xg88palinghoki.icu Open in urlscan Pro
118.139.180.107 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://xg88palinghoki.icu/
Submission: On November 18 via api (November 18th 2024, 9:21:16 am UTC) from BE — Scanned from SG

Summary HTTP 61 Redirects Links 99 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 61 HTTP transactions. The main IP is 118.139.180.107, located in Singapore, Singapore and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is xg88palinghoki.icu.
TLS certificate: Issued by R11 on November 12th 2024. Valid for: 3 months.

This is the only time xg88palinghoki.icu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	118.139.180.107 118.139.180.107	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
1	142.251.10.95 142.251.10.95	15169 (GOOGLE) (GOOGLE)
8	172.253.118.132 172.253.118.132	15169 (GOOGLE) (GOOGLE)
1 2	23.52.40.171 23.52.40.171	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
3	74.125.24.94 74.125.24.94	15169 (GOOGLE) (GOOGLE)
1	104.21.235.70 104.21.235.70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	13.35.226.75 13.35.226.75	16509 (AMAZON-02) (AMAZON-02)
3	104.26.2.54 104.26.2.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.215.7.18 23.215.7.18	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
4	23.50.93.75 23.50.93.75	16625 (AKAMAI-AS) (AKAMAI-AS)
61	11

1 118.139.180.107 (Singapore, Singapore)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 107.180.139.118.host.secureserver.net

xg88palinghoki.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.10.95 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.253.118.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f132.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.52.40.171 (Singapore, Singapore) 1 redirects

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-52-40-171.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.235.70 (None, )

ASN13335 (CLOUDFLARENET, US)

iili.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 13.35.226.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-226-75.sin2.r.cloudfront.net

dsuown9evwz4y.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.26.2.54 (None, )

ASN13335 (CLOUDFLARENET, US)

api2-xgs.imgnxb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.215.7.18 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-215-7-18.deploy.static.akamaitechnologies.com

events.api.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.50.93.75 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-93-75.deploy.static.akamaitechnologies.com

csp.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	cloudfront.net dsuown9evwz4y.cloudfront.net	710 KB
8	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 527	120 KB
6	secureserver.net events.api.secureserver.net — Cisco Umbrella Rank: 13900 csp.secureserver.net — Cisco Umbrella Rank: 13675	568 B
3	imgnxb.com api2-xgs.imgnxb.com Failed	512 KB
3	gstatic.com fonts.gstatic.com	37 KB
2	wsimg.com 1 redirects img1.wsimg.com — Cisco Umbrella Rank: 10742	21 KB
1	iili.io iili.io — Cisco Umbrella Rank: 48603	63 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	xg88palinghoki.icu xg88palinghoki.icu	13 KB
61	9

	Domain	Requested by
28	dsuown9evwz4y.cloudfront.net	xg88palinghoki.icu
8	cdn.ampproject.org	xg88palinghoki.icu cdn.ampproject.org
4	csp.secureserver.net	img1.wsimg.com
3	api2-xgs.imgnxb.com	xg88palinghoki.icu
3	fonts.gstatic.com	fonts.googleapis.com
2	events.api.secureserver.net	img1.wsimg.com
2	img1.wsimg.com	1 redirects xg88palinghoki.icu
1	iili.io	xg88palinghoki.icu
1	fonts.googleapis.com	xg88palinghoki.icu
1	xg88palinghoki.icu
61	10

This site contains links to these domains. Also see Links.

Domain
xgslot88menang.site
tinyurl.com
apk-depot.s3.ap-northeast-1.amazonaws.com
t.me
xgslot88club.com
heylink.me
vingaming.com
tawk.to

Subject Issuer	Validity	Valid
xg88palinghoki.icu R11	`2024-11-12` - `2025-02-10`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
misc-sni.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
iili.io WE1	`2024-09-27` - `2024-12-26`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
imgnxb.com WE1	`2024-11-03` - `2025-02-01`	3 months	crt.sh
*.api.secureserver.net Starfield Secure Certificate Authority - G2	`2024-07-15` - `2025-08-16`	a year	crt.sh
*.secureserver.net Starfield Secure Certificate Authority - G2	`2024-10-17` - `2025-11-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://xg88palinghoki.icu/
Frame ID: 59BF1096E94747CF10FFA2489E8ED463
Requests: 69 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

XGSLOT88: SITUS LOGIN ALTERNATIF GAME ONLINE NO 1 TERPERCAYA

Detected technologies

Lightbox (JavaScript Libraries) Expand

Page Statistics

61
Requests

84 %
HTTPS

0 %
IPv6

9
Domains

10
Subdomains

11
IPs

3
Countries

1476 kB
Transfer

1936 kB
Size

3
Cookies

99 Outgoing links

These are links going to different origins than the main page.

URL: https://xgslot88menang.site/login
Title: Masuk

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/register
Title: Daftar

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/home
Title: Beranda

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/pragmatic
Title: Pragmatic Play

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/login
Title: Nex4D

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/hacksaw
Title: Hacksaw

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/habanero
Title: Habanero

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/microgaming
Title: MicroGaming

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/pgsoft
Title: PG Slots

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/no-limit-city
Title: No Limit City

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/jili
Title: Jili

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/spade-gaming
Title: Spade Gaming

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/joker
Title: Joker

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/advantplay
Title: AdvantPlay

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/funky-games
Title: Funky Games

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/live22
Title: Live22

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/playstar
Title: Playstar

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/spinix
Title: Spinix

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/crowd-play
Title: Crowd Play

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/bigpot
Title: Bigpot

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/vpower
Title: VPower

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/worldmatch
Title: Worldmatch

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/fachai
Title: Fachai

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/slot88
Title: Slot88

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/ion-slot
Title: ION Slot

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/amb-slot
Title: AMB Slot

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/mario-club
Title: Mario Club

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/dragoonsoft
Title: Dragoonsoft

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/fun-gaming
Title: Fun Gaming

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/naga-games
Title: Naga Games

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/jdb
Title: JDB

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/cq9
Title: CQ9

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/only-play
Title: Only Play

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/ttg
Title: Top Trend Gaming

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/netent
Title: Netent

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/big-time-gaming
Title: Big Time Gaming

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/red-tiger
Title: Red Tiger

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/skywind
Title: Skywind

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/yggdrasil
Title: Yggdrasil

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/playngo
Title: Play'n Go

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/slots/real-time-gaming
Title: Real Time Gaming

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/casino/pragmatic
Title: PP Casino

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/casino/evo-gaming
Title: Evo Gaming

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/crash-game/pragmatic
Title: PP Casino

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/crash-game/spribe
Title: Spribe

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/crash-game/microgaming
Title: MicroGaming

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/crash-game/spinix
Title: Spinix

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/crash-game/advantplay-mini-game
Title: AdvantPlay Mini Game

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/crash-game/only-play
Title: Only Play

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/crash-game/joker
Title: Joker

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/crash-game/dragoonsoft
Title: Dragoonsoft

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/crash-game/funky-games
Title: Funky Games

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/arcade/microgaming
Title: MicroGaming

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/arcade/spinix
Title: Spinix

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/arcade/spribe
Title: Spribe

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/arcade/joker
Title: Joker

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/arcade/fachai
Title: Fachai

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/arcade/jili
Title: Jili

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/arcade/amb-slot
Title: AMB Slot

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/arcade/crowd-play
Title: Crowd Play

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/arcade/vpower
Title: VPower

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/arcade/worldmatch
Title: Worldmatch

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/arcade/mario-club
Title: Mario Club

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/arcade/dragoonsoft
Title: Dragoonsoft

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/arcade/live22
Title: Live22

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/arcade/cq9
Title: CQ9

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/arcade/spade-gaming
Title: Spade Gaming

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/arcade/fun-gaming
Title: Fun Gaming

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/arcade/arcadia
Title: Arcadia

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/arcade/skywind
Title: Skywind

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/arcade/playstar
Title: Playstar

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/arcade/advantplay-mini-game
Title: AdvantPlay Mini Game

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/arcade/jdb
Title: JDB

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/mobile/arcade/funky-games
Title: Funky Games

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/desktop/home
Title: Versi Desktop

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/

Search URL Search Domain Scan URL

URL: https://tinyurl.com/AMPSLIDERXG

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/hot-games
Title: Hot Games

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/slots
Title: Slots

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/casino
Title: Live Casino

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/others
Title: Togel

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/sport
Title: Olahraga

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/crash-game
Title: Crash Game

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/arcade
Title: Arcade

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/poker
Title: Poker

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/e-sports
Title: E-Sports

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/cockfight
Title: Sabung Ayam

Search URL Search Domain Scan URL

URL: https://apk-depot.s3.ap-northeast-1.amazonaws.com/xgs.apk
Title: Unduh

Search URL Search Domain Scan URL

URL: https://t.me/xgslot88official
Title: xgslot88

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/desktop/about-us
Title: Tentang XGSLOT88

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/desktop/responsible-gaming
Title: Responsible Gambling

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/desktop/faq
Title: Pusat Bantuan

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/desktop/terms-of-use
Title: Syarat dan Ketentuan

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/desktop/info/4
Title: RTP XGSLOT88

Search URL Search Domain Scan URL

URL: https://xgslot88club.com/
Title: XGSLOT88

Search URL Search Domain Scan URL

URL: https://heylink.me/XGSLOT-88/
Title: XGSLOT88

Search URL Search Domain Scan URL

URL: https://vingaming.com/

Search URL Search Domain Scan URL

URL: https://xgslot88menang.site/promotion
Title: Promosi

Search URL Search Domain Scan URL

URL: https://tawk.to/chat/662d122c1ec1082f04e82aa8/1hsg0u0bc
Title: Live Chat

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 301
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js

61 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
xg88palinghoki.icu/ 89 KB
13 KB 41ms
17ms Document
text/html 118.139.180.107
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://xg88palinghoki.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 118.139.180.107 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 107.180.139.118.host.secureserver.net
Software: Apache /
Resource Hash: 1203e1f32c86aa67ecffcaa2e4768471ef5beb5709746c0daaa7ced83fb885c3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: br
content-length: 13087
content-type: text/html
date: Mon, 18 Nov 2024 09:21:07 GMT
etag: "e618ee-160ad-626bc29fe2bd0-br"
last-modified: Tue, 12 Nov 2024 19:24:20 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
1 KB 56ms
11ms Stylesheet
text/css 142.251.10.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Titillium+Web:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700&display=swap

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.95 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f95.1e100.net

Software

ESF /

Resource Hash

c7be05de5cd63024a7511491cc1b9e41a805d47a945fe80152b0b0692007e003

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 18 Nov 2024 09:21:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 09:21:07 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 18 Nov 2024 07:22:41 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 65ms
6ms Script
text/javascript 172.253.118.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f132.1e100.net

Software

sffe /

Resource Hash

e1df1ea5eb3649c271f9251dd0f522f71583f47396dbf6495bb6507ed06c84ed

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

content-encoding: br
etag: "6cd5bd85d22351ce"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Mon, 18 Nov 2024 09:21:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 09:21:07 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=3000, stale-while-revalidate=1206600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 73112
x-xss-protection: 0
server: sffe

GET
H2 200 amp-carousel-0.1.js Show response
cdn.ampproject.org/v0/ 38 KB
11 KB 50ms
48ms Script
text/javascript 172.253.118.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-carousel-0.1.js

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f132.1e100.net

Software

sffe /

Resource Hash

b26e9d1dd9dffd00871f9994bf1248edb1fe4faafc99196c91fb5176000593e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

content-encoding: br
etag: "9925a53ff9d805bc"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Mon, 18 Nov 2024 09:21:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 09:21:07 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 11524
x-xss-protection: 0
server: sffe

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
9 KB 10ms
8ms Script
text/javascript 172.253.118.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f132.1e100.net

Software

sffe /

Resource Hash

8ac498c33fba0e0be977df8bb06207fd1bbd2892ddd33d0dfa5e48838e5a7e81

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

content-encoding: br
etag: "e8f022bde01b1e0a"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Mon, 18 Nov 2024 09:21:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 09:21:07 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 9629
x-xss-protection: 0
server: sffe

GET
H2 200 amp-anim-0.1.js Show response
cdn.ampproject.org/v0/ 6 KB
3 KB 7ms
6ms Script
text/javascript 172.253.118.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-anim-0.1.js

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f132.1e100.net

Software

sffe /

Resource Hash

9d8bb7b77045c72920ec18ec9b361b431b577a3ad47fff0376cb701fe1e4a507

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

content-encoding: br
etag: "7048733b555ba73c"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Mon, 18 Nov 2024 09:21:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 09:21:07 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 2476
x-xss-protection: 0
server: sffe

GET
H2 200 amp-iframe-0.1.js Show response
cdn.ampproject.org/v0/ 25 KB
9 KB 9ms
8ms Script
text/javascript 172.253.118.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-iframe-0.1.js

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f132.1e100.net

Software

sffe /

Resource Hash

90a0a692795e552c341d7bd98cb76ce5fc5a9ace287a92ac44ce0e6fe93b034f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

content-encoding: br
etag: "77dcc70a0a78da30"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Mon, 18 Nov 2024 09:21:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 09:21:07 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 8921
x-xss-protection: 0
server: sffe

GET
H2 200 amp-lightbox-0.1.js Show response
cdn.ampproject.org/v0/ 26 KB
8 KB 10ms
9ms Script
text/javascript 172.253.118.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-lightbox-0.1.js

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f132.1e100.net

Software

sffe /

Resource Hash

5eadb4e3d0159cd2aef3d599d1418058b76c16b1ec128d357fe90679fe3b78c7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

content-encoding: br
etag: "4c19a547608350d3"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Mon, 18 Nov 2024 09:21:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 09:21:07 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 8545
x-xss-protection: 0
server: sffe

GET
H2

200

scc-c2.min.js Show response
img1.wsimg.com/signals/js/clients/scc-c2/
Redirect Chain

https://img1.wsimg.com/traffic-assets/js/tccl.min.js
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js

105 KB
21 KB

16ms
15ms

Script
text/javascript

23.52.40.171
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
Requested by: Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/
Protocol: H2
Server: 23.52.40.171 Singapore, Singapore, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-52-40-171.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1b4dacb0dafda81d48ee0890ea113b3b8275bf2d16d5325f971f16eb75f7218a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

content-encoding: gzip
x-amz-meta-version: 0.4.7
etag: "6a7950cc31489069917bf817b62b2bfe"
x-amz-version-id: 4pexUB2ckSZgPfbjokD3loiC8DEV2lsi
expires: Mon, 18 Nov 2024 09:51:07 GMT
date: Mon, 18 Nov 2024 09:21:07 GMT
last-modified: Tue, 24 Sep 2024 20:55:06 GMT
content-type: text/javascript
vary: Accept-Encoding
x-amz-id-2: ya8H/gvTVyPFcfmSyBE3V3izdti7/c4HCpUap0azmsTN+42PsSATzZsEgIsqDLVa+ser1Q7t/Vg=
cache-control: max-age=1800
timing-allow-origin: *
x-amz-request-id: 258C83KMKB1H0YWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20968
x-amz-server-side-encryption: AES256

Redirect headers

expires: Tue, 18 Nov 2025 09:21:07 GMT
cache-control: max-age=31536000
location: https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
content-length: 0
access-control-allow-origin: *
date: Mon, 18 Nov 2024 09:21:07 GMT
timing-allow-origin: *

GET
H3 200 NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
fonts.gstatic.com/s/titilliumweb/v17/ 12 KB
12 KB 18ms
6ms Font
font/woff2 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v17/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Titillium+Web:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://xg88palinghoki.icu
Referer: https://fonts.googleapis.com/

Response headers

age: 108808
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 03:07:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 03:07:39 GMT
last-modified: Thu, 24 Aug 2023 20:30:13 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12372
x-xss-protection: 0
server: sffe

GET
H3 200 NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v17/ 12 KB
12 KB 15ms
5ms Font
font/woff2 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v17/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Titillium+Web:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://xg88palinghoki.icu
Referer: https://fonts.googleapis.com/

Response headers

age: 376821
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 14 Nov 2025 00:40:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 00:40:46 GMT
last-modified: Thu, 24 Aug 2023 20:48:16 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11796
x-xss-protection: 0
server: sffe

GET
H3 200 NaPAcZTIAOhVxoMyOr9n_E7fdMbWD6xW.woff2
fonts.gstatic.com/s/titilliumweb/v17/ 13 KB
13 KB 18ms
6ms Font
font/woff2 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v17/NaPAcZTIAOhVxoMyOr9n_E7fdMbWD6xW.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Titillium+Web:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

51c77586201df2f52721fa5ded6b091f201aa2227b663903c2a3522d90dd8476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://xg88palinghoki.icu
Referer: https://fonts.googleapis.com/

Response headers

age: 34921
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 23:39:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 23:39:06 GMT
last-modified: Thu, 24 Aug 2023 20:57:16 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13792
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d07509efcaa8be4a87f5405e7750e4df6d16949b293dd756abdcbaadda8bc58

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c93f128a74f91554ced9bc0e9bea8afc896a315028bfb2ea6b615d58fe3e0607

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfb32282c4cafe2586dbdf56ecb3e72916d32850a9eec5ca47ec4b07c4c4f07c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44d39af0fa955dcd5801e3c153e740f3da8e05bad60b01ece1e80a266f03b94d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 597a4d8f07e81fa602193405e26c037c9dd4e605ab8f36e371ae0855362e28f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4167006d8b8fd64ae3c764a7a1716857875e96aa846709adbd785ca0c9d60ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 83 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4bfe175a79d1a5ac0ffb60e879d653a9a995f6fc372ea7063896806c326b36e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 2CT4QYQ.gif
iili.io/ 62 KB
63 KB 173ms
93ms Image
image/gif 104.21.235.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iili.io/2CT4QYQ.gif
Requested by: Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.235.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d31c18658456561394c9756f2a28f2c0ee4b3705bbdf5e3abbb1c662e02b334

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

cf-cache-status: HIT
age: 926622
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=85UC10EStFcXNhpH8k5iZSSCCwp2uMZBiorO7KtgNkDY6WlDmnYvqhYjY5uJbMmlzd5%2F%2BIxtU%2FbEY2465w7irIeweWj59%2FMLp7Op2Q8aXVJ04DTpdA%2BfmfNc"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=69536&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4095&recv_bytes=4309&delivery_rate=45945&cwnd=12000&unsent_bytes=0&cid=0ed1ac906406921c&ts=96&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 18 Nov 2024 09:21:08 GMT
content-type: image/gif
last-modified: Tue, 29 Oct 2024 17:41:05 GMT
vary: Accept-Encoding
priority: u=1,i
cache-control: public, max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e46e3797efef5e5-NRT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 63473
server: cloudflare

GET
H2 200 popular-games.png
dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/layout/ 505 B
2 KB 35ms
15ms Image
image/png 13.35.226.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/layout/popular-games.png?v=20240708-4

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.226.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-226-75.sin2.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

7eaa1f6f233c41b4c32bcb79d37e77a815917ca8d393a9b65628fc1fd8a87ffc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

etag: "0559e8e5c8d61:0"
age: 6052
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: G49YcMbPy27_k0VdAA8pjmAvzeoZcmq41lBQh5Fuf-rt7oSvW0dPKg==
date: Mon, 18 Nov 2024 07:40:15 GMT
content-type: image/png
last-modified: Wed, 02 Dec 2020 20:01:22 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 b4bed801c18388802555fd401702543e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 505
x-xss-protection: 1; mode=block
x-amz-cf-pop: SIN2-P8
server: TrillionSoft

GET
H2 200 vs20fruitswx.jpg
dsuown9evwz4y.cloudfront.net/Images/providers/PP/ 32 KB
33 KB 29ms
10ms Image
image/jpeg 13.35.226.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsuown9evwz4y.cloudfront.net/Images/providers/PP/vs20fruitswx.jpg?v=20240708-4

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.226.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-226-75.sin2.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

27f45c6011e18f4013c42ead9de439c71375350d01656fcb02ab32ce4c2ce08e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

etag: "030ba8624acda1:0"
age: 6075
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: BPLUjjJAn4ixdlenTuNVprTNMoSeZjY14KYbM67DSRhr0FmrsaDGNQ==
date: Mon, 18 Nov 2024 07:39:52 GMT
content-type: image/jpeg
last-modified: Wed, 22 May 2024 08:46:24 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 b4bed801c18388802555fd401702543e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 32605
x-xss-protection: 1; mode=block
x-amz-cf-pop: SIN2-P8
server: TrillionSoft

GET
H2 200 mahjong-ways.jpg
dsuown9evwz4y.cloudfront.net/Images/providers/PGSOFT/ 35 KB
37 KB 31ms
12ms Image
image/jpeg 13.35.226.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsuown9evwz4y.cloudfront.net/Images/providers/PGSOFT/mahjong-ways.jpg?v=20240708-4

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.226.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-226-75.sin2.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

1b07c49de746084a404bf269f5a352d28732b5b2da9581505f96a591653cca33

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

etag: "0435fa416f1d71:0"
age: 6076
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: bfSZqOC58KGICP1nO8RF4kr7tjtsllNZf1j0mc8-OYbZRgORlcDOGg==
date: Mon, 18 Nov 2024 07:39:51 GMT
content-type: image/jpeg
last-modified: Tue, 14 Dec 2021 18:15:58 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 b4bed801c18388802555fd401702543e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 36181
x-xss-protection: 1; mode=block
x-amz-cf-pop: SIN2-P8
server: TrillionSoft

GET
H2 200 vswaysmahwin2.jpg
dsuown9evwz4y.cloudfront.net/Images/providers/PP/ 32 KB
34 KB 41ms
23ms Image
image/jpeg 13.35.226.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsuown9evwz4y.cloudfront.net/Images/providers/PP/vswaysmahwin2.jpg?v=20240708-4

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.226.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-226-75.sin2.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

f0cd479240a6d323c2bd347c4391f29ceffcd8d44f6c624e2511b637ab7e5191

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

etag: "0cf3b3bd719db1:0"
age: 6075
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: x3I2LuLn0y_D7npTzSNA7k2TE5ZnJuVgmm9K5oWs3U46lzVnDvjTsg==
date: Mon, 18 Nov 2024 07:39:52 GMT
content-type: image/jpeg
last-modified: Tue, 08 Oct 2024 23:10:14 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 b4bed801c18388802555fd401702543e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 33266
x-xss-protection: 1; mode=block
x-amz-cf-pop: SIN2-P8
server: TrillionSoft

GET
H2 200 vs20fruitjpas.jpg
dsuown9evwz4y.cloudfront.net/Images/providers/PP/ 33 KB
34 KB 32ms
13ms Image
image/jpeg 13.35.226.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsuown9evwz4y.cloudfront.net/Images/providers/PP/vs20fruitjpas.jpg?v=20240708-4

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.226.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-226-75.sin2.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

1bb5692cfbae44f89236bf372e7469000e74b814f7f65713cfbec624ceb82bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

etag: "0a3b9f735b2da1:0"
age: 6075
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: Wyx5XWtK5awbWCHiqpTH7YNB12_zNs74dBtQcUdXHiJE17jWufdIqg==
date: Mon, 18 Nov 2024 07:39:52 GMT
content-type: image/jpeg
last-modified: Thu, 30 May 2024 02:06:22 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 b4bed801c18388802555fd401702543e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 33558
x-xss-protection: 1; mode=block
x-amz-cf-pop: SIN2-P8
server: TrillionSoft

GET
H2 200 HACKSAW_1534.jpg
dsuown9evwz4y.cloudfront.net/Images/providers/HACKSAW/ 36 KB
37 KB 32ms
14ms Image
image/jpeg 13.35.226.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsuown9evwz4y.cloudfront.net/Images/providers/HACKSAW/HACKSAW_1534.jpg?v=20240708-4

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.226.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-226-75.sin2.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

7665da10ed48e0d5abf63a934dfeceb9a3dc7c90fec8e7e63c9eb247b999d7e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

etag: "04a426de5d0da1:0"
age: 6071
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: S4oXlSc-tfIj9r_MQUXi3dEtgYKYPXvhRzisXwviQ__JBSMxakq8uQ==
date: Mon, 18 Nov 2024 07:39:56 GMT
content-type: image/jpeg
last-modified: Mon, 08 Jul 2024 03:17:56 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 b4bed801c18388802555fd401702543e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 36695
x-xss-protection: 1; mode=block
x-amz-cf-pop: SIN2-P8
server: TrillionSoft

GET
H2 200 vs20olympx.jpg
dsuown9evwz4y.cloudfront.net/Images/providers/PP/ 30 KB
31 KB 31ms
18ms Image
image/jpeg 13.35.226.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsuown9evwz4y.cloudfront.net/Images/providers/PP/vs20olympx.jpg?v=20240708-4

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.226.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-226-75.sin2.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

44f042e3cc5a421530cea03d08309f0ed890ee700191b9788e9be3932929ccd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

etag: "0d581c0ae53da1:0"
age: 6075
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: rwtQz3PMke8tDKyqH9lXezjBi_61O4YqdyRPZ81es87VE1AmpyHYJw==
date: Mon, 18 Nov 2024 07:39:52 GMT
content-type: image/jpeg
last-modified: Tue, 30 Jan 2024 19:01:38 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 b4bed801c18388802555fd401702543e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 30713
x-xss-protection: 1; mode=block
x-amz-cf-pop: SIN2-P8
server: TrillionSoft

GET
H2 200 HACKSAW_1508.jpg
dsuown9evwz4y.cloudfront.net/Images/providers/HACKSAW/ 148 KB
149 KB 11ms
5ms Image
image/jpeg 13.35.226.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsuown9evwz4y.cloudfront.net/Images/providers/HACKSAW/HACKSAW_1508.jpg?v=20240708-4

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.226.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-226-75.sin2.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

184c3da0ab4515c145911527798b440c9b166d3b7fb140911e36b293f4aaffdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

etag: "0b4558374b8da1:0"
age: 6056
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: cAdPUuehzRlCOth4b_Y_uExgUQ-j1_CSvCOQglFdSbVXBEE-w3vIKA==
date: Mon, 18 Nov 2024 07:40:12 GMT
content-type: image/jpeg
last-modified: Fri, 07 Jun 2024 00:49:12 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 b4bed801c18388802555fd401702543e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 151196
x-xss-protection: 1; mode=block
x-amz-cf-pop: SIN2-P8
server: TrillionSoft

GET
H2 200 download-app.png
dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/layout/ 4 KB
5 KB 30ms
19ms Image
image/png 13.35.226.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/layout/download-app.png?v=20240708-4

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.226.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-226-75.sin2.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

952f2e4cba9a135244f121cc76732ec7e6d2e0cc5eac0ac6cec68dfac3771803

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

etag: "0f46c2c44ad71:0"
age: 6052
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 5UMykA7_jCaIQYnPgCjgKgZxLLkvJF7Bc34qhanGpyIZWlkSaFDcuQ==
date: Mon, 18 Nov 2024 07:40:15 GMT
content-type: image/png
last-modified: Mon, 17 May 2021 02:31:36 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 b4bed801c18388802555fd401702543e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 3917
x-xss-protection: 1; mode=block
x-amz-cf-pop: SIN2-P8
server: TrillionSoft

GET
H2 200 android-logo.png
dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/home/ 8 KB
9 KB 30ms
18ms Image
image/png 13.35.226.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/home/android-logo.png?v=20240708-4

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.226.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-226-75.sin2.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

f62d45f61a67d69edbed4fcda98712d07629dddaa5c2fedb7bb4bbcd4a6c875a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

etag: "0c419d5c44ad71:0"
age: 4483
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: UeMy-4o4sVZ20DD4IR2nlPdSzySWU3435ctc5cWCsjuU-pORXNS6cw==
date: Mon, 18 Nov 2024 08:06:24 GMT
content-type: image/png
last-modified: Mon, 17 May 2021 02:32:08 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 b4bed801c18388802555fd401702543e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 8119
x-xss-protection: 1; mode=block
x-amz-cf-pop: SIN2-P8
server: TrillionSoft

GET
H2 200 home-active.svg
dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/layout/footer/ 661 B
2 KB 26ms
15ms Image
image/svg+xml 13.35.226.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/layout/footer/home-active.svg?v=20240708-4

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.226.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-226-75.sin2.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

c2623d2498c15609bc6c50add85550824328728fc2cbf9cd0517d41e2f485ca0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

etag: "0559e8e5c8d61:0"
age: 6052
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: k35vNKnLTjbAsSBzK1zHhD-VpBj2QEP3j3QE2HKs8UiF98S1yhCRpw==
date: Mon, 18 Nov 2024 07:40:15 GMT
content-type: image/svg+xml
last-modified: Wed, 02 Dec 2020 20:01:22 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 b4bed801c18388802555fd401702543e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 661
x-xss-protection: 1; mode=block
x-amz-cf-pop: SIN2-P8
server: TrillionSoft

GET
H2 200 mobile-app.svg
dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/layout/footer/ 1006 B
2 KB 34ms
22ms Image
image/svg+xml 13.35.226.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/layout/footer/mobile-app.svg?v=20240708-4

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.226.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-226-75.sin2.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

964f7bb35c026e16a7ce5fa5d325b3ac468578e5c6872fb2740f9ac3d0c1730b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

content-encoding: br
etag: W/"09e4992b966d71:0"
age: 3424
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: vByk93ByXbuXhHPXcoMeKWtgvw5r-Gv4056dPozCZCXxu742WlkE3A==
date: Mon, 18 Nov 2024 08:24:03 GMT
content-type: image/svg+xml
last-modified: Mon, 21 Jun 2021 16:22:04 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 b4bed801c18388802555fd401702543e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: SIN2-P8
server: TrillionSoft

GET
H2 200 login.svg
dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/layout/footer/ 2 KB
2 KB 31ms
19ms Image
image/svg+xml 13.35.226.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/layout/footer/login.svg?v=20240708-4

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.226.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-226-75.sin2.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

87c8eb0cb8c9de4c9c575796a4fce9c6148ce7581066525528f6ba6a39d95a08

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

content-encoding: br
etag: W/"0559e8e5c8d61:0"
age: 6057
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: wq7-o2Tz0VD_HqodkVDd0YO5uC96oyLf-sZC5cadYp9esodk0EExPQ==
date: Mon, 18 Nov 2024 07:40:10 GMT
content-type: image/svg+xml
last-modified: Wed, 02 Dec 2020 20:01:22 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 b4bed801c18388802555fd401702543e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: SIN2-P8
server: TrillionSoft

GET
H2 200 promotion.svg
dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/layout/footer/ 2 KB
2 KB 34ms
22ms Image
image/svg+xml 13.35.226.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/layout/footer/promotion.svg?v=20240708-4

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.226.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-226-75.sin2.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

f583910e1f6aadb95122357c08d69abd7b086abe03ef9d94ddf80d8479182a6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

content-encoding: br
etag: W/"0559e8e5c8d61:0"
age: 6057
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: G8_2vUJMRizxjM9GSckaE5qa4a7nloPlSRIsf2VLnUJqEQn86Lw9GQ==
date: Mon, 18 Nov 2024 07:40:10 GMT
content-type: image/svg+xml
last-modified: Wed, 02 Dec 2020 20:01:22 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 b4bed801c18388802555fd401702543e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: SIN2-P8
server: TrillionSoft

GET
H2 200 live-chat.svg
dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/layout/footer/ 5 KB
3 KB 32ms
20ms Image
image/svg+xml 13.35.226.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/layout/footer/live-chat.svg?v=20240708-4

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.226.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-226-75.sin2.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

1737651796767edb71fdc2232e60f4055a4d63e9a8da4e164af3adb897d85153

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

content-encoding: br
etag: W/"0e9ccb9ef3d71:0"
age: 6057
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: g_KHcMBs0mgPAHwbK94-VNrNi_WcHjQWJv6Khr5gSsOz_DskZp_3iQ==
date: Mon, 18 Nov 2024 07:40:10 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Feb 2021 23:10:18 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 b4bed801c18388802555fd401702543e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: SIN2-P8
server: TrillionSoft

GET
H2 200 telegram.svg
dsuown9evwz4y.cloudfront.net/Images/communications/ 307 B
1 KB 13ms
6ms Image
image/svg+xml 13.35.226.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsuown9evwz4y.cloudfront.net/Images/communications/telegram.svg?v=20240708-4

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.226.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-226-75.sin2.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

6ee3beb98bdd022f21a47aed20a9581e407810acc36bbb10e5614dc3a6c53298

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

etag: "0c3abd379a2d61:0"
age: 6077
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: Dchrdmd5G-6AltLjY6BpHwTKnx58549ELtjPVy5nnN_00o3RrDwEHg==
date: Mon, 18 Nov 2024 07:39:51 GMT
content-type: image/svg+xml
last-modified: Wed, 14 Oct 2020 22:31:58 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 b4bed801c18388802555fd401702543e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 307
x-xss-protection: 1; mode=block
x-amz-cf-pop: SIN2-P8
server: TrillionSoft

GET BCA_e1bab23f-dda6-4835-b3ce-d5039f28546c_1723383221143.png
api2-xgs.imgnxb.com/images/XGS// 0
0

GET BNI_3d30334c-d871-46fb-80b3-0fcb12f99b87_1723383402353.png
api2-xgs.imgnxb.com/images/XGS// 0
0

GET BRI_a458ab91-91a3-49ac-98b3-1bfc5d1966bd_1723383337427.png
api2-xgs.imgnxb.com/images/XGS// 0
0

GET DANA_afca44fa-ce69-4b2a-8a4a-e5c84a0931f8_1723383046723.png
api2-xgs.imgnxb.com/images/XGS// 0
0

GET GOPAY_8f799285-06e0-4a2b-8201-710ec2a9a341_1723381993577.png
api2-xgs.imgnxb.com/images/XGS// 0
0

GET
H2 200 LINKAJA_fd43394f-7f75-4d88-90aa-702f1881c319_1723382174580.png
api2-xgs.imgnxb.com/images/XGS// 8 KB
8 KB 235ms
213ms Image
image/png 104.26.2.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-xgs.imgnxb.com/images/XGS//LINKAJA_fd43394f-7f75-4d88-90aa-702f1881c319_1723382174580.png

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.54 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c5528a08fa54b8f152431cc7074885de1b95756bb55ad5a5a30d568f62861d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

cf-cache-status: REVALIDATED
etag: "408d5c491ff4da1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F4Rsr75TKJFBvhWGyIkjOTqog0bGsetYZe5ghENvPBjPgERASUOsWg%2BOo2R3icnxdSJU1VU0MdvrWIdbeic6Mo2OG5t452070FuB7i5qV5iAQloFUyaTi%2BXcZv%2BhD%2BN5elYrGXg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=5108&sent=31&recv=27&lost=0&retrans=0&sent_bytes=8839&recv_bytes=3203&delivery_rate=9021806&cwnd=256&unsent_bytes=0&cid=52e8701f0083d5e9&ts=224&x=0"
date: Mon, 18 Nov 2024 09:21:08 GMT
content-type: image/png
last-modified: Wed, 21 Aug 2024 23:10:17 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e46e378ec6b87ae-SIN
accept-ranges: bytes
content-length: 7967
x-xss-protection: 1; mode=block
server: cloudflare

GET MANDIRI_ec4427ff-2e6e-4657-a2fe-b3702bc15e7c_1723383459177.png
api2-xgs.imgnxb.com/images/XGS// 0
0

GET OVO_fb9f059e-e9c4-4689-8522-8c2af50e7d10_1723382191330.png
api2-xgs.imgnxb.com/images/XGS// 0
0

GET
H2 200 vin-gaming-amp.png
dsuown9evwz4y.cloudfront.net/Images/platform-engine/ 7 KB
8 KB 13ms
7ms Image
image/png 13.35.226.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsuown9evwz4y.cloudfront.net/Images/platform-engine/vin-gaming-amp.png?v=20240708-4

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.226.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-226-75.sin2.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

9aef6b4c208784d5ad9124fc18af5f3383d372dd3c2b4b8ada59055de7cd95b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

etag: "049bb59ec1da1:0"
age: 6064
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: RUu7iIV_Jfe29lt8_pRQFb_LrTwj7FQlo-R-p2Vo3IixRsbkyKEZcg==
date: Mon, 18 Nov 2024 07:40:04 GMT
content-type: image/png
last-modified: Mon, 17 Jun 2024 23:30:34 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 b4bed801c18388802555fd401702543e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 6753
x-xss-protection: 1; mode=block
x-amz-cf-pop: SIN2-P8
server: TrillionSoft

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012410292120000/v0/ 8 KB
3 KB 16ms
5ms Script
text/javascript 172.253.118.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012410292120000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f132.1e100.net

Software

sffe /

Resource Hash

abe6c341a1a7d3678e52ea41abbd3c1dd739819dcc686ec6f568009ae2f67dbf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://xg88palinghoki.icu
Referer: https://xg88palinghoki.icu/

Response headers

content-encoding: br
etag: "f0f2b169fa87a905"
age: 90696
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 08:09:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 08:09:32 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 2970
x-xss-protection: 0
server: sffe

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012410292120000/v0/ 12 KB
4 KB 5ms
5ms Script
text/javascript 172.253.118.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012410292120000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f132.1e100.net

Software

sffe /

Resource Hash

7326dfdb6af366b254ec02068d53c0a781e9ed98487a9fb05dad9d15bfcd237b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://xg88palinghoki.icu
Referer: https://xg88palinghoki.icu/

Response headers

content-encoding: br
etag: "b22012622c63a36b"
age: 34347
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 23:48:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 23:48:41 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 3929
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 149 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 nex4d-banner-august-desktop.jpg
dsuown9evwz4y.cloudfront.net/Images/banners/home/ 294 KB
295 KB 15ms
11ms Image
image/jpeg 13.35.226.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsuown9evwz4y.cloudfront.net/Images/banners/home/nex4d-banner-august-desktop.jpg

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.226.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-226-75.sin2.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

84ebef090ee6a18e23d08d8775b5be026ec96c99cc84de358dc72f6b093ac59e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

etag: "0f22ae69be8da1:0"
age: 5511
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 2W3SkYNqsPlc68lK8_ZZ-xFN6eeZsxnCpUMaEu3DiCPe5O6aDgZF_A==
date: Mon, 18 Nov 2024 07:49:17 GMT
content-type: image/jpeg
last-modified: Wed, 07 Aug 2024 07:32:04 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 b4bed801c18388802555fd401702543e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 300861
x-xss-protection: 1; mode=block
x-amz-cf-pop: SIN2-P8
server: TrillionSoft

GET
H2 200 id_cbd_0418d4f7-242f-45b3-ab27-abf651fb7ea1_1720273722693.jpg
api2-xgs.imgnxb.com/images/XGS/ 284 KB
285 KB 364ms
361ms Image
image/jpeg 104.26.2.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-xgs.imgnxb.com/images/XGS/id_cbd_0418d4f7-242f-45b3-ab27-abf651fb7ea1_1720273722693.jpg

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.54 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d49acc006f808fdbc287e3c71099e95b80b5caee274b314e351b5ad9b74cc1d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

cf-cache-status: MISS
etag: "6edb43461ff4da1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PLSQXozyeDpCvllUYy%2BT%2B4X64gbeS5VQULZKZz66tEstpyt51k8on%2BH6ou2kFLDonvhCLpOSbpOM6aE6rnRVsl67Dixi22orbPTn9Emxw7XaRydoCHDjz0TixM%2BzM4FZSxo3Smo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=1370&sent=85&recv=56&lost=0&retrans=0&sent_bytes=81967&recv_bytes=3203&delivery_rate=23079695&cwnd=256&unsent_bytes=0&cid=52e8701f0083d5e9&ts=466&x=0"
date: Mon, 18 Nov 2024 09:21:08 GMT
content-type: image/jpeg
last-modified: Wed, 21 Aug 2024 23:10:12 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e46e3798d1387ae-SIN
accept-ranges: bytes
content-length: 291061
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 id_cbd_1ce584c2-d3a2-46fb-af12-198b19a69db5_1721482025160.jpg
api2-xgs.imgnxb.com/images/XGS/ 218 KB
219 KB 281ms
277ms Image
image/jpeg 104.26.2.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-xgs.imgnxb.com/images/XGS/id_cbd_1ce584c2-d3a2-46fb-af12-198b19a69db5_1721482025160.jpg

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.54 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edae7da94363ca1937514ed992de597515bfb6cf4c3e3147b73e7dedf7175946

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

cf-cache-status: MISS
etag: "d7c62451ff4da1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vv3PDuFkKv0MeDIeO7houF8d2FyqgaGAX5zbMc6H29kp2LUGDP7EHWnMt%2Fzt50r5dcVZ5N7EnnyKzRgUH%2B1f6e6LOzKBJG7wkSJnT9Hxhw8osfAGh4nkN62PdwpdMliR2ASEDHw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=2390&sent=38&recv=36&lost=0&retrans=0&sent_bytes=17456&recv_bytes=3203&delivery_rate=9021806&cwnd=256&unsent_bytes=0&cid=52e8701f0083d5e9&ts=384&x=0"
date: Mon, 18 Nov 2024 09:21:08 GMT
content-type: image/jpeg
last-modified: Wed, 21 Aug 2024 23:10:10 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e46e3798d1687ae-SIN
accept-ranges: bytes
content-length: 223069
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 hot-games.svg
dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/menu/ 2 KB
2 KB 16ms
13ms Image
image/svg+xml 13.35.226.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/menu/hot-games.svg?v=20240708-4

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.226.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-226-75.sin2.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

9d9f9c92b8b844179b9afcd27b0c237d22492bc5f79641ade02eb8c37a28ee20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

content-encoding: br
etag: W/"03b66bf9aada1:0"
age: 6053
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 9_1as_HkTl5xAbPD0riMW6Qjyl56awAo9JsCHOjLiuS1v4AMXjJTlg==
date: Mon, 18 Nov 2024 07:40:15 GMT
content-type: image/svg+xml
last-modified: Mon, 20 May 2024 21:05:18 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 b4bed801c18388802555fd401702543e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: SIN2-P8
server: TrillionSoft

GET
H2 200 slots.svg
dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/menu/ 2 KB
2 KB 17ms
14ms Image
image/svg+xml 13.35.226.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/menu/slots.svg?v=20240708-4

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.226.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-226-75.sin2.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

344677023acdfa7a8a3e3cde4946db25c7edc2bb2fbd3175c90ca5f129baeae4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

content-encoding: br
etag: W/"03b66bf9aada1:0"
age: 6053
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: y2uqni3sHdsvguHGAKNqRbZlZ_9l83qSRsBU238xPlcCBK3Zt3CBLg==
date: Mon, 18 Nov 2024 07:40:15 GMT
content-type: image/svg+xml
last-modified: Mon, 20 May 2024 21:05:18 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 b4bed801c18388802555fd401702543e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: SIN2-P8
server: TrillionSoft

GET
H2 200 casino.svg
dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/menu/ 3 KB
2 KB 19ms
16ms Image
image/svg+xml 13.35.226.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/menu/casino.svg?v=20240708-4

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.226.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-226-75.sin2.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

4f684329ad10ece2378a8889d476366ef7d1c70c293caf8931ba9649f075b9e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

content-encoding: br
etag: W/"03b66bf9aada1:0"
age: 6053
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: DicU0Q73O3J-4ySJCIgkFM4Q6rTJwMtMOuximRcF7x4YEjIL_H056g==
date: Mon, 18 Nov 2024 07:40:15 GMT
content-type: image/svg+xml
last-modified: Mon, 20 May 2024 21:05:18 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 b4bed801c18388802555fd401702543e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: SIN2-P8
server: TrillionSoft

GET
H2 200 others.svg
dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/menu/ 1 KB
2 KB 17ms
15ms Image
image/svg+xml 13.35.226.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/menu/others.svg?v=20240708-4

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.226.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-226-75.sin2.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

8fec5c40678f728a2e3c9bb0472e0005318afba7a5c191889dafb8a1a48d50cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

content-encoding: br
etag: W/"03b66bf9aada1:0"
age: 6053
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: YONQJpoalmf4IQ27GlDddB0upXrYq_iqy7T_cBFcQqsieL1uq69nhA==
date: Mon, 18 Nov 2024 07:40:15 GMT
content-type: image/svg+xml
last-modified: Mon, 20 May 2024 21:05:18 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 b4bed801c18388802555fd401702543e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: SIN2-P8
server: TrillionSoft

GET
H2 200 sports.svg
dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/menu/ 2 KB
2 KB 18ms
16ms Image
image/svg+xml 13.35.226.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/menu/sports.svg?v=20240708-4

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.226.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-226-75.sin2.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

00cf3daaaff0b71cfaf4078749b4376b1435f77b0056868ad4f8868648274e78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

content-encoding: br
etag: W/"03b66bf9aada1:0"
age: 6053
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: -gpyGDl8mF3yMbAT9Al_90mYqsG8LKDe-rx_kbSMhrpej4nQp3O8qw==
date: Mon, 18 Nov 2024 07:40:15 GMT
content-type: image/svg+xml
last-modified: Mon, 20 May 2024 21:05:18 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 b4bed801c18388802555fd401702543e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: SIN2-P8
server: TrillionSoft

GET
H2 200 crash-game.svg
dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/menu/ 3 KB
3 KB 24ms
22ms Image
image/svg+xml 13.35.226.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/menu/crash-game.svg?v=20240708-4

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.226.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-226-75.sin2.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

dbb0a43a7e0ce59bd48cacbf629e93d674aaee0d8467b49c223f6780c5b884f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

content-encoding: br
etag: W/"03b66bf9aada1:0"
age: 6053
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: nb9CCGJplZYkY5Hr7fquNIzjdX-SFiz1BQ_0wv3bNgGwGccSncRJWA==
date: Mon, 18 Nov 2024 07:40:15 GMT
content-type: image/svg+xml
last-modified: Mon, 20 May 2024 21:05:18 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 b4bed801c18388802555fd401702543e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: SIN2-P8
server: TrillionSoft

GET
H2 200 arcade.svg
dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/menu/ 1 KB
2 KB 22ms
20ms Image
image/svg+xml 13.35.226.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/menu/arcade.svg?v=20240708-4

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.226.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-226-75.sin2.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

51af79192c3cb0031c4544a76511ba4cd770c4c3640fdf4f51ea44eaf3c0688b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

content-encoding: br
etag: W/"03b66bf9aada1:0"
age: 6053
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 180zv4brXfXJeE9dfrNtzJJgEZUj59SfSzbFT1dpEg4xxp98BqSoBw==
date: Mon, 18 Nov 2024 07:40:15 GMT
content-type: image/svg+xml
last-modified: Mon, 20 May 2024 21:05:18 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 b4bed801c18388802555fd401702543e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: SIN2-P8
server: TrillionSoft

GET
H2 200 poker.svg
dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/menu/ 2 KB
2 KB 24ms
22ms Image
image/svg+xml 13.35.226.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/menu/poker.svg?v=20240708-4

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.226.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-226-75.sin2.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

aa38ee12fa7ae1d3f1d5048dc2c9d1f74ec56fcc3333ba5668690e7523efbeca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

content-encoding: br
etag: W/"03b66bf9aada1:0"
age: 6053
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: QWm_APogAN8qUkX3vJaNuBx0ZVIJwjRhKl-9lyWACa1SLKdMljKDHg==
date: Mon, 18 Nov 2024 07:40:15 GMT
content-type: image/svg+xml
last-modified: Mon, 20 May 2024 21:05:18 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 b4bed801c18388802555fd401702543e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: SIN2-P8
server: TrillionSoft

GET
H2 200 e-sports.svg
dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/menu/ 9 KB
5 KB 23ms
21ms Image
image/svg+xml 13.35.226.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/menu/e-sports.svg?v=20240708-4

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.226.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-226-75.sin2.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

57a56b5bd4d4aef24bd77aa1529cd1c2fd929062cfc5736a3148037f0fc396ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

content-encoding: br
etag: W/"03b66bf9aada1:0"
age: 6053
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: BTSPDNtGBVsZ0Njn-yxueRX28Yr13oQdnMsRZRnH-_D1-mPdIoGukw==
date: Mon, 18 Nov 2024 07:40:15 GMT
content-type: image/svg+xml
last-modified: Mon, 20 May 2024 21:05:18 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 b4bed801c18388802555fd401702543e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: SIN2-P8
server: TrillionSoft

GET
H2 200 cockfight.svg
dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/menu/ 5 KB
3 KB 24ms
23ms Image
image/svg+xml 13.35.226.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsuown9evwz4y.cloudfront.net/Images/nexus-beta/light-purple/mobile/menu/cockfight.svg?v=20240708-4

Requested by

Host: xg88palinghoki.icu
URL: https://xg88palinghoki.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.226.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-226-75.sin2.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

3459989be1ee95da26245875309b8a72f3db26b3678b15bc56febb2b0258059e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

content-encoding: br
etag: W/"095615fabb8da1:0"
age: 6053
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: qg-vwGT2ZANuTilwgQA0Qtvd_rGpE9H4voivwtE9LBEfDSS6DlnOJg==
date: Mon, 18 Nov 2024 07:40:15 GMT
content-type: image/svg+xml
last-modified: Fri, 07 Jun 2024 07:21:54 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 b4bed801c18388802555fd401702543e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: SIN2-P8
server: TrillionSoft

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ 43 B
284 B 210ms
178ms Fetch
image/gif 23.215.7.18
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.215.7.18 Singapore, Singapore, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a23-215-7-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
x-robots-tag: noindex, nofollow
cache-control: private
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://xg88palinghoki.icu
content-length: 43
x-xss-protection: 1; mode=block
date: Mon, 18 Nov 2024 09:21:08 GMT
content-type: image/gif
x-frame-options: DENY

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ 43 B
284 B 238ms
211ms Fetch
image/gif 23.215.7.18
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://events.api.secureserver.net/t/1/tl/event?dh=xg88palinghoki.icu&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F130.0.0.0%20Safari%2F537.36&client_name=scc-c2&cv=0.4.7&vg=8ae4cd3d-8b78-45f8-a1cb-199b5c9948c8&vtg=8ae4cd3d-8b78-45f8-a1cb-199b5c9948c8&dp=%2F&trace_id=e1dcbc912ad14f2688a6e75d1926516d&cts=2024-11-18T09%3A21%3A08.624Z&hit_id=7d7fca41-e7bb-4470-ba51-bca309bc3940&ea=pageperf&ht=perf&eid=traffic.tcc.instrumentation.navigation.timing&trfd=%7B%22ap%22%3A%22cpsh-oh%22%2C%22server%22%3A%22sg2plzcpnl505992%22%2C%22dcenter%22%3A%22sg2%22%2C%22cp_id%22%3A%2210057233%22%2C%22cp_cl%22%3A%228%22%7D&ap=cpsh-oh&vci=1798590504&z=1616321325&tce=1731921667731&tcs=1731921667716&tdc=1731921668610&tdclee=1731921668054&tdcles=1731921668054&tdi=1731921668052&tdl=1731921667754&tdle=1731921667715&tdls=1731921667707&tfs=1731921667706&tns=1731921667705&trqs=1731921667731&tre=1731921667751&trps=1731921667747&tles=1731921668611&tlee=0&nt=navigate&nav_type=hard

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.215.7.18 Singapore, Singapore, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a23-215-7-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xg88palinghoki.icu/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
x-robots-tag: noindex, nofollow
cache-control: private
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://xg88palinghoki.icu
content-length: 43
x-xss-protection: 1; mode=block
date: Mon, 18 Nov 2024 09:21:08 GMT
content-type: image/gif
x-frame-options: DENY

GET favicon_7a23e3f6-2e72-4ab2-a053-f6772130468e_1729617294170.png
api2-xgs.imgnxb.com/images/XGS/ 0
0

POST
H/1.1 202
Accepted eventbus
csp.secureserver.net/ 0
0 205ms
203ms Fetch
application/json 23.50.93.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.50.93.75 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-50-93-75.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

Authorization: api-key b18ef4f046435b64a469b32c3c1c20a3
Referer: https://xg88palinghoki.icu/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
Cache-Control: max-age=0, no-cache, no-store
x-amz-apigw-id: Bb4I3HLXvHcELHA=
x-envoy-upstream-service-time: 37
Pragma: no-cache
x-amzn-trace-id: Root=1-673b0705-7eaf936617caa3843b9402da
Connection: keep-alive
x-amzn-requestid: 184a6940-aec0-465c-a274-aef162801bf8
Expires: Mon, 18 Nov 2024 09:21:09 GMT
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Mon, 18 Nov 2024 09:21:09 GMT
Content-Type: application/json

POST
H/1.1 202
Accepted eventbus
csp.secureserver.net/ 0
0 193ms
191ms Fetch
application/json 23.50.93.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.50.93.75 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-50-93-75.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

Authorization: api-key 8da2217409854bee82e12dc4ca0b39fb
Referer: https://xg88palinghoki.icu/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
Cache-Control: max-age=0, no-cache, no-store
x-amz-apigw-id: Bb4I3HduvHcEjPA=
x-envoy-upstream-service-time: 28
Pragma: no-cache
x-amzn-trace-id: Root=1-673b0705-79cab82d30ebd81e6780ced4
Connection: keep-alive
x-amzn-requestid: bc405f55-4c71-49c3-8f9f-14a7fbb9fbf7
Expires: Mon, 18 Nov 2024 09:21:09 GMT
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Mon, 18 Nov 2024 09:21:09 GMT
Content-Type: application/json

OPTIONS
H/1.1 200
OK eventbus
csp.secureserver.net/ 0
0 200ms
168ms Preflight
application/json 23.50.93.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.50.93.75 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-50-93-75.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://xg88palinghoki.icu
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type,authorization
Access-Control-Allow-Methods: OPTIONS,POST
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Mon, 18 Nov 2024 09:21:09 GMT
Expires: Mon, 18 Nov 2024 09:21:09 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
x-amz-apigw-id: Bb4I1FcovHcEYEA=
x-amzn-requestid: d2bbc591-dcf1-4ed4-b0da-7a16832dc118
x-amzn-trace-id: Root=1-673b0704-2b810e85221b3b7424b29bb5
x-envoy-upstream-service-time: 6

OPTIONS
H/1.1 200
OK eventbus
csp.secureserver.net/ 0
0 209ms
178ms Preflight
application/json 23.50.93.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.50.93.75 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-50-93-75.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://xg88palinghoki.icu
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type,authorization
Access-Control-Allow-Methods: OPTIONS,POST
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Mon, 18 Nov 2024 09:21:09 GMT
Expires: Mon, 18 Nov 2024 09:21:09 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
x-amz-apigw-id: Bb4I1HbwPHcEkgw=
x-amzn-requestid: 9f2a1a03-2bcd-4285-8de2-919e5178071a
x-amzn-trace-id: Root=1-673b0704-5b526b124bfc8073222bb97c
x-envoy-upstream-service-time: 4

GET id_cbd_377d1376-90c3-4c32-ac8a-c8584f0d54c9_1715713701143.jpeg
api2-xgs.imgnxb.com/images/XGS/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api2-xgs.imgnxb.com
URL: https://api2-xgs.imgnxb.com/images/XGS//BCA_e1bab23f-dda6-4835-b3ce-d5039f28546c_1723383221143.png

Domain: api2-xgs.imgnxb.com
URL: https://api2-xgs.imgnxb.com/images/XGS//BNI_3d30334c-d871-46fb-80b3-0fcb12f99b87_1723383402353.png

Domain: api2-xgs.imgnxb.com
URL: https://api2-xgs.imgnxb.com/images/XGS//BRI_a458ab91-91a3-49ac-98b3-1bfc5d1966bd_1723383337427.png

Domain: api2-xgs.imgnxb.com
URL: https://api2-xgs.imgnxb.com/images/XGS//DANA_afca44fa-ce69-4b2a-8a4a-e5c84a0931f8_1723383046723.png

Domain: api2-xgs.imgnxb.com
URL: https://api2-xgs.imgnxb.com/images/XGS//GOPAY_8f799285-06e0-4a2b-8201-710ec2a9a341_1723381993577.png

Domain: api2-xgs.imgnxb.com
URL: https://api2-xgs.imgnxb.com/images/XGS//MANDIRI_ec4427ff-2e6e-4657-a2fe-b3702bc15e7c_1723383459177.png

Domain: api2-xgs.imgnxb.com
URL: https://api2-xgs.imgnxb.com/images/XGS//OVO_fb9f059e-e9c4-4689-8522-8c2af50e7d10_1723382191330.png

Domain: api2-xgs.imgnxb.com
URL: https://api2-xgs.imgnxb.com/images/XGS/favicon_7a23e3f6-2e72-4ab2-a053-f6772130468e_1729617294170.png

Domain: api2-xgs.imgnxb.com
URL: https://api2-xgs.imgnxb.com/images/XGS/id_cbd_377d1376-90c3-4c32-ac8a-c8584f0d54c9_1715713701143.jpeg

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.xg88palinghoki.icu/	1970-01-21 09:50:57	Name: _tccl_visitor Value: 8ae4cd3d-8b78-45f8-a1cb-199b5c9948c8
.xg88palinghoki.icu/	1970-01-21 01:05:23	Name: _tccl_visit Value: 8ae4cd3d-8b78-45f8-a1cb-199b5c9948c8
.xg88palinghoki.icu/	1970-01-21 01:05:22	Name: _scc_session Value: pc=1&C_TOUCH=2024-11-18T09:21:07.983Z

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2-xgs.imgnxb.com
cdn.ampproject.org
csp.secureserver.net
dsuown9evwz4y.cloudfront.net
events.api.secureserver.net
fonts.googleapis.com
fonts.gstatic.com
iili.io
img1.wsimg.com
xg88palinghoki.icu
api2-xgs.imgnxb.com
104.21.235.70
104.26.2.54
118.139.180.107
13.35.226.75
142.251.10.95
172.253.118.132
23.215.7.18
23.50.93.75
23.52.40.171
74.125.24.94
00cf3daaaff0b71cfaf4078749b4376b1435f77b0056868ad4f8868648274e78
1203e1f32c86aa67ecffcaa2e4768471ef5beb5709746c0daaa7ced83fb885c3
1737651796767edb71fdc2232e60f4055a4d63e9a8da4e164af3adb897d85153
184c3da0ab4515c145911527798b440c9b166d3b7fb140911e36b293f4aaffdc
1b07c49de746084a404bf269f5a352d28732b5b2da9581505f96a591653cca33
1b4dacb0dafda81d48ee0890ea113b3b8275bf2d16d5325f971f16eb75f7218a
1bb5692cfbae44f89236bf372e7469000e74b814f7f65713cfbec624ceb82bef
27f45c6011e18f4013c42ead9de439c71375350d01656fcb02ab32ce4c2ce08e
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce
2d31c18658456561394c9756f2a28f2c0ee4b3705bbdf5e3abbb1c662e02b334
344677023acdfa7a8a3e3cde4946db25c7edc2bb2fbd3175c90ca5f129baeae4
3459989be1ee95da26245875309b8a72f3db26b3678b15bc56febb2b0258059e
3c5528a08fa54b8f152431cc7074885de1b95756bb55ad5a5a30d568f62861d5
44d39af0fa955dcd5801e3c153e740f3da8e05bad60b01ece1e80a266f03b94d
44f042e3cc5a421530cea03d08309f0ed890ee700191b9788e9be3932929ccd0
4f684329ad10ece2378a8889d476366ef7d1c70c293caf8931ba9649f075b9e5
51af79192c3cb0031c4544a76511ba4cd770c4c3640fdf4f51ea44eaf3c0688b
51c77586201df2f52721fa5ded6b091f201aa2227b663903c2a3522d90dd8476
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
57a56b5bd4d4aef24bd77aa1529cd1c2fd929062cfc5736a3148037f0fc396ba
597a4d8f07e81fa602193405e26c037c9dd4e605ab8f36e371ae0855362e28f2
5d07509efcaa8be4a87f5405e7750e4df6d16949b293dd756abdcbaadda8bc58
5eadb4e3d0159cd2aef3d599d1418058b76c16b1ec128d357fe90679fe3b78c7
6ee3beb98bdd022f21a47aed20a9581e407810acc36bbb10e5614dc3a6c53298
7326dfdb6af366b254ec02068d53c0a781e9ed98487a9fb05dad9d15bfcd237b
7665da10ed48e0d5abf63a934dfeceb9a3dc7c90fec8e7e63c9eb247b999d7e7
7eaa1f6f233c41b4c32bcb79d37e77a815917ca8d393a9b65628fc1fd8a87ffc
84ebef090ee6a18e23d08d8775b5be026ec96c99cc84de358dc72f6b093ac59e
87c8eb0cb8c9de4c9c575796a4fce9c6148ce7581066525528f6ba6a39d95a08
8ac498c33fba0e0be977df8bb06207fd1bbd2892ddd33d0dfa5e48838e5a7e81
8fec5c40678f728a2e3c9bb0472e0005318afba7a5c191889dafb8a1a48d50cc
90a0a692795e552c341d7bd98cb76ce5fc5a9ace287a92ac44ce0e6fe93b034f
952f2e4cba9a135244f121cc76732ec7e6d2e0cc5eac0ac6cec68dfac3771803
964f7bb35c026e16a7ce5fa5d325b3ac468578e5c6872fb2740f9ac3d0c1730b
9aef6b4c208784d5ad9124fc18af5f3383d372dd3c2b4b8ada59055de7cd95b2
9d8bb7b77045c72920ec18ec9b361b431b577a3ad47fff0376cb701fe1e4a507
9d9f9c92b8b844179b9afcd27b0c237d22492bc5f79641ade02eb8c37a28ee20
aa38ee12fa7ae1d3f1d5048dc2c9d1f74ec56fcc3333ba5668690e7523efbeca
abe6c341a1a7d3678e52ea41abbd3c1dd739819dcc686ec6f568009ae2f67dbf
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b26e9d1dd9dffd00871f9994bf1248edb1fe4faafc99196c91fb5176000593e8
b4167006d8b8fd64ae3c764a7a1716857875e96aa846709adbd785ca0c9d60ea
c2623d2498c15609bc6c50add85550824328728fc2cbf9cd0517d41e2f485ca0
c7be05de5cd63024a7511491cc1b9e41a805d47a945fe80152b0b0692007e003
c93f128a74f91554ced9bc0e9bea8afc896a315028bfb2ea6b615d58fe3e0607
d49acc006f808fdbc287e3c71099e95b80b5caee274b314e351b5ad9b74cc1d8
d4bfe175a79d1a5ac0ffb60e879d653a9a995f6fc372ea7063896806c326b36e
d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367
dbb0a43a7e0ce59bd48cacbf629e93d674aaee0d8467b49c223f6780c5b884f6
dfb32282c4cafe2586dbdf56ecb3e72916d32850a9eec5ca47ec4b07c4c4f07c
e1df1ea5eb3649c271f9251dd0f522f71583f47396dbf6495bb6507ed06c84ed
ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e
edae7da94363ca1937514ed992de597515bfb6cf4c3e3147b73e7dedf7175946
f0cd479240a6d323c2bd347c4391f29ceffcd8d44f6c624e2511b637ab7e5191
f583910e1f6aadb95122357c08d69abd7b086abe03ef9d94ddf80d8479182a6e
f62d45f61a67d69edbed4fcda98712d07629dddaa5c2fedb7bb4bbcd4a6c875a
fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457

xg88palinghoki.icu Open in urlscan Pro 118.139.180.107 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

61 Requests

84 %HTTPS

0 %IPv6

9 Domains

10 Subdomains

11 IPs

3 Countries

1476 kBTransfer

1936 kBSize

3 Cookies

99 Outgoing links

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

xg88palinghoki.icu Open in urlscan Pro
118.139.180.107 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

84 %
HTTPS

0 %
IPv6

9
Domains

10
Subdomains

11
IPs

3
Countries

1476 kB
Transfer

1936 kB
Size

3
Cookies

61 HTTP transactions
10 data transactions