cloudflare
modernizr.js
www.r345f.shop/
5 KB
2 KB
Script
General
Full URL
https://www.r345f.shop/modernizr.js
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bf201b939548f9965e255b521bfda79ee6225cb1b629d8c4d603973f117dfc4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66e09d3c-13ac"
age
111
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gStvi2Yonl7uD1x3nqaw68Ndk1aYmiregcTTq20TUEcQlUOHz0JYyEgTDWS2CWsNLtYWy0Xa1vC3Ph7UY8Ib%2BcyGVqrv9wFWeD0k1QTIByZynwVFQI1IcVrs6QO%2BOlsLSg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e32bbb0e025-NRT
expires
Wed, 02 Oct 2024 12:40:49 GMT
date
Wed, 02 Oct 2024 11:42:41 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Sep 2024 19:25:48 GMT
vary
Accept-Encoding
server
cloudflare
truncated
/
44 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/webp
truncated
/
82 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/webp
truncated
/
90 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/webp
truncated
/
38 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/webp
assets.json
www.r345f.shop/
108 B
450 B
XHR
General
Full URL
https://www.r345f.shop/assets.json?v=1727869200000
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c22f56bd154b5f9d0ba02b16236c938d3045d6027e0a6dd61a0c64f41eebc3c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://www.r345f.shop/

Response headers

cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"66e09d3c-6c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ydeg7nfPCE%2FKDx0%2FH3BcQf%2BLU8P%2BUFqX1u%2FSA1r%2BxGyLFqeOjbpu3Cpk8bBUC6%2B7FeB%2BqXBYkJ0RlyudLIYfUkXMaPBUPAs4ReC33TyD55amv%2FazEaCUwmZ9bP4S%2FeymRw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e352e9fe025-NRT
expires
Wed, 02 Oct 2024 12:42:41 GMT
date
Wed, 02 Oct 2024 11:42:41 GMT
content-type
application/json
last-modified
Tue, 10 Sep 2024 19:25:48 GMT
server
cloudflare
conf.json
www.r345f.shop/
17 KB
4 KB
XHR
General
Full URL
https://www.r345f.shop/conf.json?v=1727869200000
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
896d13354cc586db7bd7e861394672823b73e545d6909fa68a2dc0578b867851

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://www.r345f.shop/

Response headers

cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"66e7c257-440b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l%2FHe%2F9uvqXDKu%2BDrtYv8W1lDzY1Xja%2Fzm6SOu14Cw3InM8zzdSdbZJt2gluhJEgpwK51wuwWt6B5VFTJEspkFURzXMG3MsAE37XvWTfvEg8%2BOxRSkXTwlDQJgB%2FZ02zLoA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e352ea1e025-NRT
expires
Wed, 02 Oct 2024 12:42:41 GMT
date
Wed, 02 Oct 2024 11:42:41 GMT
content-type
application/json
last-modified
Mon, 16 Sep 2024 05:29:59 GMT
server
cloudflare
localConf.json
www.r345f.shop/
4 KB
1 KB
XHR
General
Full URL
https://www.r345f.shop/localConf.json?v=1727869200000
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bf07c56884952be62c3ddb1b25ee0e4806ee1b6f6c909c5a711613e621e2299

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://www.r345f.shop/

Response headers

cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"66e09d3c-e05"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0YVA%2BsA%2F9xx6E%2FoJ3dQOCEl%2B1QnonYtnbu8B1F6xUoEh13mwRrxD%2BZN408GuSJjwZbqumSXp3EvauWV1Ni3%2FI0aGdXs3MA5SW2uxytHrg2vE5rPM%2FgWRqdnjM2o4PpFq8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e352ea2e025-NRT
expires
Wed, 02 Oct 2024 12:42:41 GMT
date
Wed, 02 Oct 2024 11:42:41 GMT
content-type
application/json
last-modified
Tue, 10 Sep 2024 19:25:48 GMT
server
cloudflare
dynamicallyStructuredPages.json
www.r345f.shop/
731 B
551 B
XHR
General
Full URL
https://www.r345f.shop/dynamicallyStructuredPages.json?v=1727869200000
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea59e45480d6971c8837d8a9914344d1075a4721e048543f44f0011de476a406

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://www.r345f.shop/

Response headers

cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"66e09d3c-2db"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wil0QzfFrKxVImcf5LoimehYRiVs%2Fk4NG4vOU4BLanADtXFeMVXiVyZTPaD0K4SvljyjQaoBpv3IR%2BdSXqGq37gIuNh5bv84sKr4A4UANOi33NwtKdZUqAvGbIAihF6FAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e352ea6e025-NRT
expires
Wed, 02 Oct 2024 12:42:41 GMT
date
Wed, 02 Oct 2024 11:42:41 GMT
content-type
application/json
last-modified
Tue, 10 Sep 2024 19:25:48 GMT
server
cloudflare
favicon.ico
www.r345f.shop/
4 KB
3 KB
Other
General
Full URL
https://www.r345f.shop/favicon.ico?version=1725996253917
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9720390e2afe6b7d5adcd46f763e89c1fef9475f0ce7aaaf615d124283f23d0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66e09d3c-e3e"
age
123
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ANiib%2Bc7o8c%2Bzu5AWXJDMs5%2BQuqMt8BMusw%2BM9%2FwExF2Gz4cDe2Ns%2FgU7TJPUD1pnF0YfG7U8EgUSaaqcwFbPrke79F2JtHaOKQlU%2BAo6t7C5UC8QJLfkSzAwLEhlVGRAA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e352eaae025-NRT
expires
Wed, 02 Oct 2024 12:40:38 GMT
date
Wed, 02 Oct 2024 11:42:41 GMT
content-type
image/x-icon
last-modified
Tue, 10 Sep 2024 19:25:48 GMT
vary
Accept-Encoding
server
cloudflare
loader.gif
www.r345f.shop/
69 KB
69 KB
XHR
General
Full URL
https://www.r345f.shop/loader.gif?v=1711872273
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d62fe2f4b91c2bb3d80bdd9ddd4af8701802a1688a738cb70a8b309d93f9200e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://www.r345f.shop/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"66e09d3c-112d4"
age
108
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AJ0XfP6TazTDF4MFYUW%2FB40W%2B6ymRCrdjNSVOYjH6INl%2FTM9pwH57qIDg%2FuclGLsPjq7SHbHGJM2H0C4fuS5DNa%2BYpgXCKSQF%2F2fW0pR%2BEqwLrofMKC5DMHAtFjSwIsiKA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e36c8f6e025-NRT
expires
Wed, 02 Oct 2024 12:40:53 GMT
accept-ranges
bytes
content-length
70356
date
Wed, 02 Oct 2024 11:42:41 GMT
content-type
image/gif
last-modified
Tue, 10 Sep 2024 19:25:48 GMT
vary
Accept-Encoding
server
cloudflare
truncated
/
69 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d62fe2f4b91c2bb3d80bdd9ddd4af8701802a1688a738cb70a8b309d93f9200e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
payments.json
www.r345f.shop/
21 KB
2 KB
XHR
General
Full URL
https://www.r345f.shop/payments.json?v=09/10/2024-23:24
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f3de0b5fa1fd6d6c49d434e024a68ce25c97da1461281a5578409f66367496e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://www.r345f.shop/

Response headers

cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"66e09d3c-530d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CbhwQ8JtXFC1CjgV14aRIf2RhWvkE7Z0y4dHhk5%2BfaVRZ49las8u572%2F0kv44NQ5urCZlAUOMNMnSXGYmf6ILaZI0ZA9B4xf6GlTlZcLyJn6zhe82WGXRm6YlIctTjbJ0A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e39dd70e025-NRT
expires
Wed, 02 Oct 2024 12:42:42 GMT
date
Wed, 02 Oct 2024 11:42:42 GMT
content-type
application/json
last-modified
Tue, 10 Sep 2024 19:25:48 GMT
server
cloudflare
/
geoapi.fjykjczttspydxcx.com/
207 B
845 B
Fetch
General
Full URL
https://geoapi.fjykjczttspydxcx.com/?type=json
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.3 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/7.3.33
Resource Hash
6e2741f974290f32334edd8dee95fd28ac67a953b1829d5eb9282048259d50da

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
speculation-rules
"/cdn-cgi/speculation"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yz3qM1Y32woFJrTviFJooBWeMnyPQ55RCLZRyhwMZCg4UBVWbn8u0%2Fgm3QKKoeQnmWxbca5ecxcBbss4oRjheHHtMUxiMTF2v317IIgLpSEuWB7VC2CWkEcO2wr9dw9kGhg%2BuiklYM5P70gt6Gc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e3d5846e38c-NRT
access-control-allow-origin
*
date
Wed, 02 Oct 2024 11:42:43 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.33
server
cloudflare
fas.json
www.r345f.shop/translations/
142 KB
41 KB
XHR
General
Full URL
https://www.r345f.shop/translations/fas.json?v=1727869200000
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a00f0c6a959c5bc4748a5c314eb08b99d01f0f513d602599d8174e6e0a63d84

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://www.r345f.shop/

Response headers

cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"66fa6259-239a1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hksBot6fVmA%2FXcCwtJq%2Bc6v8z38pVz1Cpkafxw2%2Bs8KrzSkVFLr16UCQrKjcxvWbzBeaGU1f7OAhhSRPzuAA37%2F8aTmOtWeme%2B83fZjQfJufUnRrSM4Rk2IGHgmkKMoohA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e40add0e025-NRT
expires
Wed, 02 Oct 2024 12:42:43 GMT
date
Wed, 02 Oct 2024 11:42:43 GMT
content-type
application/json
last-modified
Mon, 30 Sep 2024 08:33:29 GMT
server
cloudflare
fa-be90e85a.js
www.r345f.shop/assets/
2 KB
1 KB
Script
General
Full URL
https://www.r345f.shop/assets/fa-be90e85a.js
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed58e4ce36de9bcb3af8ab717f92c257ca1a19fe4940c48525f6dc5273af5a9c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.r345f.shop
Referer
https://www.r345f.shop/assets/index-91f1e5fc.js

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66e09d44-7ec"
age
109
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6m%2FBePK5GFGHqV00W9hBoyCp7kLyPvb1hKfpDlMZvpGRrWNFxacjdbXCOdNqrhRFZ0XZHpxLptg2uLmM2O2fcrWv7iTCmoluN%2BbcUmwnJXXIlQoao%2BK0H32t0waNg1FnpA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e40add7e025-NRT
expires
Wed, 02 Oct 2024 12:40:54 GMT
date
Wed, 02 Oct 2024 11:42:43 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
server
cloudflare
api.js
www.recaptcha.net/recaptcha/
2 KB
2 KB
Script
General
Full URL
https://www.recaptcha.net/recaptcha/api.js?render=6LdHNLMiAAAAAN7XCvnN565O3LzegR9UWZWWcBp_
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c04::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c606015839ec0599769d00aabd0416ed84207f1f8df4bb9fc2eb6a3db38b54c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Wed, 02 Oct 2024 11:42:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Wed, 02 Oct 2024 11:42:43 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
recaptcha__ja.js
www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/
543 KB
217 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__ja.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=6LdHNLMiAAAAAN7XCvnN565O3LzegR9UWZWWcBp_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.198.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f3.1e100.net
Software
sffe /
Resource Hash
81ac039a59b8835cce828ae65720c352e004970974421d35f776dc1a2c4488e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.r345f.shop
Referer
https://www.r345f.shop/

Response headers

content-encoding
gzip
age
520655
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Fri, 26 Sep 2025 11:05:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 11:05:08 GMT
last-modified
Mon, 23 Sep 2024 04:00:50 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
221841
x-xss-protection
0
server
sffe
anchor
www.recaptcha.net/recaptcha/api2/ Frame 58BE
0
0
Document
General
Full URL
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdHNLMiAAAAAN7XCvnN565O3LzegR9UWZWWcBp_&co=aHR0cHM6Ly93d3cucjM0NWYuc2hvcDo0NDM.&hl=ja&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=y2ohyhtsgq56
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__ja.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c04::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6wEuemdAQvPr1cmK8arprQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.r345f.shop/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-6wEuemdAQvPr1cmK8arprQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-security-policy-report-only
frame-ancestors 'self';report-uri https://csp.withgoogle.com/csp/frame-ancestors/38fac9d5b82543fc4729580d18ff2d3d
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Wed, 02 Oct 2024 11:42:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
38fac9d5b82543fc4729580d18ff2d3d
csp.withgoogle.com/csp/frame-ancestors/
0
0

index.es-9e658d5d.js
www.r345f.shop/assets/
281 KB
78 KB
Script
General
Full URL
https://www.r345f.shop/assets/index.es-9e658d5d.js
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c8f9daf7ccea8d504375d40cd1af246b5bf001b0d236c0c8a2629c92f36ceed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.r345f.shop
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66e09d44-465a3"
age
109
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GvcccWVTaKFuCS4qRkL3JQGZG5Oal%2BRmFiZKpt42bt20SJVrtJBfmmI0Ra4HPITFDU2uk8XxBrXRDudYQLRvHOCo7a58esTXDeh2%2BO6uufIPaZYXchfFvk5GUmjG3Yo5UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e46bdc2e025-NRT
expires
Wed, 02 Oct 2024 12:40:55 GMT
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
server
cloudflare
events-bec5aaf5.js
www.r345f.shop/assets/
6 KB
2 KB
Script
General
Full URL
https://www.r345f.shop/assets/events-bec5aaf5.js
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5e38c79144bf158338f3dd217c9a94764b7c3d34de053472919d4a0e75558cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.r345f.shop
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66e09d44-17fd"
age
109
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6lYYujF3PrMIVMm%2F52y%2B2VYDk3TiOrj6TGxP7sjuA4CsIUVa2uWjbE7AHwLuH%2BB0%2FSPPoa%2F0BdmOzv48nqXoL0sGRSdfjTbdoTEnBoVB0po4CTneEyuorx7oOH9vI6%2Ft4w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e46bdc4e025-NRT
expires
Wed, 02 Oct 2024 12:40:55 GMT
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
server
cloudflare
header_menu_18750767_fas.json
www.r345f.shop/menus/
7 KB
1 KB
XHR
General
Full URL
https://www.r345f.shop/menus/header_menu_18750767_fas.json
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d8e78229d4d3408209554be9ff57c906b72b03f503d72156e91cff212c6a824

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://www.r345f.shop/

Response headers

cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"66e09d3c-1ce7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DB0yab8h8xi4SRIa1eMJKSXZMkKqW9VHX1RdCXnfqlTHJmAQu5YjKNEON0TF8lqDxQi4MYfqyGOdGU2Gkyd76v1UNFUHz7wy07d4mEhotm%2Ft82Ktn4F5mjx%2FdwLV9mNItw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e46cdcee025-NRT
expires
Wed, 02 Oct 2024 12:42:44 GMT
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
application/json
last-modified
Tue, 10 Sep 2024 19:25:48 GMT
server
cloudflare
app_menu_18750767_fas.json
www.r345f.shop/menus/
3 KB
870 B
XHR
General
Full URL
https://www.r345f.shop/menus/app_menu_18750767_fas.json
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f112c1bbe578c1ac80a5fa96ac11ea7d1b4c05cf6779acb5c5ab95f22cddc0ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://www.r345f.shop/

Response headers

cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"66e09d3c-ce5"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xcEd9rGoWmL6bFOmIoyWpmuDsltqV363XcJWld8SAK1YNT6r%2B%2B9KhhRz9SMVMJM3taZIXiPZLfI339UUkd3Mv9MARIwCq1EFbW4h3Z4K4WbnLz8QSDS81vg85hiTFeVnsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e46cdd0e025-NRT
expires
Wed, 02 Oct 2024 12:42:44 GMT
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
application/json
last-modified
Tue, 10 Sep 2024 19:25:48 GMT
server
cloudflare
footer_menu_18750767_fas.json
www.r345f.shop/menus/
18 KB
2 KB
XHR
General
Full URL
https://www.r345f.shop/menus/footer_menu_18750767_fas.json
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
acfbdcc07532ddb853e5968113c966717fdafe8fd1c826cd2120cc79bb1daca8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://www.r345f.shop/

Response headers

cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"66f12935-4896"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qSecAANrBHG1dElzHdB7H3POdyJVYNUfRhVEUwNseL2nkqTwiPOe95ZQoPDX98s6TAe9%2FqILo4V%2Bdxoxvh18EUBMs9JzE%2Bwg9KOll8%2B%2BEOUP8duNvessnSEdcMmrRZG3Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e46cdd6e025-NRT
expires
Wed, 02 Oct 2024 12:42:44 GMT
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
application/json
last-modified
Mon, 23 Sep 2024 08:39:17 GMT
server
cloudflare
45f4062f4f6427f9e6eab952d2452b3c
verify.walletconnect.com/ Frame 4FF1
0
0
Document
General
Full URL
https://verify.walletconnect.com/45f4062f4f6427f9e6eab952d2452b3c
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index.es-9e658d5d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.r345f.shop/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
public, max-age=900
cf-ray
8cc46e491f27d79c-NRT
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 02 Oct 2024 11:42:44 GMT
server
cloudflare
vary
Accept-Encoding
Firebase-ffb0612b.js
www.r345f.shop/assets/
82 KB
15 KB
Script
General
Full URL
https://www.r345f.shop/assets/Firebase-ffb0612b.js
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccb2105b066960c055c2a6438ea5910aa4b291bbff312652e8b499a502eb11d4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.r345f.shop
Referer
https://www.r345f.shop/assets/index-91f1e5fc.js

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66e09d44-1497b"
age
109
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kzfjor%2Fx7y4QTdUohAxYVsZxMY6H2xi98DwDhM6n0RIL7kY6k5X3XArYEHr%2F6sClqDmyAJyQ6BhduZyxZHzrylgaERlGF%2BR6lHEtUOnaWhXS0uq9Eya5gleyCKXrNsClYw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e4a0a5ce025-NRT
expires
Wed, 02 Oct 2024 12:40:55 GMT
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
server
cloudflare
NotificationsButton-f213ca56.js
www.r345f.shop/assets/
531 B
639 B
Script
General
Full URL
https://www.r345f.shop/assets/NotificationsButton-f213ca56.js
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b863b15fced130c16781bd7c8a36106bffaf9d6a7202a75e7a3260c3ab24eac0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.r345f.shop
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66e09d44-213"
age
109
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aRMAFCbVgLIRDv5CJbdSoRf4zfDTGTfSuSlPvIlWRFhh103YE5L2J0SQbe7Nk6ZkTwHZPzAkGD8mW5FP0R2CxkcG8LASuWq50n2l7jpNGBMYsss%2B9dSm7%2Baw4sxPAU41Tw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e4a3a93e025-NRT
expires
Wed, 02 Oct 2024 12:40:55 GMT
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
server
cloudflare
withPanelButton-eb2fa097.js
www.r345f.shop/assets/
1 KB
828 B
Script
General
Full URL
https://www.r345f.shop/assets/withPanelButton-eb2fa097.js
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
83c1d848df8f9c3fa79c218a86d7135a057d84574f63c19e2f4b756809063336

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.r345f.shop
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66e09d44-430"
age
109
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yXOK%2FtKCxlRNLDD4RJwXu3g3oOcbmdmYdHQpNMfQEk6tJQ28fUu6TToRifbQaqpnXxWNmhg2WP4vJMCRO3Rh9qJFm3rchnVxsRkXQvc5nWNTJzXhzCQDSmP%2FCdzmQPhY2A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e4a3a97e025-NRT
expires
Wed, 02 Oct 2024 12:40:55 GMT
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
server
cloudflare
FavoriteGamesButton-1f6623fb.js
www.r345f.shop/assets/
400 B
613 B
Script
General
Full URL
https://www.r345f.shop/assets/FavoriteGamesButton-1f6623fb.js
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a74eee713250dc6633daaba0457824a5227eb9082a194572ead4a8277130aed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.r345f.shop
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66e09d44-190"
age
109
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bgCpqcrk%2FdqRGXHHF8dg5Mmfx5K3M%2FYGhsy%2FNO%2B6omaUfmRBGdEIHbfWCQvse7FfymnlFqg71fr8G6XMqHWseau3ZM7E%2BOMW4q5uM7Sm3LMDn3wjVeAvzPLxitcXXKtOiA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e4a3a99e025-NRT
expires
Wed, 02 Oct 2024 12:40:55 GMT
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
server
cloudflare
AppSettingsButton-87e068d5.js
www.r345f.shop/assets/
358 B
684 B
Script
General
Full URL
https://www.r345f.shop/assets/AppSettingsButton-87e068d5.js
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee57c662a95b909b58d882bc8acc075895104af2d4c489f74c0d3d489f92198e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.r345f.shop
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66e09d44-166"
age
109
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5h2GpRWxvzUZNjhZXLwHwKx2J922LbosKM4kckLNTBb2zrVHSA%2FZEdHU3qVTKnn7H0Vm57MZ%2Bhdnm%2FnP0Eo%2Fq%2FF9wC3BxCTNCox12rPpNhYLl7R5rg8GEgm3bKKdLofkgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e4a3a9ee025-NRT
expires
Wed, 02 Oct 2024 12:40:55 GMT
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
server
cloudflare
BetslipButton-f60f2a10.js
www.r345f.shop/assets/
391 B
574 B
Script
General
Full URL
https://www.r345f.shop/assets/BetslipButton-f60f2a10.js
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
50ea247dfaf1eaab2293bcbca5282be85ccdcc5c7f04952fe6975e295daad39e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.r345f.shop
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66e09d44-187"
age
109
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rTs04EzbqwWgIj8JKJkyzVMfQYQyvGLmC1s%2B3VEGwWJSORZuQ8GKqPJHMWIYRbbrF2In%2FyzuHDa%2BrtRZyfTOf75XSMsllCGLA6boIYLH95k2rvDo1rzdt%2BYCpq2oTjnNRw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e4a3a9fe025-NRT
expires
Wed, 02 Oct 2024 12:40:55 GMT
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
server
cloudflare
Home-b79d83b3.js
www.r345f.shop/assets/
638 B
694 B
Script
General
Full URL
https://www.r345f.shop/assets/Home-b79d83b3.js
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c706c22a32630164260bcd4f542c142ec8ba4c11dd7d2076b706d52c0ec0eeb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.r345f.shop
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66e09d44-27e"
age
109
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hfs6CQwmoKV5ALhP13wqrM0H1O8fiPB%2BdZPhrbuYPYH1AQjTywYGaK312alcVBhKN0q0DZ%2BonBtkTM2JSTFlotyt3zkbfQQ8Q9aFtSL99luEmCixrYXWo5xB5SBaeF72kg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e4a4aafe025-NRT
expires
Wed, 02 Oct 2024 12:40:55 GMT
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
server
cloudflare
Home-e5d09089.css
www.r345f.shop/assets/
353 B
452 B
Stylesheet
General
Full URL
https://www.r345f.shop/assets/Home-e5d09089.css
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5d090890f093b7791c549b3ff3f6d1b5b3905cdc547385975a4a76d84768ee4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66e09d44-161"
age
109
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AcIicsw0QVHb0wNRk33NxUikkH69gBwkOvmqG9XnG3VLnEyMS5XNdhMInuFbk%2F87JpU%2BfgQ0IaWwUjaODhX2%2BuQP6rvPEKNjBlecaqyogR2qnFTRaOAtwwNYQUamKEyKSg%3D%3D"}],"group":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8cc46e4a4aade025-NRT
expires
Wed, 02 Oct 2024 12:40:55 GMT
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
text/css
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
server
cloudflare
header.json
www.r345f.shop/
2 B
465 B
XHR
General
Full URL
https://www.r345f.shop/header.json?v=09/10/2024-23:24
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://www.r345f.shop/fa/

Response headers

cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
etag
"66e09d3c-2"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vXUsmoPUZY6JfClg8EG7rzwd%2FgG4MlhgYlZK9JCl3zm1NLsp%2Fu7xqL7joEz8RAIZYZ2wk4owsYxEhfTy8B5wIcNIi%2BR0WM%2BmEswf5UTy4gySlwE65yLf7YD997U2tE%2FF4g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e4a5ac9e025-NRT
expires
Wed, 02 Oct 2024 12:42:44 GMT
accept-ranges
bytes
content-length
2
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
application/json
last-modified
Tue, 10 Sep 2024 19:25:48 GMT
server
cloudflare
flags-1d9ff867.png
www.r345f.shop/assets/
409 KB
410 KB
Image
General
Full URL
https://www.r345f.shop/assets/flags-1d9ff867.png?v=279
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-c36ed3ad.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d9ff867ae65d7439d1e0fe3132c884175bc82ee12e5e02083f75fda3c54f59b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/assets/index-c36ed3ad.css

Response headers

cf-cache-status
HIT
etag
"66e09d44-66507"
age
109
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X0My0%2FE86gGl%2Bh0YL%2BKYfkzJ8TZYXl2CS7P%2BUTy%2BoSnQsY86UG3XgM8I6A38ihuU9FkUAEBu%2FXaLYcMxhJFFbGymnMJ%2BE%2Fcv72ceNvI3GHkwjlntr1m34KqDYryeCbLURQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 02 Oct 2024 12:40:55 GMT
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
image/png
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8cc46e4a5acee025-NRT
accept-ranges
bytes
content-length
419079
server
cloudflare
BetConstruct-Icons-95573c81.ttf
www.r345f.shop/assets/
579 KB
580 KB
Font
General
Full URL
https://www.r345f.shop/assets/BetConstruct-Icons-95573c81.ttf?d2q5hf
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-c36ed3ad.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
95573c8185fc140a948ee5badce0966026b6cea667b889ea43c4c75675574a6f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.r345f.shop
Referer
https://www.r345f.shop/assets/index-c36ed3ad.css

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"66e09d44-90b8c"
age
108
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CNRy0u%2B2rSQL1Kn3Q16ON01yMd8%2F2LDVFtvVJgPcbrsZ5p67Ed3sZxm5XjF%2FltAmctke0N8%2BWI69%2BZQ93Mprkd%2F85UToV8tzJgpSOkLX23Tzp8txJ6CvyCfwYRhS6aVeuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e4aab29e025-NRT
expires
Wed, 02 Oct 2024 12:40:55 GMT
accept-ranges
bytes
content-length
592780
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
application/octet-stream
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
server
cloudflare
IRAN_SemiBold.woff2
www.r345f.shop/fonts/farsi/
30 KB
30 KB
Font
General
Full URL
https://www.r345f.shop/fonts/farsi/IRAN_SemiBold.woff2?v=51
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-c36ed3ad.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dae6431c9ff3b2b2fd73ca9b1ee44cfa6d00eb9d862e98dada885fac649a7f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.r345f.shop
Referer
https://www.r345f.shop/assets/index-c36ed3ad.css

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"66e09d3c-77d8"
age
108
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=isKN5KJdUMZKOXZifloP4RIiYQYPUK0R9M%2Fy0eYWXHQQX6l7DKyh6H35wZM2%2BWArtYKHjJfY8tJVbqVCNZ85%2BqbXWlgjFJ1lGbjgd1OGFv%2BSglslZtp6%2Fv7xI0FHlalMDw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e4aab2ae025-NRT
expires
Wed, 02 Oct 2024 12:40:56 GMT
accept-ranges
bytes
content-length
30680
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
font/woff2
last-modified
Tue, 10 Sep 2024 19:25:48 GMT
vary
Accept-Encoding
server
cloudflare
js
www.googletagmanager.com/gtag/
316 KB
104 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1JWLHHGW3B
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4c9604ff4949359d776643d944fa22acb5abc4a6e052456b9a8f1ebcbab4dbfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 02 Oct 2024 11:42:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
106545
x-xss-protection
0
server
Google Tag Manager
gtm.js
www.googletagmanager.com/
188 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5DVV4PRR&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fdcfc098e2d6ac01ff31351c9f5ec4b9cc7b68b5a8dc28973df615de630a3cec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 02 Oct 2024 11:42:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 02 Oct 2024 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
69165
x-xss-protection
0
server
Google Tag Manager
tracking.js
cdn.livechatinc.com/
84 KB
27 KB
Script
General
Full URL
https://cdn.livechatinc.com/tracking.js
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.20.111 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-20-111.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e2e4dc349e8974085793b5fcdc37711a846d4931b892dfe8da51a889ddf355ad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

content-encoding
br
etag
W/"3d4bb010914ddfc86d242ea7c4d148ed"
x-amz-version-id
x3fW3B6Ouq4MA17HnjNlkzwdcapOc6L.
expires
Wed, 02 Oct 2024 19:42:44 GMT
x-amz-cf-id
aBkJwJkjEnTwWsIs0iIJtEDbW7MN2ggZKx0RvMRwbw4B-7KOLtaG5Q==
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 01 Oct 2024 16:37:15 GMT
vary
Accept-Encoding
cache-control
max-age=28800
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
27101
x-amz-cf-pop
NRT20-P1
server
AmazonS3
x-amz-server-side-encryption
AES256
seo
go.cms.hogoxiyfctcdpjbu.com/api/public/v1/fas/partners/18750767/
12 KB
0
XHR
General
Full URL
https://go.cms.hogoxiyfctcdpjbu.com/api/public/v1/fas/partners/18750767/seo?platform=0&country=JP
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.37 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://www.r345f.shop/

Response headers

cache-control
max-age=600
content-encoding
gzip
cf-cache-status
DYNAMIC
cf-ray
8cc46e4b1a943c05-NRT
access-control-allow-origin
*
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
application/json
vary
Origin
server
cloudflare
popups
go.cms.hogoxiyfctcdpjbu.com/api/public/v1/fas/partners/18750767/
49 B
337 B
XHR
General
Full URL
https://go.cms.hogoxiyfctcdpjbu.com/api/public/v1/fas/partners/18750767/popups?type=per_page&platform=0&country=JP
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.37 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eae6bca13b339eb6ecdf941c29ee842a5788b210f695a10907dccf0435bdc8c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://www.r345f.shop/

Response headers

cache-control
max-age=600
content-encoding
gzip
cf-cache-status
DYNAMIC
cf-ray
8cc46e4b1a923c05-NRT
access-control-allow-origin
*
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
application/json
vary
Origin
server
cloudflare
logo.svg
www.r345f.shop/
8 KB
3 KB
Image
General
Full URL
https://www.r345f.shop/logo.svg?v=1711872273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e31dfd3522cdd5dcbf53ec53825a924fcf091e252425e8d8cfeb0bd6b3e2f3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/fa/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66e09d3c-1f0e"
age
108
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bvBiU9tX7hZA2fbot7AJH%2Fju7MP8qWw10tzel7Q0JjaScBgDUemIWyEAUiXGasorqe6laLt3X8ye4GgpWEtKtzZqiH%2B%2F6vuZk41eRuSNBlCf5Yjrxe3zK181%2FvpHbrnc%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e4aab26e025-NRT
expires
Wed, 02 Oct 2024 12:40:56 GMT
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
image/svg+xml
last-modified
Tue, 10 Sep 2024 19:25:48 GMT
vary
Accept-Encoding
server
cloudflare
validate.ashx
verification.curacao-egaming.com/
0
0

16203.png
cms.hogoxiyfctcdpjbu.com/content/images/payments/default/
0
0

16439.png
cms.hogoxiyfctcdpjbu.com/content/images/payments/default/
0
0

16440.png
cms.hogoxiyfctcdpjbu.com/content/images/payments/default/
0
0

10966.png
cms.hogoxiyfctcdpjbu.com/content/images/payments/custom/18750767/
17 KB
17 KB
Image
General
Full URL
https://cms.hogoxiyfctcdpjbu.com/content/images/payments/custom/18750767/10966.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.37 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c66190f374fbbf41726120bb5ae87c75e04afd624f6791c14fbacb2ab0d549f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cache-control
public, max-age=14400
cf-cache-status
HIT
etag
"65ae30dd-4526"
age
3384
cf-ray
8cc46e4addf0f5ed-NRT
expires
Wed, 02 Oct 2024 15:42:44 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
17702
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
image/png
last-modified
Mon, 22 Jan 2024 09:09:49 GMT
vary
Accept-Encoding
server
cloudflare
7225.png
cms.hogoxiyfctcdpjbu.com/content/images/payments/custom/18750767/
8 KB
8 KB
Image
General
Full URL
https://cms.hogoxiyfctcdpjbu.com/content/images/payments/custom/18750767/7225.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.37 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9f4e36ff162eea67739b3e3b88821b94ab44e5d86a7f615b642bf6907af30c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cache-control
public, max-age=14400
cf-cache-status
HIT
etag
"65ae30ad-1e9e"
age
1498
cf-ray
8cc46e4addf1f5ed-NRT
expires
Wed, 02 Oct 2024 15:42:44 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
7838
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
image/png
last-modified
Mon, 22 Jan 2024 09:09:01 GMT
vary
Accept-Encoding
server
cloudflare
11693.png
cms.hogoxiyfctcdpjbu.com/content/images/payments/custom/18750767/
6 KB
6 KB
Image
General
Full URL
https://cms.hogoxiyfctcdpjbu.com/content/images/payments/custom/18750767/11693.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.37 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f891c418268368ae42ef9a20cd87c4c03753c0798a35e120c2becddb3391f60

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cache-control
public, max-age=14400
cf-cache-status
HIT
etag
"65ae30d3-1988"
cf-ray
8cc46e4addf4f5ed-NRT
expires
Wed, 02 Oct 2024 15:42:44 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
6536
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
image/png
last-modified
Mon, 22 Jan 2024 09:09:39 GMT
vary
Accept-Encoding
server
cloudflare
994.png
cms.hogoxiyfctcdpjbu.com/content/images/payments/custom/18750767/
8 KB
8 KB
Image
General
Full URL
https://cms.hogoxiyfctcdpjbu.com/content/images/payments/custom/18750767/994.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.37 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
111363133ec56559344ff9d384620cc90b4a17148a4ab5065e2c05310990121c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cache-control
public, max-age=14400
cf-cache-status
HIT
etag
"65ae3108-1f81"
age
621
cf-ray
8cc46e4aedf5f5ed-NRT
expires
Wed, 02 Oct 2024 15:42:44 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
8065
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
image/png
last-modified
Mon, 22 Jan 2024 09:10:32 GMT
vary
Accept-Encoding
server
cloudflare
10423.png
cms.hogoxiyfctcdpjbu.com/content/images/payments/custom/18750767/
3 KB
3 KB
Image
General
Full URL
https://cms.hogoxiyfctcdpjbu.com/content/images/payments/custom/18750767/10423.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.37 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
225a51c6b00023eb63533cf82f66f0ff3aa267aeca344f7abadddfd02ff60951

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cache-control
public, max-age=14400
cf-cache-status
HIT
etag
"65a91c77-d22"
cf-ray
8cc46e4aedf7f5ed-NRT
expires
Wed, 02 Oct 2024 15:42:44 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
3362
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Thu, 18 Jan 2024 12:41:27 GMT
vary
Accept-Encoding
server
cloudflare
141.png
cms.hogoxiyfctcdpjbu.com/content/images/payments/custom/18750767/
8 KB
8 KB
Image
General
Full URL
https://cms.hogoxiyfctcdpjbu.com/content/images/payments/custom/18750767/141.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.37 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c722db549a22aa9c8ab83e79d24da05e0a6fbabbe8d54d6d4b922e9e511f680a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cache-control
public, max-age=14400
cf-cache-status
HIT
etag
"65ae30f1-1ee3"
age
2173
cf-ray
8cc46e4aedf8f5ed-NRT
expires
Wed, 02 Oct 2024 15:42:44 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
7907
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
image/png
last-modified
Mon, 22 Jan 2024 09:10:09 GMT
vary
Accept-Encoding
server
cloudflare
5159.png
cms.hogoxiyfctcdpjbu.com/content/images/payments/custom/18750767/
10 KB
10 KB
Image
General
Full URL
https://cms.hogoxiyfctcdpjbu.com/content/images/payments/custom/18750767/5159.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.37 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b815682fa1315bb0439a31a544d796a1389787961e0085f7f4db70969d0d0461

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cache-control
public, max-age=14400
cf-cache-status
HIT
etag
"65ae3125-2868"
age
2173
cf-ray
8cc46e4aedf9f5ed-NRT
expires
Wed, 02 Oct 2024 15:42:44 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
10344
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
image/png
last-modified
Mon, 22 Jan 2024 09:11:01 GMT
vary
Accept-Encoding
server
cloudflare
13854.png
cms.hogoxiyfctcdpjbu.com/content/images/payments/custom/18750767/
8 KB
8 KB
Image
General
Full URL
https://cms.hogoxiyfctcdpjbu.com/content/images/payments/custom/18750767/13854.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.37 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9f4e36ff162eea67739b3e3b88821b94ab44e5d86a7f615b642bf6907af30c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cache-control
public, max-age=14400
cf-cache-status
HIT
etag
"65ae3089-1e9e"
age
620
cf-ray
8cc46e4aedfaf5ed-NRT
expires
Wed, 02 Oct 2024 15:42:44 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
7838
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
image/png
last-modified
Mon, 22 Jan 2024 09:08:25 GMT
vary
Accept-Encoding
server
cloudflare
13502.png
cms.hogoxiyfctcdpjbu.com/content/images/payments/custom/18750767/
8 KB
8 KB
Image
General
Full URL
https://cms.hogoxiyfctcdpjbu.com/content/images/payments/custom/18750767/13502.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.37 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9f4e36ff162eea67739b3e3b88821b94ab44e5d86a7f615b642bf6907af30c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cache-control
public, max-age=14400
cf-cache-status
HIT
etag
"65ae3119-1e9e"
age
3022
cf-ray
8cc46e4aedfbf5ed-NRT
expires
Wed, 02 Oct 2024 15:42:44 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
7838
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
image/png
last-modified
Mon, 22 Jan 2024 09:10:49 GMT
vary
Accept-Encoding
server
cloudflare
favicon.ico
www.r345f.shop/
4 KB
0
Other
General
Full URL
https://www.r345f.shop/favicon.ico?version=1725996253917
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9720390e2afe6b7d5adcd46f763e89c1fef9475f0ce7aaaf615d124283f23d0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/fa/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66e09d3c-e3e"
age
123
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ANiib%2Bc7o8c%2Bzu5AWXJDMs5%2BQuqMt8BMusw%2BM9%2FwExF2Gz4cDe2Ns%2FgU7TJPUD1pnF0YfG7U8EgUSaaqcwFbPrke79F2JtHaOKQlU%2BAo6t7C5UC8QJLfkSzAwLEhlVGRAA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e352eaae025-NRT
expires
Wed, 02 Oct 2024 12:40:38 GMT
date
Wed, 02 Oct 2024 11:42:41 GMT
content-type
image/x-icon
last-modified
Tue, 10 Sep 2024 19:25:48 GMT
vary
Accept-Encoding
server
cloudflare
homepage.json
www.r345f.shop/
2 KB
753 B
XHR
General
Full URL
https://www.r345f.shop/homepage.json?v=09/10/2024-23:24
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc1b2ba5b3f88e08bcdee162c2819de01ec969129697cb8fe603e0407dfae40a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://www.r345f.shop/fa/

Response headers

cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"66e09d3c-7ca"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J79Fxjtnnk8WWktDhwZQJHQk7jg7eNAikP3vHkbza%2FtP%2BLHiBVjZIlDgYoa79T0YVke5X4IJI8r4Qqz7pIOmqGafsi7q72pu3hKiTpElKpmaRlZQU7CdLWhMwbX0P9JdKg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e4aeb6ce025-NRT
expires
Wed, 02 Oct 2024 12:42:45 GMT
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
application/json
last-modified
Tue, 10 Sep 2024 19:25:48 GMT
server
cloudflare
index-64a1dbea.js
www.r345f.shop/assets/
173 B
412 B
Script
General
Full URL
https://www.r345f.shop/assets/index-64a1dbea.js
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
62f6fe767047cc943600c3b0d194383084d0536fcace25250252d73104fd2529

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.r345f.shop
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66e09d44-ad"
age
108
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fkcDZ1VX92UoTl2Ym%2BruQ29C69uH1VfQbrvbUT%2BU%2BmwmPeVsLQfWbHoBnd1IIaRAS4HmxCnVLNb6%2B3nOC1QBq%2Bckkd5w9XMc0YbKgsm5DnFQCwuMSDuHAxF4q6zlVhKfRw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e4afb88e025-NRT
expires
Wed, 02 Oct 2024 12:40:56 GMT
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
server
cloudflare
Notifications-f70caa9a.js
www.r345f.shop/assets/
2 KB
2 KB
Script
General
Full URL
https://www.r345f.shop/assets/Notifications-f70caa9a.js
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6316b4be973fa24310a11cf63661443d61a5f2030363d6b664cd1893b443805

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.r345f.shop
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66e09d44-914"
age
108
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y2lR6venVXVrqrR21o%2Bcm9OwC29B6qJkZHTMguG7LbWE46ea24Sby0eZ6EPVTQ7zQbtd3SnTrTXI%2BDzFOZWyZuVDC86uHJiOMd9Xhu5s7EOtYqDkrpZclqsbJ%2FtWXt0xTg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e4afb8ae025-NRT
expires
Wed, 02 Oct 2024 12:40:56 GMT
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
server
cloudflare
orderBy-6bd3cbef.js
www.r345f.shop/assets/
147 B
447 B
Script
General
Full URL
https://www.r345f.shop/assets/orderBy-6bd3cbef.js
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fd48e3ab0cfbb133c1eba3e595b0117b1120684b2572516d4e12abbf611bf7c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.r345f.shop
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66e09d44-93"
age
108
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=beaUUaDC7%2BEBQBuK3DR4muvOdTnQ0LID7gYdJavymnLTreUvI9dPItUmEPiQHKYnSEOxhrOSp3dvq%2BUAyqqq4woqnNP1a9H2tU%2BuoWH2doKMfjt%2BM3xCR0glup7KNJm4ug%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e4afb8be025-NRT
expires
Wed, 02 Oct 2024 12:40:56 GMT
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
server
cloudflare
NotificationItem-c15065fa.js
www.r345f.shop/assets/
704 B
678 B
Script
General
Full URL
https://www.r345f.shop/assets/NotificationItem-c15065fa.js
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae9714013a462f1da5d78e40e7f596a2929f9dbd90b74af6cff52d84f87f346f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.r345f.shop
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66e09d44-2c0"
age
108
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CtrLkB4FNAEpCICgaApMc3CtTOwSqhfI7sYvPhwgR4SUg63ITEDiE%2FKGWGNO7Rul7iREoG0D0z%2FSWlPL65ybL1l%2FYpiI5GF1stDP5HfP%2B%2F1Y7W1VI3AHV6UAVKnzhg3Rzw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e4afb8ce025-NRT
expires
Wed, 02 Oct 2024 12:40:56 GMT
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
server
cloudflare
Notifications-01d1c56a.css
www.r345f.shop/assets/
935 B
691 B
Stylesheet
General
Full URL
https://www.r345f.shop/assets/Notifications-01d1c56a.css
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
01d1c56ad9b312963af471e570ea9de176d0625b9f0eb1bebb0e5871daf7ac95

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/fa/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66e09d44-3a7"
age
108
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BjOnMWm1CjO42OwAHLn2e1tl67dH4mZhRD8a8Zy53HKt%2FsAKg%2FofiwtYjxRg%2BVoRFldtWtKHNl09qGyKl6YjsWQZ6aH5KYeM%2FtHbQ1o%2F5usvrDwivu0EJHjSm9rgCK0PRA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e4afb86e025-NRT
expires
Wed, 02 Oct 2024 12:40:56 GMT
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
text/css
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
server
cloudflare
FavoriteGamesContent-f0fba10a.js
www.r345f.shop/assets/
1 KB
979 B
Script
General
Full URL
https://www.r345f.shop/assets/FavoriteGamesContent-f0fba10a.js
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a59e2d5314d7bd0b712003d1b613c1400b8c993db9036182566ca4ee4458ab39

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.r345f.shop
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66e09d44-5ca"
age
108
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vOkJ6gxetS5H5TGR223Ku%2FyfOa4F4IQQqAYhzgpajmyL%2FaNQpyM0CWfVE1kEMc%2FQFqZ%2FLtDctteMqW%2BG641i8NA4olbhCR%2Bpc5%2BvHNPzpZejNg9hogu2UGAPQ2WJd783pg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e4afb92e025-NRT
expires
Wed, 02 Oct 2024 12:40:56 GMT
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
server
cloudflare
FavoriteCasinoGames-d25a99a8.js
www.r345f.shop/assets/
1 KB
1 KB
Script
General
Full URL
https://www.r345f.shop/assets/FavoriteCasinoGames-d25a99a8.js
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f97ba8c3d7f73dd632abc2716a53486241b4d8531a18981e3d8371648ab4bf9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.r345f.shop
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66e09d44-4cb"
age
108
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FwkLHuHCg3Z5x1AqXtDBShT7AdIaKH%2BuxdkbQbiT2hlDeQDSKSgCRo1HI5RoJo6atKWVsTus5SolYhrVnFRu7TQsw9XOzPk5Mkkz3ZjuyHNUj%2FU%2F0bb7eqx1mtEBEdwv0g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e4afb93e025-NRT
expires
Wed, 02 Oct 2024 12:40:56 GMT
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
server
cloudflare
FavoriteGamesSportContent-b3b88f24.js
www.r345f.shop/assets/
765 B
676 B
Script
General
Full URL
https://www.r345f.shop/assets/FavoriteGamesSportContent-b3b88f24.js
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
849e8ccd5b4b941844d493c2ed8098df7a22830a487bead62cff126d4ba4b47c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.r345f.shop
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66e09d44-2fd"
age
108
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5r2YmWO1J4PZ95Vv05uaIzCkPKSKLDsDSUBI%2Fu8y5ehMzfIhdI4F7s0WzONxl2FktHLyerJE%2FKnt6w5JfLnGnbpdkpVCCMHKOuYvv4z6hATg3klqm0qdy5hB3v7lxrgUWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e4afb94e025-NRT
expires
Wed, 02 Oct 2024 12:40:56 GMT
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
server
cloudflare
FavoriteSportCompetitions-c7a9bd91.js
www.r345f.shop/assets/
2 KB
1 KB
Script
General
Full URL
https://www.r345f.shop/assets/FavoriteSportCompetitions-c7a9bd91.js
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
27ff12c3b12cb72a0a33882670c8821774b7b9f000bf72223d9549014a193ed5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.r345f.shop
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66e09d44-773"
age
108
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XUs0dwWiYbgVHXG7exdweL%2BlpCqCtVdRDjwUAs4xp7uQJw9OZJfO0VlQCtS9gGNa66BpMsyrck6Yfo6AwXmWKw68C60LFeFsHgdHiYvLSYnkTNWH2e1ibt%2FnRLLnaU3TQw%3D%3D"}],"group":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8cc46e4afb96e025-NRT
expires
Wed, 02 Oct 2024 12:40:56 GMT
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
server
cloudflare
SportCompetition-4f53e6a4.js
www.r345f.shop/assets/
959 B
832 B
Script
General
Full URL
https://www.r345f.shop/assets/SportCompetition-4f53e6a4.js
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e45a042566838ebbd16c8799d743e95ce55ac48bcc9824b8c10e91692c210e6d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.r345f.shop
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66e09d44-3bf"
age
108
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tcr0ECuA9oiH6mmRf0wefYLSBbC2dqL6AqOPLxVlPqxRv3lKhzi%2Fh7hgIs6fEIqMLww%2FaPHtubmvFFCtS%2B3bCVD2Ksyl0EZNDOehv4mHmonSousT4paiuOTJEQDBW1TsMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e4afb99e025-NRT
expires
Wed, 02 Oct 2024 12:40:56 GMT
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
server
cloudflare
VerticationNavigationListGroupItem-46d31259.js
www.r345f.shop/assets/
639 B
654 B
Script
General
Full URL
https://www.r345f.shop/assets/VerticationNavigationListGroupItem-46d31259.js
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac0180b492ad3f4985c8b3219f64b2bd5a1ada251659ef06731dac587dcbd9a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.r345f.shop
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66e09d44-27f"
age
108
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xwQk0RfYilLjvf2suJxDxpq8rCeFV7aCpT1EwDmU68iQgsja5UAjXCxCfITnvCWgYMDmv8idMKJik0lXAE3h1c05avQp7Kknyu5gK9eJzusYTV4rTaVr6lxcJnEABx9r0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e4afb9ae025-NRT
expires
Wed, 02 Oct 2024 12:40:56 GMT
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
server
cloudflare
SportCompetition-91f63960.css
www.r345f.shop/assets/
917 B
718 B
Stylesheet
General
Full URL
https://www.r345f.shop/assets/SportCompetition-91f63960.css
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
91f63960a4434f8fd9cde0b6a217b8bc9b93501b5db364d598a51cf9f7febaf3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/fa/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66e09d44-395"
age
108
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QMK%2B5IlVF77yJW7iBv1cVRUXxJwSlScMxLtb98Qv%2FoTe%2FOgtZ1p6XAcFJOfdogE%2BKc08BjP9FFsFOYRYvTVZA0tJTp%2F3A1bN%2BtdKq0w2oBIQSEE%2BtBvJYXBcRvvI2vnB5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e4afb8ee025-NRT
expires
Wed, 02 Oct 2024 12:40:56 GMT
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
text/css
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
server
cloudflare
FavoriteSportGames-ed7f9f08.js
www.r345f.shop/assets/
1 KB
960 B
Script
General
Full URL
https://www.r345f.shop/assets/FavoriteSportGames-ed7f9f08.js
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a14fa00f0a533fc50b856c939370fe8a1308dc40df87f4a32f4ba08a046c648e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.r345f.shop
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66e09d44-458"
age
108
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qk%2FupVtaF38Kg8XeZ6Kg4nAqR9k8TmEI1GO1TG8GmJUZc0D2szPOxD5Jb9H%2BkendA3YcrxyTfAId%2FhVihTjM%2Fd0SR7EFpci4Jd8nifx8AwMeUwEZV%2BtIDst0JZxkP0uInw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e4afb9be025-NRT
expires
Wed, 02 Oct 2024 12:40:56 GMT
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
server
cloudflare
FavoriteGamesContent-3c8c548d.css
www.r345f.shop/assets/
1 KB
810 B
Stylesheet
General
Full URL
https://www.r345f.shop/assets/FavoriteGamesContent-3c8c548d.css
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c8c548dfe45c18f636ce2df3538676bf33be6d6b9609e70ffbecdcbe2f0eed8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/fa/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66e09d44-5bf"
age
108
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SCjZUW6aDrrtVRgorxqI2WOo2u8dMdKXGa8hOkHo6a0Epo02MXpS7%2BK18BvBDwq2w7twn7Wa2yTQDWN%2BUFgFS3A7PkJa6OX9znn4SvVA13OPDKnU2T5Y1GdSKW0BfKc%2Bsw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e4afb90e025-NRT
expires
Wed, 02 Oct 2024 12:40:56 GMT
date
Wed, 02 Oct 2024 11:42:44 GMT
content-type
text/css
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
server
cloudflare
whats_new
go.cms.hogoxiyfctcdpjbu.com/api/public/v1/fas/partners/18750767/notifications/
12 KB
3 KB
XHR
General
Full URL
https://go.cms.hogoxiyfctcdpjbu.com/api/public/v1/fas/partners/18750767/notifications/whats_new?platform=0&country=JP
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.37 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
75f8ca791e1804fc16d887929a1cc5205d631c0428cfed8c5cae03dccb843b22

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://www.r345f.shop/

Response headers

cache-control
no-cache
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache
cf-ray
8cc46e4b2a993c05-NRT
access-control-allow-origin
*
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
application/json
vary
Origin
server
cloudflare
get_dynamic_configuration
api.livechatinc.com/v3.6/customer/action/
384 B
601 B
Script
General
Full URL
https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=14748966&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fwww.r345f.shop%2Ffa%2F&group_id=0&channel_type=code&jsonp=__m38ee4ldtz
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.118.172 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-118-172.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b128fecf98a40397961890a224fffcff233a54da7658527e6d79ec37d6764d53
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://www.r345f.shop/;
X-Frame-Options allow-from https://www.r345f.shop/

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

content-security-policy
frame-ancestors https://www.r345f.shop/;
content-length
384
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
x-frame-options
allow-from https://www.r345f.shop/
ksvxmbsj1p
www.clarity.ms/tag/
660 B
1 KB
Script
General
Full URL
https://www.clarity.ms/tag/ksvxmbsj1p?ref=gtm2
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
18ee57c2d519af4bcd0abe0501d328d6273bcbdb82445e4cccf2ba02e7befc62

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
660
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
application/x-javascript
x-azure-ref
20241002T114245Z-16d6d947fcdbvqb7hadwkrk1s000000001z0000000014f4t
js
www.googletagmanager.com/gtag/
316 KB
104 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1JWLHHGW3B&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DVV4PRR&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aefd72a84b07505d38c3f946eef0ac4f8bce0dbb9a55fc086e68d1e5df9b5272
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 02 Oct 2024 11:42:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
106531
x-xss-protection
0
server
Google Tag Manager
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-1JWLHHGW3B&gtm=45je4a10v9175761358za200zb9176312292&_p=1727869364883&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101747727&cid=62050790.1727869365&ul=ja-jp&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1727869365&sct=1&seg=0&dl=https%3A%2F%2Fwww.r345f.shop%2Ffa%2F&dt=%D8%A8%D8%B1%DB%8C%20%D8%A8%D8%AA%20%7C%20%D8%B3%D8%A7%DB%8C%D8%AA%20%D9%BE%DB%8C%D8%B4%20%D8%A8%DB%8C%D9%86%DB%8C%20%D9%88%D8%B1%D8%B2%D8%B4%DB%8C%D8%8C%20%D8%B4%D8%B1%D8%B7%20%D8%A8%D9%86%D8%AF%DB%8C%20%D9%88%20%DA%A9%D8%A7%D8%B2%DB%8C%D9%86%D9%88%20%D8%A2%D9%86%D9%84%D8%A7%DB%8C%D9%86&en=Visited%20Homepage&_fv=1&_nsi=1&_ss=1&_ee=1&ep.event_category=Pages&tfd=5337
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1JWLHHGW3B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:828::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.r345f.shop
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
text/plain
server
Golfe2
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-PPCGRZNB10&gtm=45je4a10v9175761358za200zb9176312292&_p=1727869364883&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101747727&cid=62050790.1727869365&ul=ja-jp&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1727869365&sct=1&seg=0&dl=https%3A%2F%2Fwww.r345f.shop%2Ffa%2F&dt=%D8%A8%D8%B1%DB%8C%20%D8%A8%D8%AA%20%7C%20%D8%B3%D8%A7%DB%8C%D8%AA%20%D9%BE%DB%8C%D8%B4%20%D8%A8%DB%8C%D9%86%DB%8C%20%D9%88%D8%B1%D8%B2%D8%B4%DB%8C%D8%8C%20%D8%B4%D8%B1%D8%B7%20%D8%A8%D9%86%D8%AF%DB%8C%20%D9%88%20%DA%A9%D8%A7%D8%B2%DB%8C%D9%86%D9%88%20%D8%A2%D9%86%D9%84%D8%A7%DB%8C%D9%86&en=Visited%20Homepage&_fv=1&_ss=1&_ee=1&ep.event_category=Pages&tfd=5342
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1JWLHHGW3B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:828::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.r345f.shop
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
text/plain
server
Golfe2
HarmonyJackpotWidget-5788cf1e.js
www.r345f.shop/assets/
2 KB
1 KB
Script
General
Full URL
https://www.r345f.shop/assets/HarmonyJackpotWidget-5788cf1e.js
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
49234246801f1a41e99347daa5eccf8f2fcdc4f4af30b5bbd01ba42ab04192c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.r345f.shop
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66e09d44-6a3"
age
109
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UUh44IxcaDLErcSg61oRIQacGmAur7DUOaxBVjy8kdK%2F2js1kcLnNvUmSa2I1Fxpon%2BiGzgpS2RHLyXxCrn47AMxQyjrlm8%2Bga4fCAlApuNVUJrZRShd1lvsisH6Vcoe4w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e4c8db5e025-NRT
expires
Wed, 02 Oct 2024 12:40:56 GMT
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
server
cloudflare
HarmonyJackpotWidget-33c01aa3.css
www.r345f.shop/assets/
2 KB
1019 B
Stylesheet
General
Full URL
https://www.r345f.shop/assets/HarmonyJackpotWidget-33c01aa3.css
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c01aa329a231babf2a347340fc5cd86f4a7238f23519d00259caa8ce0143e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/fa/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66e09d44-77c"
age
109
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=luWn1j7%2F9CJwXG2fW0aAyVDsDlhZIQTlW6HCNiCiLtZeQ49z%2FD%2BXy88AXRVUAOFMDT4H754mSbd6YniVanFiI1FsLpUtEZA8DtzQEvYZL1tVZVwQ%2FUVSMUaENxT1DgZq6w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e4c8db1e025-NRT
expires
Wed, 02 Oct 2024 12:40:56 GMT
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
text/css
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
server
cloudflare
PromotedProductsWidget-d8598c3a.js
www.r345f.shop/assets/
1 KB
1 KB
Script
General
Full URL
https://www.r345f.shop/assets/PromotedProductsWidget-d8598c3a.js
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-91f1e5fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
da753d1813b2ebe5336bf87ab26c9b64290fb7e742fce0fb88bea5db13dbaf27

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.r345f.shop
Referer
https://www.r345f.shop/assets/index-91f1e5fc.js

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66e09d44-51f"
age
109
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y8ql9%2FqHoE1A7ke0BKPZIeZLnOzmWrR5p3TR5fs53XFfvNkbXevGJeBFJB85cc43OJT8wsHC9DX8i7pxgRgucWDkBjr796jDzSLxDdtYyAtbWBcnSneOXPXw%2BgDQcS2APQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e4c9dc7e025-NRT
expires
Wed, 02 Oct 2024 12:40:56 GMT
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
server
cloudflare
contents
go.cms.hogoxiyfctcdpjbu.com/api/public/v1/fas/partners/18750767/components/5074/
0
0

contents
go.cms.hogoxiyfctcdpjbu.com/api/public/v1/fas/partners/18750767/components/5548/
0
0

getGames
go.cms.hogoxiyfctcdpjbu.com/casino/
0
0

getGames
go.cms.hogoxiyfctcdpjbu.com/casino/
0
0

getGames
go.cms.hogoxiyfctcdpjbu.com/casino/
0
0

jackpot-banner-bg-3f34a47f.png
www.r345f.shop/assets/
48 KB
48 KB
Image
General
Full URL
https://www.r345f.shop/assets/jackpot-banner-bg-3f34a47f.png?v=737
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-c36ed3ad.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f34a47ffd4c49e6538b07e8ff5a69575b4a7e01d1a07e3ebbac52d9999ac361

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/assets/index-c36ed3ad.css

Response headers

cf-cache-status
HIT
etag
"66e09d44-be79"
age
109
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xCoOzKpJykKVZAVn0ar8An6QvP7fTNhSSuXojb1p99vztD9v9e7mnWQ5oquB7X71zbq5Y3OE0AhTeVRn2sPTeOEbWSTrH3CMIkp%2BdablXfY7UisMjvOOT9LdPOynE5pxZg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 02 Oct 2024 12:40:56 GMT
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8cc46e4cbdeee025-NRT
accept-ranges
bytes
content-length
48761
server
cloudflare
feature-game-bg-cd1ca118.png
www.r345f.shop/assets/
64 KB
64 KB
Image
General
Full URL
https://www.r345f.shop/assets/feature-game-bg-cd1ca118.png?v=769
Requested by
Host: www.r345f.shop
URL: https://www.r345f.shop/assets/index-c36ed3ad.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd1ca11809d690a636c42534628b7c500fec1cc4a565a18732bf64cf7aadeee1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/assets/index-c36ed3ad.css

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"66e09d44-10063"
age
109
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TAQwwM2PRd%2Bl3KKS%2BArkfCR%2BnMEzm2Wo%2FwKRh11kr9j%2BQwUQOyQl9oX8t5lVEWjZK7adOVQPqI85NihqVLoM2AeDR77ALk%2BqvIe60PQUQ%2FHdcwfeFj8SlyrXFxEtDLljcg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e4cbdf0e025-NRT
expires
Wed, 02 Oct 2024 12:40:56 GMT
accept-ranges
bytes
content-length
65635
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Tue, 10 Sep 2024 19:25:56 GMT
vary
Accept-Encoding
server
cloudflare
GetPlayerJackPotHistory
rgs-je-clientapi.r345f.shop/api/Client/ Frame
0
0

GetPlayerJackPotHistory
rgs-je-clientapi.r345f.shop/api/Client/
0
0

contents
go.cms.hogoxiyfctcdpjbu.com/api/public/v1/fas/partners/18750767/components/5529/
0
0

clarity.js
www.clarity.ms/s/0.7.47/
64 KB
27 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.47/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ksvxmbsj1p?ref=gtm2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30adbc7e799238c336b56a1e20db67910f2a114fc3bc6ced6c550b4c873318aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

x-azure-ref
20241002T114245Z-16d6d947fcdbvqb7hadwkrk1s000000001z0000000014f5m
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DCE0B797FA7824"
x-fd-int-roxy-purgeid
51562430
x-ms-request-id
13e3f25e-101e-0017-5dd5-1287d0000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Sun, 29 Sep 2024 18:50:31 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3AFB6D1B3D6D4A3DBCA945BDC79E1745&RedC=c.clarity.ms&MXFR=280F821160766D710B46971D6476636C
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3AFB6D1B3D6D4A3DBCA945BDC79E1745&MUID=21D0BB85C68467DC3914AE89C7766673
0
0

get_configuration
api.livechatinc.com/v3.4/customer/action/
5 KB
2 KB
Script
General
Full URL
https://api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=d020976f-2a90-444a-a778-dfc8b41f1af9&version=852.0.2.14.34.17.3.3.4.1.3.7.6&group_id=0&jsonp=__lc_static_config
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.118.172 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-118-172.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
47ee23c270a21866078c7752991dcb654728a1b6ad861a8cc52336a310f4ae62

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cache-control
public, max-age=491
content-encoding
gzip
cross-origin-resource-policy
cross-origin
deprecation
2024-11-30
expires
Wed, 02 Oct 2024 11:50:56 GMT
content-length
1584
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
566.png
www.r345f.shop/images/featuredGames/
75 KB
75 KB
Image
General
Full URL
https://www.r345f.shop/images/featuredGames/566.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
517dd1bfc8447b38c342da4c188d624abc998faf63cad54e20ad4ef215f68251

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/fa/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"66e09d3c-12b80"
age
109
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1rbU9zM5W3uQQr%2BadVxLw15IECsvZr1QNF1Rzd82OBma%2BHDKpLVaz4S8qiA7RHhcMuAqj74lTwhZ3yGXlpVTY0z%2FFSbHORbWyms%2Bz%2FrohRtx0HbUFbBJm2H%2FKIad37zXxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e4d8f2ae025-NRT
expires
Wed, 02 Oct 2024 12:40:56 GMT
accept-ranges
bytes
content-length
76672
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Tue, 10 Sep 2024 19:25:48 GMT
vary
Accept-Encoding
server
cloudflare
1861.png
www.r345f.shop/images/featuredGames/
65 KB
65 KB
Image
General
Full URL
https://www.r345f.shop/images/featuredGames/1861.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.229.2 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dfbb7eb62c779db1046e9fb62f7322f878d5832a09933cbf4067ed12c4ee696

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/fa/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"66e09d3c-1033d"
age
109
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FpPMfOHFwysdnhssi6jy9tRvbTeTSq50cA2b5iMuxxWiHzd2M3jBbDTDz3X3y069f94Y4mMK5EzZd7FNMoXwsv8gNZJqb6tqBDN%2BHzj3WsrC097mOsJBI9uUqdQGF9waUw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cc46e4d8f2de025-NRT
expires
Wed, 02 Oct 2024 12:40:56 GMT
accept-ranges
bytes
content-length
66365
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Tue, 10 Sep 2024 19:25:48 GMT
vary
Accept-Encoding
server
cloudflare
430.png
statistics.deimosphobos.net/images/e/s/0/
2 KB
2 KB
Image
General
Full URL
https://statistics.deimosphobos.net/images/e/s/0/430.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.4 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4b88e2d685f034db3be98d63acb631f9445325e299af23c603bc1f50a67edbd1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cf-cache-status
HIT
etag
"bb7acc21f6dd51:0"
age
157086
access-control-allow-methods
*
expires
Fri, 01 Nov 2024 11:42:45 GMT
x-cache
MISS
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Tue, 17 Sep 2019 06:13:23 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
pragma
public
via
1.1 google
cf-ray
8cc46e4e1dac1ed0-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1556
x-powered-by
ASP.NET
server
cloudflare
516.png
statistics.deimosphobos.net/images/e/s/0/
1 KB
2 KB
Image
General
Full URL
https://statistics.deimosphobos.net/images/e/s/0/516.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.4 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f48ecac68e3a75583c6e33b1c21465f522e65955e020bfc5512c6a2ba29abff9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cf-cache-status
HIT
etag
"8617722f256dd51:0"
age
318491
access-control-allow-methods
*
expires
Fri, 01 Nov 2024 11:42:45 GMT
x-cache
MISS
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Tue, 17 Sep 2019 06:57:35 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
pragma
public
cf-ray
8cc46e4e1dab1ed0-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1472
x-powered-by
ASP.NET
server
cloudflare
388.png
statistics.deimosphobos.net/images/e/s/0/
1 KB
1 KB
Image
General
Full URL
https://statistics.deimosphobos.net/images/e/s/0/388.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.4 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9a06c39bafe9ae19741d470f8008a0572bc72983272fa2bd9cba7fd7a3d2cffa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cf-cache-status
HIT
etag
"37e12c11d7d31:0"
age
450623
access-control-allow-methods
*
expires
Fri, 01 Nov 2024 11:42:45 GMT
x-cache
MISS
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Wed, 18 Apr 2018 10:41:05 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
pragma
public
via
1.1 google
cf-ray
8cc46e4e1da91ed0-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1167
x-powered-by
ASP.NET
server
cloudflare
457.png
statistics.deimosphobos.net/images/e/s/0/
2 KB
2 KB
Image
General
Full URL
https://statistics.deimosphobos.net/images/e/s/0/457.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.4 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
128e438318807ef58619177d83e0a8d4c2b8e4500fb3628e462c09f1d4512c08

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cf-cache-status
HIT
etag
"e8e459d33e92d11:0"
age
156470
access-control-allow-methods
*
expires
Fri, 01 Nov 2024 11:42:45 GMT
x-cache
MISS
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Sat, 09 Apr 2016 09:04:30 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
pragma
public
via
1.1 google
cf-ray
8cc46e4e1da61ed0-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1609
x-powered-by
ASP.NET
server
cloudflare
394.png
statistics.deimosphobos.net/images/e/s/0/
1 KB
2 KB
Image
General
Full URL
https://statistics.deimosphobos.net/images/e/s/0/394.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.4 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
86562c7cc732dbbca4669af2d7469516b024b7b21c84631434abb010280e3eae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cf-cache-status
HIT
etag
"e5eca4e7789dd11:0"
age
1002493
access-control-allow-methods
*
expires
Fri, 01 Nov 2024 11:42:45 GMT
x-cache
MISS
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Sat, 23 Apr 2016 15:57:57 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
pragma
public
cf-ray
8cc46e4e1dad1ed0-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1462
x-powered-by
ASP.NET
server
cloudflare
973.png
statistics.deimosphobos.net/images/e/s/0/
1001 B
1 KB
Image
General
Full URL
https://statistics.deimosphobos.net/images/e/s/0/973.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.4 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
929f25e268b9dc19bd0eb2cc7732dd815def5111758e59aec26b62f1a043fec8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cf-cache-status
HIT
etag
"aff69b6726a1d11:0"
age
156469
access-control-allow-methods
*
expires
Fri, 01 Nov 2024 11:42:45 GMT
x-cache
MISS
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Thu, 28 Apr 2016 08:17:28 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
pragma
public
via
1.1 google
cf-ray
8cc46e4e1daa1ed0-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1001
x-powered-by
ASP.NET
server
cloudflare
2994.png
statistics.deimosphobos.net/images/e/s/1/
1 KB
1 KB
Image
General
Full URL
https://statistics.deimosphobos.net/images/e/s/1/2994.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.4 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
221cb244025fad66918acc4801665e1f08d4c7313cbd26925c4590fe57bd8cc9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cf-cache-status
HIT
etag
"b2751fe835eda1:0"
age
156468
access-control-allow-methods
*
expires
Fri, 01 Nov 2024 11:42:45 GMT
x-cache
MISS
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Tue, 13 Feb 2024 13:53:16 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
pragma
public
via
1.1 google
cf-ray
8cc46e4e2db41ed0-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1133
x-powered-by
ASP.NET
server
cloudflare
989.png
statistics.deimosphobos.net/images/e/s/0/
887 B
1 KB
Image
General
Full URL
https://statistics.deimosphobos.net/images/e/s/0/989.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.4 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
106d092b22262f09c6e9f29d02133de6ce9e6c4024a72847b2982819d85eecd4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cf-cache-status
HIT
etag
"7b4ae0b75f42d71:0"
age
157091
access-control-allow-methods
*
expires
Fri, 01 Nov 2024 11:42:45 GMT
x-cache
MISS
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Thu, 06 May 2021 10:08:10 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
pragma
public
cf-ray
8cc46e4e2db61ed0-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
887
x-powered-by
ASP.NET
server
cloudflare
476.png
statistics.deimosphobos.net/images/e/s/0/
2 KB
2 KB
Image
General
Full URL
https://statistics.deimosphobos.net/images/e/s/0/476.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.4 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
74ae40c91e35d7da700ff1c33a4c9a4ec0d8a6ab51880da96341f4e0ef2a4bfa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cf-cache-status
HIT
etag
"a5ddb1789088d41:0"
age
156857
access-control-allow-methods
*
expires
Fri, 01 Nov 2024 11:42:45 GMT
x-cache
MISS
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Fri, 30 Nov 2018 09:38:38 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
pragma
public
cf-ray
8cc46e4e2db71ed0-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1713
x-powered-by
ASP.NET
server
cloudflare
490.png
statistics.deimosphobos.net/images/e/s/0/
1 KB
1 KB
Image
General
Full URL
https://statistics.deimosphobos.net/images/e/s/0/490.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.4 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4359d78708cb50dc84cdb0775b96308e45f49e6b84a41269246af6502514c70a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cf-cache-status
HIT
etag
"95aef59256dd51:0"
age
318492
access-control-allow-methods
*
expires
Fri, 01 Nov 2024 11:42:45 GMT
x-cache
MISS
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Tue, 17 Sep 2019 06:56:32 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
pragma
public
cf-ray
8cc46e4e2db81ed0-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1163
x-powered-by
ASP.NET
server
cloudflare
772.png
statistics.deimosphobos.net/images/e/s/0/
1 KB
2 KB
Image
General
Full URL
https://statistics.deimosphobos.net/images/e/s/0/772.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.4 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f4e30c2fcdc8efbb9395aaddff95733e90b7a74d14f68d1ab294102fefe27785

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cf-cache-status
HIT
etag
"c921779d5b6dd51:0"
age
157091
access-control-allow-methods
*
expires
Fri, 01 Nov 2024 11:42:45 GMT
x-cache
MISS
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Tue, 17 Sep 2019 13:27:12 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
pragma
public
cf-ray
8cc46e4e2db91ed0-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1289
x-powered-by
ASP.NET
server
cloudflare
972.png
statistics.deimosphobos.net/images/e/s/0/
1 KB
2 KB
Image
General
Full URL
https://statistics.deimosphobos.net/images/e/s/0/972.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.4 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9e748e0af655b40ecfc94f829edc0ab3da944a3cb2553fef552867421a6aeeb8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cf-cache-status
HIT
etag
"83681942236dd51:0"
age
157090
access-control-allow-methods
*
expires
Fri, 01 Nov 2024 11:42:45 GMT
x-cache
MISS
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Tue, 17 Sep 2019 06:43:47 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
pragma
public
via
1.1 google
cf-ray
8cc46e4e2dba1ed0-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1357
x-powered-by
ASP.NET
server
cloudflare
1280.png
statistics.deimosphobos.net/images/e/s/0/
2 KB
2 KB
Image
General
Full URL
https://statistics.deimosphobos.net/images/e/s/0/1280.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.4 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8fdfbfc2daca83fdec037d63a2226bdc5629a4033f11558ab34e7b9e3f2e9a17

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cf-cache-status
HIT
etag
"24256c5b55abd91:0"
age
156472
access-control-allow-methods
*
expires
Fri, 01 Nov 2024 11:42:45 GMT
x-cache
MISS
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Fri, 30 Jun 2023 13:18:27 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
pragma
public
via
1.1 google
cf-ray
8cc46e4e2dbb1ed0-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1733
x-powered-by
ASP.NET
server
cloudflare
1007.png
statistics.deimosphobos.net/images/e/s/0/
2 KB
2 KB
Image
General
Full URL
https://statistics.deimosphobos.net/images/e/s/0/1007.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.4 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
694fff12af48396b780b1c32aacb44f38d6747941d32cb147c82158212f2784a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cf-cache-status
HIT
etag
"b23dcf718cf2d31:0"
age
156472
access-control-allow-methods
*
expires
Fri, 01 Nov 2024 11:42:45 GMT
x-cache
MISS
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Wed, 23 May 2018 11:51:54 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
pragma
public
via
1.1 google
cf-ray
8cc46e4e2dbc1ed0-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1560
x-powered-by
ASP.NET
server
cloudflare
482.png
statistics.deimosphobos.net/images/e/s/0/
1 KB
2 KB
Image
General
Full URL
https://statistics.deimosphobos.net/images/e/s/0/482.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.4 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f6d0db3692322a344b52f24d076d5977b07dd69cba7a97f122e46c4f40b7b6a1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cf-cache-status
HIT
etag
"b921b250aded31:0"
age
157034
access-control-allow-methods
*
expires
Fri, 01 Nov 2024 11:42:45 GMT
x-cache
MISS
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Fri, 27 Apr 2018 09:30:00 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
pragma
public
cf-ray
8cc46e4e2dbd1ed0-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1346
x-powered-by
ASP.NET
server
cloudflare
412.png
statistics.deimosphobos.net/images/e/s/0/
1 KB
1 KB
Image
General
Full URL
https://statistics.deimosphobos.net/images/e/s/0/412.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.4 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
61f9fcbf6e3d5543590c2a4d485771a5b8836d56dbd8a396baedd4f4b11fcd95

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cf-cache-status
HIT
etag
"9c4071a11e6dd51:0"
age
156470
access-control-allow-methods
*
expires
Fri, 01 Nov 2024 11:42:45 GMT
x-cache
MISS
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Tue, 17 Sep 2019 06:10:40 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
pragma
public
via
1.1 google
cf-ray
8cc46e4e2dbe1ed0-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1179
x-powered-by
ASP.NET
server
cloudflare
484.png
statistics.deimosphobos.net/images/e/s/0/
0
0

626.png
statistics.deimosphobos.net/images/e/s/0/
1 KB
2 KB
Image
General
Full URL
https://statistics.deimosphobos.net/images/e/s/0/626.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.4 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5b565b23c854c6806924873f2d428001ad8f11f70496788fc4c4f084a0b2fbd1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cf-cache-status
HIT
etag
"3b90b6453ed2d31:0"
age
157090
access-control-allow-methods
*
expires
Fri, 01 Nov 2024 11:42:45 GMT
x-cache
MISS
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Thu, 12 Apr 2018 09:11:42 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
pragma
public
cf-ray
8cc46e4e2dc11ed0-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1407
x-powered-by
ASP.NET
server
cloudflare
478.png
statistics.deimosphobos.net/images/e/s/0/
2 KB
2 KB
Image
General
Full URL
https://statistics.deimosphobos.net/images/e/s/0/478.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.4 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
53d7f37f7fe9172c93f552a31a26fb8dfef7f04a4b1663b680e29da6bf445836

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cf-cache-status
HIT
etag
"9972dfee8af2d31:0"
age
53424
access-control-allow-methods
*
expires
Fri, 01 Nov 2024 11:42:45 GMT
x-cache
MISS
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Wed, 23 May 2018 11:41:05 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
pragma
public
via
1.1 google
cf-ray
8cc46e4e2dc21ed0-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1562
x-powered-by
ASP.NET
server
cloudflare
1518.png
statistics.deimosphobos.net/images/e/s/0/
2 KB
2 KB
Image
General
Full URL
https://statistics.deimosphobos.net/images/e/s/0/1518.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.4 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5ef0812bf7951af69730a820d5de99e4829c53bc99024ffd0071225cdc2d98ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cf-cache-status
HIT
etag
"24a5c1441b3d91:0"
age
53423
access-control-allow-methods
*
expires
Fri, 01 Nov 2024 11:42:45 GMT
x-cache
MISS
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Mon, 10 Jul 2023 15:13:27 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
pragma
public
via
1.1 google
cf-ray
8cc46e4e2dc41ed0-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1850
x-powered-by
ASP.NET
server
cloudflare
8115.png
statistics.deimosphobos.net/images/e/s/4/
2 KB
2 KB
Image
General
Full URL
https://statistics.deimosphobos.net/images/e/s/4/8115.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.4 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d09c1816607c9417e888808b57c2cd0bafa3dc9e0f5b3b22c5e1178c6f93d686

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cf-cache-status
HIT
etag
"b4add089d3d31:0"
age
53425
access-control-allow-methods
*
expires
Fri, 01 Nov 2024 11:42:45 GMT
x-cache
MISS
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Fri, 13 Apr 2018 09:23:07 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
pragma
public
via
1.1 google
cf-ray
8cc46e4e2dc71ed0-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1767
x-powered-by
ASP.NET
server
cloudflare
1499.png
statistics.deimosphobos.net/images/e/s/0/
2 KB
2 KB
Image
General
Full URL
https://statistics.deimosphobos.net/images/e/s/0/1499.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.4 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a8fc2a7daa04ae07202a5d624002dc02fe31ae4bd4fc791b0e47c13a74a51726

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cf-cache-status
HIT
etag
"5c297a4f53f4d31:0"
age
53425
access-control-allow-methods
*
expires
Fri, 01 Nov 2024 11:42:45 GMT
x-cache
MISS
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Fri, 25 May 2018 18:07:57 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
pragma
public
via
1.1 google
cf-ray
8cc46e4e2dc91ed0-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1542
x-powered-by
ASP.NET
server
cloudflare
260.png
statistics.deimosphobos.net/images/e/s/0/
2 KB
2 KB
Image
General
Full URL
https://statistics.deimosphobos.net/images/e/s/0/260.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.4 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9099ce03333a49a25469ebb70e20d372bc5b5213a574ba770176435ad8d12567

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cf-cache-status
HIT
etag
"e78312ab682d41:0"
age
53427
access-control-allow-methods
*
expires
Fri, 01 Nov 2024 11:42:45 GMT
x-cache
MISS
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Tue, 12 Jun 2018 16:16:07 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
pragma
public
via
1.1 google
cf-ray
8cc46e4e2dcb1ed0-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1595
x-powered-by
ASP.NET
server
cloudflare
434.png
statistics.deimosphobos.net/images/e/s/0/
1 KB
2 KB
Image
General
Full URL
https://statistics.deimosphobos.net/images/e/s/0/434.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.4 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a62f7ac55dea56e9c824beaab1e052e55a54bc61bcb2045a8fa2a5405b2a9e53

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cf-cache-status
HIT
etag
"466c5e92dd9bd11:0"
age
53428
access-control-allow-methods
*
expires
Fri, 01 Nov 2024 11:42:45 GMT
x-cache
MISS
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Thu, 21 Apr 2016 14:53:31 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
pragma
public
via
1.1 google
cf-ray
8cc46e4e2dcc1ed0-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1224
x-powered-by
ASP.NET
server
cloudflare
344.png
statistics.deimosphobos.net/images/e/s/0/
1 KB
2 KB
Image
General
Full URL
https://statistics.deimosphobos.net/images/e/s/0/344.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.4 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
755bca321c42673917f30e0b91b1f148521dc5318e63760b272cf6c0b0e6bcc9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cf-cache-status
HIT
etag
"23db639b63ebd31:0"
age
53403
access-control-allow-methods
*
expires
Fri, 01 Nov 2024 11:42:45 GMT
x-cache
MISS
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Mon, 14 May 2018 09:11:56 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
pragma
public
via
1.1 google
cf-ray
8cc46e4e2dcd1ed0-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1436
x-powered-by
ASP.NET
server
cloudflare
1934.png
statistics.deimosphobos.net/images/e/s/0/
1 KB
2 KB
Image
General
Full URL
https://statistics.deimosphobos.net/images/e/s/0/1934.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.4 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
eb7a5ad3558e7818cd6704d888f32961fc8e79b951c628238b36053001a61697

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cf-cache-status
HIT
etag
"e4484ca450e2d31:0"
age
53403
access-control-allow-methods
*
expires
Fri, 01 Nov 2024 11:42:45 GMT
x-cache
MISS
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Wed, 02 May 2018 20:03:30 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
pragma
public
via
1.1 google
cf-ray
8cc46e4e2dce1ed0-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1502
x-powered-by
ASP.NET
server
cloudflare
769.png
statistics.deimosphobos.net/images/e/s/0/
1 KB
2 KB
Image
General
Full URL
https://statistics.deimosphobos.net/images/e/s/0/769.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.4 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a12b833639370e15b26982d37b4d09ad83fd6220e119e63d80e63536e16d5244

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cf-cache-status
HIT
etag
"aefbbd8679dd11:0"
age
53238
access-control-allow-methods
*
expires
Fri, 01 Nov 2024 11:42:45 GMT
x-cache
MISS
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Sat, 23 Apr 2016 13:55:50 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
pragma
public
via
1.1 google
cf-ray
8cc46e4e2dcf1ed0-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1396
x-powered-by
ASP.NET
server
cloudflare
396.png
statistics.deimosphobos.net/images/e/s/0/
2 KB
2 KB
Image
General
Full URL
https://statistics.deimosphobos.net/images/e/s/0/396.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.4 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
657202e7cff3f3870f0bdeb5e94747708ed2c13d48a1a77631374c2b2c52ad7e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cf-cache-status
HIT
etag
"71b8d2b78bd51:0"
age
937092
access-control-allow-methods
*
expires
Fri, 01 Nov 2024 11:42:45 GMT
x-cache
MISS
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Fri, 25 Oct 2019 07:38:18 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
pragma
public
via
1.1 google
cf-ray
8cc46e4e2dd01ed0-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1800
x-powered-by
ASP.NET
server
cloudflare
368.png
statistics.deimosphobos.net/images/e/s/0/
1 KB
2 KB
Image
General
Full URL
https://statistics.deimosphobos.net/images/e/s/0/368.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.4 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
cb9742da4d0d7bb424cfe12bd96f95877bde2afa0c80e2ec1bb1791577b3eaa2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cf-cache-status
HIT
etag
"8b969a161bffd31:0"
age
53326
access-control-allow-methods
*
expires
Fri, 01 Nov 2024 11:42:45 GMT
x-cache
MISS
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Fri, 08 Jun 2018 11:23:13 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
pragma
public
via
1.1 google
cf-ray
8cc46e4e2dd21ed0-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1500
x-powered-by
ASP.NET
server
cloudflare
620.png
statistics.deimosphobos.net/images/e/s/0/
1 KB
2 KB
Image
General
Full URL
https://statistics.deimosphobos.net/images/e/s/0/620.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.162.228.4 , Armenia, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1726c935d5ff351864bfe085314bbc4190de68f4fa99c20aaf38cb52473438b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cf-cache-status
HIT
etag
"37f34b1f246dd51:0"
age
53321
access-control-allow-methods
*
expires
Fri, 01 Nov 2024 11:42:45 GMT
x-cache
MISS
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
image/png
last-modified
Tue, 17 Sep 2019 06:49:58 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
pragma
public
via
1.1 google
cf-ray
8cc46e4e2dd41ed0-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1412
x-powered-by
ASP.NET
server
cloudflare
collect
d.clarity.ms/
0
0

open_chat
secure.livechatinc.com/customer/action/ Frame 1093
0
0

get_localization
api.livechatinc.com/v3.4/customer/action/
15 KB
5 KB
Script
General
Full URL
https://api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=d020976f-2a90-444a-a778-dfc8b41f1af9&version=470b74842e9d45ce9f156d1d5a957bad_14bfa1e238dff81527b4e9cfbc150548&language=fa&group_id=0&jsonp=__lc_localization
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.118.172 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-118-172.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a8e7933a0cd6d1f6cfa5359fe4d80b7e55bade6da163c72aa639a1f634e8c1a0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.r345f.shop/

Response headers

cache-control
public, max-age=466
content-encoding
gzip
cross-origin-resource-policy
cross-origin
deprecation
2024-11-30
expires
Wed, 02 Oct 2024 11:50:31 GMT
content-length
4982
date
Wed, 02 Oct 2024 11:42:45 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
collect
d.clarity.ms/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/frame-ancestors/38fac9d5b82543fc4729580d18ff2d3d
Domain
verification.curacao-egaming.com
URL
https://verification.curacao-egaming.com/validate.ashx?domain=berrybet.com
Domain
cms.hogoxiyfctcdpjbu.com
URL
https://cms.hogoxiyfctcdpjbu.com/content/images/payments/default/16203.png
Domain
cms.hogoxiyfctcdpjbu.com
URL
https://cms.hogoxiyfctcdpjbu.com/content/images/payments/default/16439.png
Domain
cms.hogoxiyfctcdpjbu.com
URL
https://cms.hogoxiyfctcdpjbu.com/content/images/payments/default/16440.png
Domain
go.cms.hogoxiyfctcdpjbu.com
URL
https://go.cms.hogoxiyfctcdpjbu.com/api/public/v1/fas/partners/18750767/components/5074/contents?use_webp=1&platform=0&country=JP
Domain
go.cms.hogoxiyfctcdpjbu.com
URL
https://go.cms.hogoxiyfctcdpjbu.com/api/public/v1/fas/partners/18750767/components/5548/contents?use_webp=1&platform=0&country=JP
Domain
go.cms.hogoxiyfctcdpjbu.com
URL
https://go.cms.hogoxiyfctcdpjbu.com/casino/getGames?partner_id=18750767&lang=fas&is_mobile=0&country=JP&use_webp=1&limit=5
Domain
go.cms.hogoxiyfctcdpjbu.com
URL
https://go.cms.hogoxiyfctcdpjbu.com/casino/getGames?partner_id=18750767&lang=fas&is_mobile=0&country=JP&use_webp=1&category=28&limit=5
Domain
go.cms.hogoxiyfctcdpjbu.com
URL
https://go.cms.hogoxiyfctcdpjbu.com/casino/getGames?partner_id=18750767&lang=fas&is_mobile=0&country=JP&use_webp=1&category=36&limit=5
Domain
rgs-je-clientapi.r345f.shop
URL
https://rgs-je-clientapi.r345f.shop/api/Client/GetPlayerJackPotHistory
Domain
rgs-je-clientapi.r345f.shop
URL
https://rgs-je-clientapi.r345f.shop/api/Client/GetPlayerJackPotHistory
Domain
go.cms.hogoxiyfctcdpjbu.com
URL
https://go.cms.hogoxiyfctcdpjbu.com/api/public/v1/fas/partners/18750767/components/5529/contents?use_webp=1&platform=0&country=JP
Domain
c.clarity.ms
URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3AFB6D1B3D6D4A3DBCA945BDC79E1745&MUID=21D0BB85C68467DC3914AE89C7766673
Domain
statistics.deimosphobos.net
URL
https://statistics.deimosphobos.net/images/e/s/0/484.png
Domain
d.clarity.ms
URL
https://d.clarity.ms/collect
Domain
secure.livechatinc.com
URL
https://secure.livechatinc.com/customer/action/open_chat?license_id=14748966&group=0&embedded=1&widget_version=3&unique_groups=1&use_parent_storage=1
Domain
d.clarity.ms
URL
https://d.clarity.ms/collect

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| Modernizr function| clearImmediate function| setImmediate object| regeneratorRuntime function| Buffer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_717645 object| dataLayer function| gtag object| __lc object| LiveChatWidget boolean| __lc_inited object| LC_API object| google_tag_manager object| google_tag_data function| clarity function| onYouTubeIframeAPIReady object| gaGlobal

17 Cookies

Domain/Path Name / Value
r345f.shop/ Name: SERVERID
Value: s2
.r345f.shop/ Name: __cf_bm
Value: vHdSO9heM824xRAaVmaDm2_69wT2I4s3Lghx5QJI9Lo-1727869360-1.0.1.1-DjNoJ2GilqXgn0cEiRxynVXNC5x_yWoHmp2vlrS1CnxRpc7.hUVs8H4S_rFXcNLfQX8Vs0zFiYVbIOV38KcrSQ
www.r345f.shop/ Name: SERVERID
Value: s1
www.r345f.shop/ Name: _immortal|user-hash
Value: W6Yk6-jkA9-CvkBlSdWdRrfxcWGwBedh_-Vn
.hogoxiyfctcdpjbu.com/ Name: __cf_bm
Value: 6rmWtdxY18oTesFYYOsQwQYAWHqdYlCPmc9llQ_QpkE-1727869363-1.0.1.1-gCTYarWXU1Ji6vKcMmA7rl_WVmdZ763gjlEgWKu74GD0rsBRZ5c2_pKy8yp7FXP03TDtbTj3oJUaXi8C0n8TxA
.walletconnect.com/ Name: __cf_bm
Value: ks6E54oIuBlekYmiuTlnZX2rsRAVPRiFMrDtlyH1XDw-1727869364-1.0.1.1-Y7n64X2eqXfqc3l607N_tlQspU5oEKcpZ_O3wmA6VZoTEfHlOCAAG7LJCsOHcP0bBcW_hU40DfgtkAFE28bFoQ
.r345f.shop/ Name: _ga
Value: GA1.1.62050790.1727869365
www.clarity.ms/ Name: CLID
Value: d8d9dbe6d17943df8d17f1fede8f38e9.20241002.20251002
.r345f.shop/ Name: _clck
Value: 19v9e8q%7C2%7Cfpo%7C0%7C1736
.c.clarity.ms/ Name: SM
Value: T
.clarity.ms/ Name: MUID
Value: 280F821160766D710B46971D6476636C
.r345f.shop/ Name: _ga_1JWLHHGW3B
Value: GS1.1.1727869365.1.0.1727869365.0.0.0
.r345f.shop/ Name: _ga_PPCGRZNB10
Value: GS1.1.1727869365.1.0.1727869365.0.0.0
.bing.com/ Name: MUID
Value: 21D0BB85C68467DC3914AE89C7766673
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 21D0BB85C68467DC3914AE89C7766673
.deimosphobos.net/ Name: __cf_bm
Value: 5jyY9ZAJTeZgoPF_bKVtzbwLww91PC08Wd.9x7TjZ.E-1727869365-1.0.1.1-9i45GtR9ZXiXMpD11NYXpHk5DjGIDUn1byg2WrMRMehKStajhtnfipkqdNJy2lQiml75vlKbfEneli8IKKS0Cw

1 Console Messages

Source Level URL
Text
security error
Message:
[Report Only] Refused to frame 'https://www.recaptcha.net/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.livechatinc.com
c.clarity.ms
cdn.livechatinc.com
cms.hogoxiyfctcdpjbu.com
csp.withgoogle.com
d.clarity.ms
geoapi.fjykjczttspydxcx.com
go.cms.hogoxiyfctcdpjbu.com
r345f.shop
rgs-je-clientapi.r345f.shop
secure.livechatinc.com
statistics.deimosphobos.net
verification.curacao-egaming.com
verify.walletconnect.com
www.clarity.ms
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.r345f.shop
www.recaptcha.net
c.clarity.ms
cms.hogoxiyfctcdpjbu.com
csp.withgoogle.com
d.clarity.ms
go.cms.hogoxiyfctcdpjbu.com
rgs-je-clientapi.r345f.shop
secure.livechatinc.com
statistics.deimosphobos.net
verification.curacao-egaming.com
104.18.27.46
142.250.198.3
185.162.228.37
185.162.228.4
185.162.229.2
185.162.229.3
23.50.118.172
23.62.20.111
2404:6800:4004:801::2008
2404:6800:4004:828::200e
2404:6800:4008:c04::5e
2620:1ec:bdf::46
01d1c56ad9b312963af471e570ea9de176d0625b9f0eb1bebb0e5871daf7ac95
0c706c22a32630164260bcd4f542c142ec8ba4c11dd7d2076b706d52c0ec0eeb
106d092b22262f09c6e9f29d02133de6ce9e6c4024a72847b2982819d85eecd4
111363133ec56559344ff9d384620cc90b4a17148a4ab5065e2c05310990121c
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
128e438318807ef58619177d83e0a8d4c2b8e4500fb3628e462c09f1d4512c08
1726c935d5ff351864bfe085314bbc4190de68f4fa99c20aaf38cb52473438b4
18ee57c2d519af4bcd0abe0501d328d6273bcbdb82445e4cccf2ba02e7befc62
1bf07c56884952be62c3ddb1b25ee0e4806ee1b6f6c909c5a711613e621e2299
1d9ff867ae65d7439d1e0fe3132c884175bc82ee12e5e02083f75fda3c54f59b
1dfbb7eb62c779db1046e9fb62f7322f878d5832a09933cbf4067ed12c4ee696
1f891c418268368ae42ef9a20cd87c4c03753c0798a35e120c2becddb3391f60
221cb244025fad66918acc4801665e1f08d4c7313cbd26925c4590fe57bd8cc9
225a51c6b00023eb63533cf82f66f0ff3aa267aeca344f7abadddfd02ff60951
252b4401a69819bb8356bd0e518ef0a8df0d7876d2c324d0ebfe142bfbc56b0f
27ff12c3b12cb72a0a33882670c8821774b7b9f000bf72223d9549014a193ed5
2a00f0c6a959c5bc4748a5c314eb08b99d01f0f513d602599d8174e6e0a63d84
2eae6bca13b339eb6ecdf941c29ee842a5788b210f695a10907dccf0435bdc8c
2f3de0b5fa1fd6d6c49d434e024a68ce25c97da1461281a5578409f66367496e
30adbc7e799238c336b56a1e20db67910f2a114fc3bc6ced6c550b4c873318aa
33c01aa329a231babf2a347340fc5cd86f4a7238f23519d00259caa8ce0143e5
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
3c8c548dfe45c18f636ce2df3538676bf33be6d6b9609e70ffbecdcbe2f0eed8
3f34a47ffd4c49e6538b07e8ff5a69575b4a7e01d1a07e3ebbac52d9999ac361
3fd48e3ab0cfbb133c1eba3e595b0117b1120684b2572516d4e12abbf611bf7c
411e0844cd1a2321458143204ea57bb0a1b15ec40ed98e5932977240b462a583
4359d78708cb50dc84cdb0775b96308e45f49e6b84a41269246af6502514c70a
47ee23c270a21866078c7752991dcb654728a1b6ad861a8cc52336a310f4ae62
49234246801f1a41e99347daa5eccf8f2fcdc4f4af30b5bbd01ba42ab04192c0
4a74eee713250dc6633daaba0457824a5227eb9082a194572ead4a8277130aed
4b88e2d685f034db3be98d63acb631f9445325e299af23c603bc1f50a67edbd1
4c9604ff4949359d776643d944fa22acb5abc4a6e052456b9a8f1ebcbab4dbfd
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50ea247dfaf1eaab2293bcbca5282be85ccdcc5c7f04952fe6975e295daad39e
517dd1bfc8447b38c342da4c188d624abc998faf63cad54e20ad4ef215f68251
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
53d7f37f7fe9172c93f552a31a26fb8dfef7f04a4b1663b680e29da6bf445836
5b565b23c854c6806924873f2d428001ad8f11f70496788fc4c4f084a0b2fbd1
5c8f9daf7ccea8d504375d40cd1af246b5bf001b0d236c0c8a2629c92f36ceed
5d8e78229d4d3408209554be9ff57c906b72b03f503d72156e91cff212c6a824
5ef0812bf7951af69730a820d5de99e4829c53bc99024ffd0071225cdc2d98ee
61f9fcbf6e3d5543590c2a4d485771a5b8836d56dbd8a396baedd4f4b11fcd95
62f6fe767047cc943600c3b0d194383084d0536fcace25250252d73104fd2529
657202e7cff3f3870f0bdeb5e94747708ed2c13d48a1a77631374c2b2c52ad7e
694fff12af48396b780b1c32aacb44f38d6747941d32cb147c82158212f2784a
6dae6431c9ff3b2b2fd73ca9b1ee44cfa6d00eb9d862e98dada885fac649a7f5
6e2741f974290f32334edd8dee95fd28ac67a953b1829d5eb9282048259d50da
74ae40c91e35d7da700ff1c33a4c9a4ec0d8a6ab51880da96341f4e0ef2a4bfa
755bca321c42673917f30e0b91b1f148521dc5318e63760b272cf6c0b0e6bcc9
75f8ca791e1804fc16d887929a1cc5205d631c0428cfed8c5cae03dccb843b22
7bf201b939548f9965e255b521bfda79ee6225cb1b629d8c4d603973f117dfc4
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
81ac039a59b8835cce828ae65720c352e004970974421d35f776dc1a2c4488e9
83c1d848df8f9c3fa79c218a86d7135a057d84574f63c19e2f4b756809063336
849e8ccd5b4b941844d493c2ed8098df7a22830a487bead62cff126d4ba4b47c
86562c7cc732dbbca4669af2d7469516b024b7b21c84631434abb010280e3eae
896d13354cc586db7bd7e861394672823b73e545d6909fa68a2dc0578b867851
8f97ba8c3d7f73dd632abc2716a53486241b4d8531a18981e3d8371648ab4bf9
8fdfbfc2daca83fdec037d63a2226bdc5629a4033f11558ab34e7b9e3f2e9a17
9099ce03333a49a25469ebb70e20d372bc5b5213a574ba770176435ad8d12567
91f63960a4434f8fd9cde0b6a217b8bc9b93501b5db364d598a51cf9f7febaf3
929f25e268b9dc19bd0eb2cc7732dd815def5111758e59aec26b62f1a043fec8
95573c8185fc140a948ee5badce0966026b6cea667b889ea43c4c75675574a6f
9a06c39bafe9ae19741d470f8008a0572bc72983272fa2bd9cba7fd7a3d2cffa
9e748e0af655b40ecfc94f829edc0ab3da944a3cb2553fef552867421a6aeeb8
a096dafb4800ac12d49d9bddd52cbd230caefb549dc48553bb31247b95569c0e
a12b833639370e15b26982d37b4d09ad83fd6220e119e63d80e63536e16d5244
a14fa00f0a533fc50b856c939370fe8a1308dc40df87f4a32f4ba08a046c648e
a59e2d5314d7bd0b712003d1b613c1400b8c993db9036182566ca4ee4458ab39
a62f7ac55dea56e9c824beaab1e052e55a54bc61bcb2045a8fa2a5405b2a9e53
a8e7933a0cd6d1f6cfa5359fe4d80b7e55bade6da163c72aa639a1f634e8c1a0
a8fc2a7daa04ae07202a5d624002dc02fe31ae4bd4fc791b0e47c13a74a51726
a9720390e2afe6b7d5adcd46f763e89c1fef9475f0ce7aaaf615d124283f23d0
ac0180b492ad3f4985c8b3219f64b2bd5a1ada251659ef06731dac587dcbd9a4
acfbdcc07532ddb853e5968113c966717fdafe8fd1c826cd2120cc79bb1daca8
ae9714013a462f1da5d78e40e7f596a2929f9dbd90b74af6cff52d84f87f346f
aefd72a84b07505d38c3f946eef0ac4f8bce0dbb9a55fc086e68d1e5df9b5272
b128fecf98a40397961890a224fffcff233a54da7658527e6d79ec37d6764d53
b815682fa1315bb0439a31a544d796a1389787961e0085f7f4db70969d0d0461
b863b15fced130c16781bd7c8a36106bffaf9d6a7202a75e7a3260c3ab24eac0
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c1e31dfd3522cdd5dcbf53ec53825a924fcf091e252425e8d8cfeb0bd6b3e2f3
c22f56bd154b5f9d0ba02b16236c938d3045d6027e0a6dd61a0c64f41eebc3c5
c36ed3ad8fe4700eef3585f01f44f908f5375d7e581d3864085856e02a3012d4
c5e38c79144bf158338f3dd217c9a94764b7c3d34de053472919d4a0e75558cc
c606015839ec0599769d00aabd0416ed84207f1f8df4bb9fc2eb6a3db38b54c9
c6316b4be973fa24310a11cf63661443d61a5f2030363d6b664cd1893b443805
c66190f374fbbf41726120bb5ae87c75e04afd624f6791c14fbacb2ab0d549f4
c722db549a22aa9c8ab83e79d24da05e0a6fbabbe8d54d6d4b922e9e511f680a
cb9742da4d0d7bb424cfe12bd96f95877bde2afa0c80e2ec1bb1791577b3eaa2
ccb2105b066960c055c2a6438ea5910aa4b291bbff312652e8b499a502eb11d4
cd1ca11809d690a636c42534628b7c500fec1cc4a565a18732bf64cf7aadeee1
cfd2569e73e258055115d0ba4371301fdf011f610745f57306ba51ad1e2beba4
d09c1816607c9417e888808b57c2cd0bafa3dc9e0f5b3b22c5e1178c6f93d686
d62fe2f4b91c2bb3d80bdd9ddd4af8701802a1688a738cb70a8b309d93f9200e
da753d1813b2ebe5336bf87ab26c9b64290fb7e742fce0fb88bea5db13dbaf27
dc1b2ba5b3f88e08bcdee162c2819de01ec969129697cb8fe603e0407dfae40a
e2e4dc349e8974085793b5fcdc37711a846d4931b892dfe8da51a889ddf355ad
e45a042566838ebbd16c8799d743e95ce55ac48bcc9824b8c10e91692c210e6d
e5d090890f093b7791c549b3ff3f6d1b5b3905cdc547385975a4a76d84768ee4
ea59e45480d6971c8837d8a9914344d1075a4721e048543f44f0011de476a406
eb7a5ad3558e7818cd6704d888f32961fc8e79b951c628238b36053001a61697
ed58e4ce36de9bcb3af8ab717f92c257ca1a19fe4940c48525f6dc5273af5a9c
ee57c662a95b909b58d882bc8acc075895104af2d4c489f74c0d3d489f92198e
f112c1bbe578c1ac80a5fa96ac11ea7d1b4c05cf6779acb5c5ab95f22cddc0ff
f48ecac68e3a75583c6e33b1c21465f522e65955e020bfc5512c6a2ba29abff9
f4e30c2fcdc8efbb9395aaddff95733e90b7a74d14f68d1ab294102fefe27785
f6d0db3692322a344b52f24d076d5977b07dd69cba7a97f122e46c4f40b7b6a1
f9f4e36ff162eea67739b3e3b88821b94ab44e5d86a7f615b642bf6907af30c7
fdcfc098e2d6ac01ff31351c9f5ec4b9cc7b68b5a8dc28973df615de630a3cec