URL: https://balsamgames.fun/
Submission: On October 20 via api from BE — Scanned from NL

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 47 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is balsamgames.fun.
TLS certificate: Issued by WE1 on October 15th 2024. Valid for: 3 months.
This is the only time balsamgames.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 188.114.97.3 13335 (CLOUDFLAR...)
3 142.250.186.130 15169 (GOOGLE)
26 163.181.92.229 24429 (TAOBAO Zh...)
6 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 47.88.85.171 45102 (ALIBABA-C...)
1 188.114.96.3 13335 (CLOUDFLAR...)
47 6
Apex Domain
Subdomains
Transfer
26 relaxgamescdn.com
relaxgamescdn.com
451 KB
10 balsamgames.fun
balsamgames.fun
70 KB
6 dailyreadingnews.com
s.dailyreadingnews.com
311 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
181 KB
1 rookiegames.fun
game.rookiegames.fun
1 KB
1 stairsgame.com
api.stairsgame.com — Cisco Umbrella Rank: 881155
265 B
47 6
Domain Requested by
26 relaxgamescdn.com balsamgames.fun
10 balsamgames.fun balsamgames.fun
6 s.dailyreadingnews.com balsamgames.fun
3 securepubads.g.doubleclick.net balsamgames.fun
securepubads.g.doubleclick.net
1 game.rookiegames.fun balsamgames.fun
1 api.stairsgame.com balsamgames.fun
47 6

This site contains no links.

Subject Issuer Validity Valid
balsamgames.fun
WE1
2024-10-15 -
2025-01-13
3 months crt.sh
*.g.doubleclick.net
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
relaxgamescdn.com
Encryption Everywhere DV TLS CA - G2
2024-04-11 -
2025-04-10
a year crt.sh
ak.cdn-us.advlion.com
R10
2024-09-03 -
2024-12-02
3 months crt.sh
api.stairsgame.com
Encryption Everywhere DV TLS CA - G1
2023-08-03 -
2024-08-03
a year crt.sh
rookiegames.fun
WE1
2024-09-19 -
2024-12-18
3 months crt.sh

This page contains 1 frames:

Primary Page: https://balsamgames.fun/
Frame ID: 54C19EEC163B2B8A2580BC530E8FE54D
Requests: 47 HTTP requests in this frame

Screenshot

Page Title

Funny Game Joy

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

98 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

1014 kB
Transfer

1538 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
balsamgames.fun/
31 KB
10 KB
Document
General
Full URL
https://balsamgames.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c10553e17aea4baff30a11715624d2721c711294b85d5a46999ef623dd2c99c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
8d580dbd0ab09702-AMS
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Sun, 20 Oct 2024 09:41:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A37PLNxF9KDiojvLZwvxk%2BHytJ834qc%2BqzqRAjn79qvC5tze0LsoI8SF0t52e5LS%2B9gW5UF9RArQ6bqgJ4jXo%2FnlX3xqeSBWkNXYGTRI99N41CxvBW0UHefq8oQWGtrKP5Y%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=16539&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4213&recv_bytes=4533&delivery_rate=680&cwnd=12000&unsent_bytes=0&cid=6c6fd05231a453f9&ts=420&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
jquery-2.1.1.min.js
balsamgames.fun/static/template15/js/
155 KB
36 KB
Script
General
Full URL
https://balsamgames.fun/static/template15/js/jquery-2.1.1.min.js
Requested by
Host: balsamgames.fun
URL: https://balsamgames.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52a9a954bc1a5d2291d26abc90293ac86b9e97a8d85cb48f4935ca257ca6e453

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

server
cloudflare
cache-control
private, no-store, no-cache, must-revalidate, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
etag
W/"67077cc4-26b91"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mj%2FWVrKAvboKp4e2ZtmRwmlupHPCBEpq6U1EgkMrRUn1DPFY7%2BPXZgdQZlpHUu1gc%2BmgqMp3oOpWcSh%2FaadtRS7RyM0urdHKi13YazahwLCDSyqqKo%2FLAXOeg%2F10kdNGgNk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d580dbf2dee9702-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16168&sent=32&recv=24&lost=0&retrans=0&sent_bytes=19753&recv_bytes=6501&delivery_rate=5957&cwnd=12000&unsent_bytes=0&cid=6c6fd05231a453f9&ts=896&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 09:41:43 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 10 Oct 2024 07:05:40 GMT
vary
Accept-Encoding
priority
u=1,i=?0
util.js
balsamgames.fun/static/template15/js/
7 KB
3 KB
Script
General
Full URL
https://balsamgames.fun/static/template15/js/util.js
Requested by
Host: balsamgames.fun
URL: https://balsamgames.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a70010b404d0c42439e86dcf39d18d46e9bce5ec84ebb943769f75d7f3684a65

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

server
cloudflare
cache-control
private, no-store, no-cache, must-revalidate, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
etag
W/"67077cc4-1b26"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8LKr7s6zEATorf4ApDjrVASnL7KiCTt7v%2FKvTlwSnfNnlbFHqKsH9VqTqzANT0hAL2AQNRC4GXwnl4CL5g%2BL1wUGdNeOY8NKXqXzaOJVQRAcX9cwQvmtBjxrrUkbT7gUz4g%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d580dbf2df29702-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16520&sent=26&recv=20&lost=0&retrans=0&sent_bytes=15508&recv_bytes=6013&delivery_rate=610384&cwnd=12000&unsent_bytes=0&cid=6c6fd05231a453f9&ts=742&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 09:41:43 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 10 Oct 2024 07:05:40 GMT
vary
Accept-Encoding
priority
u=1,i=?0
reported.js
balsamgames.fun/static/general/
980 B
1 KB
Script
General
Full URL
https://balsamgames.fun/static/general/reported.js
Requested by
Host: balsamgames.fun
URL: https://balsamgames.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54c1f22720da8fabafb5725f58f090846aa1a34dcc1325442e9799fb34d189ad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

server
cloudflare
cache-control
private, no-store, no-cache, must-revalidate, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
etag
W/"67077cc4-3d4"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sx8kPjzN7NLADpel7cMR%2F%2F8thJX8J2qDJ9yvhP8wPhFoS0bPJBZf%2Brgl1xaxJgUTjkHi6cuicaDx44j%2ForSyZ3yiZVAeWuAQGojV4EiiReg2SYaJZSRMVjXfPGuhj7dOgDs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d580dbf2df39702-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16338&sent=29&recv=22&lost=0&retrans=0&sent_bytes=18463&recv_bytes=6099&delivery_rate=11959&cwnd=12000&unsent_bytes=0&cid=6c6fd05231a453f9&ts=758&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 09:41:43 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 10 Oct 2024 07:05:40 GMT
vary
Accept-Encoding
priority
u=1,i=?0
gpt.js
securepubads.g.doubleclick.net/tag/js/
105 KB
33 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: balsamgames.fun
URL: https://balsamgames.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
06045155ebe3a0a976a6edf9d08d55301041f024159f2eb995be022216a21d22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

content-encoding
br
etag
509 / 20016 / 31088109 / config-hash: 11692946538183363636
x-content-type-options
nosniff
expires
Sun, 20 Oct 2024 09:41:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sun, 20 Oct 2024 09:41:43 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33341
x-xss-protection
0
server
cafe
more_2.png
balsamgames.fun/static/template15/img/
490 B
1 KB
Image
General
Full URL
https://balsamgames.fun/static/template15/img/more_2.png
Requested by
Host: balsamgames.fun
URL: https://balsamgames.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
871a26e696b4878e8d4160dcfaf8ce199bb4d1f237af207f1cdb0b309b02ca88

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

server
cloudflare
cache-control
private, no-store, no-cache, must-revalidate, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
etag
W/"67077cc4-1ea"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gcY%2BTC4G9I%2Bf0mfbBCvF2CFlj9FwQgrzWO9Hg2u8gx%2BESQ0bUnETg%2BVjC0VJtWuup%2B8CSkrBoZJGrD7MEWiOqSLl4i6daR4%2FqejybCtzcyUmANNZSNxUh0suH%2B%2Flvo4dm%2F8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d580dbf2df69702-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16520&sent=24&recv=20&lost=0&retrans=0&sent_bytes=14257&recv_bytes=6013&delivery_rate=610384&cwnd=12000&unsent_bytes=0&cid=6c6fd05231a453f9&ts=742&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 09:41:43 GMT
content-type
image/png
last-modified
Thu, 10 Oct 2024 07:05:40 GMT
vary
Accept-Encoding
priority
u=2,i
10742.png
relaxgamescdn.com/app/t2/game/img/game9hub/small3/
26 KB
27 KB
Image
General
Full URL
https://relaxgamescdn.com/app/t2/game/img/game9hub/small3/10742.png
Requested by
Host: balsamgames.fun
URL: https://balsamgames.fun/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.229 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
58523800a89d89ff7117ff87c70dcb6974495e401630bbc4803dea1b6127b5b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

Content-MD5
eGTKiRDOsCoszG7dnG0xoA==
x-oss-storage-class
Standard
ETag
"7864CA8910CEB02A2CCC6EDD9C6D31A0"
Age
664364
x-oss-object-type
Normal
X-Cache
HIT TCP_MEM_HIT dirn:-2:-2
Date
Sat, 12 Oct 2024 17:08:59 GMT
x-oss-server-time
96
Content-Type
image/png
Last-Modified
Tue, 27 Aug 2024 11:25:47 GMT
X-Swift-CacheTime
2592000
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
13349901270894519631
Connection
keep-alive
Via
ens-cache14.l2de3[486,486,304-0,H], ens-cache14.l2de3[489,0], ens-cache5.de5[0,0,200-0,H], ens-cache10.de5[1,0]
Ali-Swift-Global-Savetime
1728752939
X-Swift-SaveTime
Sat, 12 Oct 2024 17:08:59 GMT
Accept-Ranges
bytes
EagleId
a3b55c9e17294173039717174e
Content-Length
26886
x-oss-request-id
670AAD2A9EAA1A393851FC02
Server
Tengine
play.svg
balsamgames.fun/static/general/
1 KB
1 KB
Image
General
Full URL
https://balsamgames.fun/static/general/play.svg
Requested by
Host: balsamgames.fun
URL: https://balsamgames.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b8cbc01f1655b17e3e22cf229781baf7b519d650cdb80ad4e171adb1613685c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

server
cloudflare
cache-control
private, no-store, no-cache, must-revalidate, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
BYPASS
etag
W/"67077cc4-4a0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ic75zWiUjjTNW2eLLBjRieDYPRSiI1eQg86xy%2F9Day6p1ruwwohHvJL3fySXcRt919jUj%2FUa9kncdlM2BmlBRdF0X2PAKrCdnYJyuIp7J51TAicXKnLqIll2oddAPBSkHlU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d580dc118629702-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16784&sent=65&recv=43&lost=0&retrans=0&sent_bytes=57801&recv_bytes=8241&delivery_rate=1479737&cwnd=26400&unsent_bytes=0&cid=6c6fd05231a453f9&ts=1072&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 09:41:43 GMT
content-type
image/svg+xml
last-modified
Thu, 10 Oct 2024 07:05:40 GMT
vary
Accept-Encoding
priority
u=2,i
10739.jpg
relaxgamescdn.com/app/t2/game/img/game9hub/small3/
24 KB
25 KB
Image
General
Full URL
https://relaxgamescdn.com/app/t2/game/img/game9hub/small3/10739.jpg
Requested by
Host: balsamgames.fun
URL: https://balsamgames.fun/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.229 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
f183146080901b251bd6b924636a4749e2f8a0cfcb483a80ee084c5f07dd44dd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

Content-MD5
i79AbpEl/tgrLZj6S2vTLw==
x-oss-storage-class
Standard
ETag
"8BBF406E9125FED82B2D98FA4B6BD32F"
Age
664364
x-oss-object-type
Normal
X-Cache
HIT TCP_MEM_HIT dirn:-2:-2
Date
Sat, 12 Oct 2024 17:08:59 GMT
x-oss-server-time
88
Content-Type
image/jpeg
Last-Modified
Tue, 27 Aug 2024 11:25:39 GMT
X-Swift-CacheTime
2487708
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
17711701023248978194
Connection
keep-alive
Via
ens-cache9.l2de3[0,0,200-0,H], ens-cache2.l2de3[1,0], ens-cache12.de5[0,0,200-0,H], ens-cache4.de5[2,0]
Ali-Swift-Global-Savetime
1728752939
X-Swift-SaveTime
Sun, 13 Oct 2024 22:07:11 GMT
Accept-Ranges
bytes
EagleId
a3b55c9817294173039667995e
Content-Length
24582
x-oss-request-id
670AAD2A9979C73836B741D4
Server
Tengine
10842.png
s.dailyreadingnews.com/app/t2/game/img/game9hub/small3/
24 KB
25 KB
Image
General
Full URL
https://s.dailyreadingnews.com/app/t2/game/img/game9hub/small3/10842.png
Requested by
Host: balsamgames.fun
URL: https://balsamgames.fun/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d3c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AliyunOSS /
Resource Hash
c945f0237a45393ae61863864911538b4f94c87d6d751b6281082f19ba8b091c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

Content-MD5
e7CIVRS+DENuvgmmsAj7rA==
x-oss-storage-class
Standard
ETag
"7BB0885514BE0C436EBE09A6B008FBAC"
x-oss-object-type
Normal
Alt-Svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Date
Sun, 20 Oct 2024 09:41:44 GMT
x-oss-server-time
18
Content-Type
image/png
Last-Modified
Tue, 27 Aug 2024 11:22:58 GMT
x-oss-hash-crc64ecma
3626113292358622939
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
24872
x-oss-request-id
671454989191FB3033FEACDC
Server
AliyunOSS
11158.jpg
s.dailyreadingnews.com/app/t2/game/img/game9hub/small3/
13 KB
13 KB
Image
General
Full URL
https://s.dailyreadingnews.com/app/t2/game/img/game9hub/small3/11158.jpg
Requested by
Host: balsamgames.fun
URL: https://balsamgames.fun/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d3c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AliyunOSS /
Resource Hash
d7d462c2900ebf8d1e6bfef6387d1d367c560febebc21fae3a0d5abff9d9ce90

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

Content-MD5
uGfQk7Jn8DAfV1o3tqM+/g==
x-oss-storage-class
Standard
ETag
"B867D093B267F0301F575A37B6A33EFE"
x-oss-object-type
Normal
Alt-Svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Date
Sun, 20 Oct 2024 09:41:44 GMT
x-oss-server-time
28
Content-Type
image/jpeg
Last-Modified
Tue, 27 Aug 2024 12:09:04 GMT
x-oss-hash-crc64ecma
4394788314293398675
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
13111
x-oss-request-id
670A83F5B6DE1D3436C3EB07
Server
AliyunOSS
to_top.3185312a.png
balsamgames.fun/static/template15/img/
4 KB
4 KB
Image
General
Full URL
https://balsamgames.fun/static/template15/img/to_top.3185312a.png
Requested by
Host: balsamgames.fun
URL: https://balsamgames.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18b2d1e4f1b4c0163721486d60819bc1f5e60b387471839431544f2e98bf88

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

server
cloudflare
cache-control
private, no-store, no-cache, must-revalidate, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
etag
W/"67077cc4-e08"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pQFNmllfkk1tu%2FJGZeZ9Bi5KS4V8cSoaUJSTzeNqRDaQdr%2BvVhtEdR3sP4FIljZ2GH5s8%2BneYRdVRsWyQxMF1siq1hrpnaolHtq3YdqE%2FOWvUFPNZpWiPqz19jKN8mFfz5Y%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d580dc26acf9702-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16614&sent=67&recv=44&lost=0&retrans=0&sent_bytes=59131&recv_bytes=8284&delivery_rate=11316&cwnd=26400&unsent_bytes=0&cid=6c6fd05231a453f9&ts=1263&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 09:41:43 GMT
content-type
image/png
last-modified
Thu, 10 Oct 2024 07:05:40 GMT
vary
Accept-Encoding
priority
u=3,i
search2.png
balsamgames.fun/static/template15/img/
2 KB
2 KB
Image
General
Full URL
https://balsamgames.fun/static/template15/img/search2.png
Requested by
Host: balsamgames.fun
URL: https://balsamgames.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23074cc2de46f5a20c074f40b082d4ad590de7c717336b3f2c4583b7750e6c27

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

server
cloudflare
cache-control
private, no-store, no-cache, must-revalidate, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
etag
W/"67077cc4-76b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K9JTXtdzmCiOE69uFmgKhVmlPbyV%2BkB2i1cVd%2B%2BEQL%2FhKukCnaoQFI7hFOL64mxt9YREUvloeX6jOPh%2BqG8ksd4YYpypE9RncWuz4iPsvHGBskbgMowNwDE3EVmdHLbe8eU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d580dc26ad19702-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16614&sent=78&recv=44&lost=0&retrans=0&sent_bytes=70866&recv_bytes=8284&delivery_rate=11316&cwnd=26400&unsent_bytes=0&cid=6c6fd05231a453f9&ts=1274&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 09:41:43 GMT
content-type
image/png
last-modified
Thu, 10 Oct 2024 07:05:40 GMT
vary
Accept-Encoding
priority
u=3,i
sa
api.stairsgame.com/api/v1/
26 B
265 B
XHR
General
Full URL
https://api.stairsgame.com/api/v1/sa?act=app&domain=balsamgames.fun
Requested by
Host: balsamgames.fun
URL: https://balsamgames.fun/static/template15/js/jquery-2.1.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.88.85.171 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
201df368b8d97e519c4b5a06aa451d728d689cdba91ebde36422a444e78a3b2c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*/*
Referer
https://balsamgames.fun/

Response headers

Transfer-Encoding
chunked
Access-Control-Allow-Origin
*
Date
Sun, 20 Oct 2024 09:41:44 GMT
Content-Type
application/json
Server
openresty/1.15.8.3
Connection
close
Access-Control-Allow-Headers
*
bj.png
balsamgames.fun/static/template30/
8 KB
7 KB
Image
General
Full URL
https://balsamgames.fun/static/template30/bj.png
Requested by
Host: balsamgames.fun
URL: https://balsamgames.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8a862baad5b19dd4c26d3765f026ce10db48bcd368e30cb33a32c62d7b1abef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

server
cloudflare
cache-control
private, no-store, no-cache, must-revalidate, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
etag
W/"67077cc4-1e90"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3NbJcovy8IP7paAXKmkucxHbpqwM5GPiavdrFduRRbn7WsHOQ6jDDhgx0OLDEDWkH87VE86BsZLpuwNJOcuMk1qjcFIkgW0S8K35ilVwZj3ypOabPWTE%2Fe4HC2Ks3pBlHME%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d580dc26ad29702-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16614&sent=71&recv=44&lost=0&retrans=0&sent_bytes=63531&recv_bytes=8284&delivery_rate=11316&cwnd=26400&unsent_bytes=0&cid=6c6fd05231a453f9&ts=1272&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 09:41:43 GMT
content-type
image/png
last-modified
Thu, 10 Oct 2024 07:05:40 GMT
vary
Accept-Encoding
priority
u=3,i
11146_1.webp
s.dailyreadingnews.com/app/t2/game/img/game9hub/small3/
59 KB
59 KB
Image
General
Full URL
https://s.dailyreadingnews.com/app/t2/game/img/game9hub/small3/11146_1.webp
Requested by
Host: balsamgames.fun
URL: https://balsamgames.fun/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d3c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AliyunOSS /
Resource Hash
05e695e9d067b73c076daa055053c9ad5247f86e30a5d11fe576fa37423ad1c4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

Content-MD5
V4GInxTv6ycdt3gTYCN9Jw==
x-oss-storage-class
Standard
ETag
"5781889F14EFEB271DB7781360237D27"
x-oss-object-type
Normal
Alt-Svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Date
Sun, 20 Oct 2024 09:41:44 GMT
x-oss-server-time
2
Content-Type
image/webp
Last-Modified
Tue, 27 Aug 2024 12:09:36 GMT
x-oss-hash-crc64ecma
3369058530515163535
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
60204
x-oss-request-id
670A83F5CB42C438396C443D
Server
AliyunOSS
11143_1.webp
s.dailyreadingnews.com/app/t2/game/img/game9hub/small3/
64 KB
65 KB
Image
General
Full URL
https://s.dailyreadingnews.com/app/t2/game/img/game9hub/small3/11143_1.webp
Requested by
Host: balsamgames.fun
URL: https://balsamgames.fun/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d3c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AliyunOSS /
Resource Hash
916ec7bb5618fac1e1f8e13dee2214f0e4f64f6cc59fd1d854c45d72c40cd832

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

Content-MD5
BU8ANr2Ht1Ftw5AD6g0aaA==
x-oss-storage-class
Standard
ETag
"054F0036BD87B7516DC39003EA0D1A68"
x-oss-object-type
Normal
Alt-Svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Date
Sun, 20 Oct 2024 09:41:44 GMT
x-oss-server-time
1
Content-Type
image/webp
Last-Modified
Tue, 27 Aug 2024 12:10:05 GMT
x-oss-hash-crc64ecma
8570719456834911718
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
65816
x-oss-request-id
670A83F79EAA1A3036D64286
Server
AliyunOSS
11307_1.webp
s.dailyreadingnews.com/app/t2/game/img/game9hub/small3/
54 KB
55 KB
Image
General
Full URL
https://s.dailyreadingnews.com/app/t2/game/img/game9hub/small3/11307_1.webp
Requested by
Host: balsamgames.fun
URL: https://balsamgames.fun/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d3c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AliyunOSS /
Resource Hash
2b3b7f52686a130742537b7968f6f2d3ebb1b9683aab76edfad7e65a9b3ca123

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

Content-MD5
TbJmQxpwAHUbVSQG/8x/aQ==
x-oss-storage-class
Standard
ETag
"4DB266431A7000751B552406FFCC7F69"
x-oss-object-type
Normal
Alt-Svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Date
Sun, 20 Oct 2024 09:41:44 GMT
x-oss-server-time
1
Content-Type
image/webp
Last-Modified
Tue, 27 Aug 2024 11:59:15 GMT
x-oss-hash-crc64ecma
3770226032957634789
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
55544
x-oss-request-id
670A83F6E2741F33357C8708
Server
AliyunOSS
11145_1.webp
s.dailyreadingnews.com/app/t2/game/img/game9hub/small3/
93 KB
93 KB
Image
General
Full URL
https://s.dailyreadingnews.com/app/t2/game/img/game9hub/small3/11145_1.webp
Requested by
Host: balsamgames.fun
URL: https://balsamgames.fun/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d3c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AliyunOSS /
Resource Hash
a30159b5222d9eadd8e19cd319cbac54e35462f0886b714298ca310bf7711ebb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

Content-MD5
wpPg0eG5I6vuwKuEF+vJAw==
x-oss-storage-class
Standard
ETag
"C293E0D1E1B923ABEEC0AB8417EBC903"
x-oss-object-type
Normal
Alt-Svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Date
Sun, 20 Oct 2024 09:41:44 GMT
x-oss-server-time
1
Content-Type
image/webp
Last-Modified
Tue, 27 Aug 2024 12:09:44 GMT
x-oss-hash-crc64ecma
17541414746092948160
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
94770
x-oss-request-id
670BBCEAD56104393881E17E
Server
AliyunOSS
game
game.rookiegames.fun/api/v8/
6 KB
1 KB
XHR
General
Full URL
https://game.rookiegames.fun/api/v8/game?domain=balsamgames.fun&chid=100&page=19
Requested by
Host: balsamgames.fun
URL: https://balsamgames.fun/static/template15/js/jquery-2.1.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cd3d1f5770e437a14347ea07932a09f9f33ccb924579c7e5108fb213bfb6988

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*/*
Referer
https://balsamgames.fun/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xL1Nm0NjcjzOgSvBCn9UU%2BpoADjgfJKD0pAkieejKdVeIMmdMk%2FLyjw3HDgBoltLOhY20Xz3RB6R4yGXvOlQzzg%2B1M%2FkWNoBoccsRH4tfnwZ1uUIPxQHM2avhn53o3bvnb%2BdnojxFg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d580dc2ea9296f8-AMS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16778&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4155&recv_bytes=4447&delivery_rate=643&cwnd=12000&unsent_bytes=0&cid=4314a8086b3deab9&ts=351&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 09:41:43 GMT
content-type
application/json
server
cloudflare
priority
u=1,i
access-control-allow-headers
*
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410150101/
478 KB
148 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410150101/pubads_impl.js?cb=31088109
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
592e81b6cea7d6e226497bfa57722b8ae306281cf092d243bc96f4688c1147c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

content-encoding
br
etag
8653127067744972146
age
85223
x-content-type-options
nosniff
expires
Sun, 19 Oct 2025 10:01:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 19 Oct 2024 10:01:20 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
151948
x-xss-protection
0
server
cafe
ppub_config
securepubads.g.doubleclick.net/pagead/
63 B
71 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=balsamgames.fun
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
b5d368fb07267f9865b0e45d78329e30f457d1a46f38d3c162832fd294bd33f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Sun, 20 Oct 2024 09:41:43 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
47
date
Sun, 20 Oct 2024 09:41:43 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
icon2.png
balsamgames.fun/static/template15/img/
4 KB
5 KB
Other
General
Full URL
https://balsamgames.fun/static/template15/img/icon2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2b7e663465f1883339dc7c03ff4e572033faf6c4efd52f367a3076351633de1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

server
cloudflare
cache-control
private, no-store, no-cache, must-revalidate, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
BYPASS
etag
W/"67077cc4-f9a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s9yIRENic6A3XHFVUuh83qVcdfnSBKicyRzYQxL9b0ILawXwd%2BnFS6r0ZiWQPhU%2BnpOGMXc4tkpL0l%2BW5wy5rYz3LLjUpcbzIRU19ozCLONi6rjYEBAgF4T7Hg7jd1RJhvM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d580dc80aaa9702-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16948&sent=81&recv=52&lost=0&retrans=0&sent_bytes=73273&recv_bytes=8949&delivery_rate=896679&cwnd=26400&unsent_bytes=0&cid=6c6fd05231a453f9&ts=2168&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 09:41:44 GMT
content-type
image/png
last-modified
Thu, 10 Oct 2024 07:05:40 GMT
vary
Accept-Encoding
priority
u=1,i
10823.jpg
relaxgamescdn.com/app/t2/game/img/game9hub/small3/
15 KB
16 KB
Image
General
Full URL
https://relaxgamescdn.com/app/t2/game/img/game9hub/small3/10823.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.229 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
8ea7e0353259a8c7a20ae7f49ad58f7c045da2b91e7fc60ec462f521fcf60026

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

Content-MD5
2J+75LFGeSBAXHRpxxI3ww==
x-oss-storage-class
Standard
ETag
"D89FBBE4B1467920405C7469C71237C3"
Age
1740973
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:11:758905532
Date
Mon, 30 Sep 2024 06:05:31 GMT
x-oss-server-time
63
Content-Type
image/jpeg
Last-Modified
Tue, 27 Aug 2024 11:23:11 GMT
X-Swift-CacheTime
1312596
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
1485335631947395389
Connection
keep-alive
Via
ens-cache5.l2de3[0,0,200-0,H], ens-cache1.l2de3[1,0], ens-cache5.de5[0,0,200-0,H], ens-cache4.de5[2,0]
Ali-Swift-Global-Savetime
1727676331
X-Swift-SaveTime
Tue, 15 Oct 2024 01:28:55 GMT
Accept-Ranges
bytes
EagleId
a3b55c9817294173045453151e
Content-Length
15170
x-oss-request-id
66FA3FAB90AF513132BF27C7
Server
Tengine
10822.png
relaxgamescdn.com/app/t2/game/img/game9hub/small3/
7 KB
8 KB
Image
General
Full URL
https://relaxgamescdn.com/app/t2/game/img/game9hub/small3/10822.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.229 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
c7a555237ed1b056eaf87a2b6b149e3e509ae9edbedb5b60d0ffd56c8ac07509

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

Content-MD5
zsFuLEtQRfBtHz/tilgvUQ==
x-oss-storage-class
Standard
ETag
"CEC16E2C4B5045F06D1F3FED8A582F51"
Age
539098
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:12:373263084
Date
Mon, 14 Oct 2024 03:56:45 GMT
x-oss-server-time
13
Content-Type
image/png
Last-Modified
Tue, 27 Aug 2024 11:23:10 GMT
X-Swift-CacheTime
2070534
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
6992482707753737337
Connection
keep-alive
Via
ens-cache17.l2de3[0,0,200-0,H], ens-cache18.l2de3[1,0], ens-cache10.de5[0,0,200-0,H], ens-cache10.de5[2,0]
Ali-Swift-Global-Savetime
1728878206
X-Swift-SaveTime
Sun, 20 Oct 2024 04:47:52 GMT
Accept-Ranges
bytes
EagleId
a3b55c9e17294173045522264e
Content-Length
7639
x-oss-request-id
670C967D9EAA1A3739942899
Server
Tengine
10821.jpg
relaxgamescdn.com/app/t2/game/img/game9hub/small3/
19 KB
19 KB
Image
General
Full URL
https://relaxgamescdn.com/app/t2/game/img/game9hub/small3/10821.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.229 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
2de5bf4ca944e6afa3e53c22c5301d9a8a686df91054328fd0a8148e67d333e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

Content-MD5
uoTT67n9o+32tMioxkc7ew==
x-oss-storage-class
Standard
ETag
"BA84D3EBB9FDA3EDF6B4C8A8C6473B7B"
Age
1740974
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:12:789472931
Date
Mon, 30 Sep 2024 06:05:30 GMT
x-oss-server-time
129
Content-Type
image/jpeg
Last-Modified
Tue, 27 Aug 2024 11:23:09 GMT
X-Swift-CacheTime
1312595
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
5729342979671817336
Connection
keep-alive
Via
ens-cache1.l2de3[0,0,200-0,H], ens-cache14.l2de3[1,0], ens-cache5.de5[0,0,200-0,H], ens-cache4.de5[1,0]
Ali-Swift-Global-Savetime
1727676330
X-Swift-SaveTime
Tue, 15 Oct 2024 01:28:55 GMT
Accept-Ranges
bytes
EagleId
a3b55c9817294173045763349e
Content-Length
19075
x-oss-request-id
66FA3FA9342C483931F1B604
Server
Tengine
10820.jpg
relaxgamescdn.com/app/t2/game/img/game9hub/small3/
17 KB
17 KB
Image
General
Full URL
https://relaxgamescdn.com/app/t2/game/img/game9hub/small3/10820.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.229 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
259b80ab4e64ed40cb05c75a8ac556d3d06859165a298f70c16247ee370ffe45

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

Content-MD5
oEjSgUlRLgx5SuDEpQUvZQ==
x-oss-storage-class
Standard
ETag
"A048D28149512E0C794AE0C4A5052F65"
Age
1740974
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:11:573960340
Date
Mon, 30 Sep 2024 06:05:30 GMT
x-oss-server-time
119
Content-Type
image/jpeg
Last-Modified
Tue, 27 Aug 2024 11:23:11 GMT
X-Swift-CacheTime
868658
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
6593779466393357529
Connection
keep-alive
Via
ens-cache12.l2de3[0,0,200-0,H], ens-cache4.l2de3[1,0], ens-cache13.de5[0,11,200-0,H], ens-cache10.de5[55,0]
Ali-Swift-Global-Savetime
1727676330
X-Swift-SaveTime
Sun, 20 Oct 2024 04:47:52 GMT
Accept-Ranges
bytes
EagleId
a3b55c9e17294173045802416e
Content-Length
16998
x-oss-request-id
66FA3FAACB42C43133A91F66
Server
Tengine
10819.jpg
relaxgamescdn.com/app/t2/game/img/game9hub/small3/
17 KB
17 KB
Image
General
Full URL
https://relaxgamescdn.com/app/t2/game/img/game9hub/small3/10819.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.229 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
7ac771730442ba364d3cd3af4f94195521a44cce68e32794c2464db272f4b8e2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

Content-MD5
EuGrqs8pu8D8lBSLo57R/Q==
x-oss-storage-class
Standard
ETag
"12E1ABAACF29BBC0FC94148BA39ED1FD"
Age
1740974
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:11:497750061
Date
Mon, 30 Sep 2024 06:05:30 GMT
x-oss-server-time
389
Content-Type
image/jpeg
Last-Modified
Tue, 27 Aug 2024 11:23:11 GMT
X-Swift-CacheTime
868658
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
17502851180862183922
Connection
keep-alive
Via
ens-cache16.l2de3[0,0,200-0,H], ens-cache15.l2de3[1,0], ens-cache11.de5[0,0,200-0,H], ens-cache7.de5[6,0]
Ali-Swift-Global-Savetime
1727676330
X-Swift-SaveTime
Sun, 20 Oct 2024 04:47:52 GMT
Accept-Ranges
bytes
EagleId
a3b55c9b17294173045871736e
Content-Length
17065
x-oss-request-id
66FA3FAA91795F37383E35F4
Server
Tengine
10818.png
relaxgamescdn.com/app/t2/game/img/game9hub/small3/
15 KB
16 KB
Image
General
Full URL
https://relaxgamescdn.com/app/t2/game/img/game9hub/small3/10818.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.229 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
5a69bc69149ba79997cc39226645fc50799b48495c791601668a1f6664d8fea4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

Content-MD5
8f6yxHAqe6QbWR21z2ubyQ==
x-oss-storage-class
Standard
ETag
"F1FEB2C4702A7BA41B591DB5CF6B9BC9"
Age
1740974
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:11:573960265
Date
Mon, 30 Sep 2024 06:05:30 GMT
x-oss-server-time
56
Content-Type
image/png
Last-Modified
Tue, 27 Aug 2024 11:23:12 GMT
X-Swift-CacheTime
868658
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
7882067427506890501
Connection
keep-alive
Via
ens-cache4.l2de3[0,0,200-0,H], ens-cache12.l2de3[1,0], ens-cache13.de5[0,1,200-0,H], ens-cache13.de5[139,0]
Ali-Swift-Global-Savetime
1727676330
X-Swift-SaveTime
Sun, 20 Oct 2024 04:47:52 GMT
Accept-Ranges
bytes
EagleId
a3b55ca117294173045921841e
Content-Length
15364
x-oss-request-id
66FA3FA99EAA1A3335CB0DB0
Server
Tengine
10817.jpg
relaxgamescdn.com/app/t2/game/img/game9hub/small3/
11 KB
12 KB
Image
General
Full URL
https://relaxgamescdn.com/app/t2/game/img/game9hub/small3/10817.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.229 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
565a0ae3eb00724ae2b213f4a15b5bfae32e417a49a628227932e9d3e025c8b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

Content-MD5
GfR483Cf9F+XWCxerTtoCg==
x-oss-storage-class
Standard
ETag
"19F478F3709FF45F97582C5EAD3B680A"
Age
539098
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:11:675930515
Date
Mon, 14 Oct 2024 03:56:46 GMT
x-oss-server-time
28
Content-Type
image/jpeg
Last-Modified
Tue, 27 Aug 2024 11:23:13 GMT
X-Swift-CacheTime
2546149
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
4174914522510125577
Connection
keep-alive
Via
ens-cache1.l2de3[0,0,200-0,H], ens-cache1.l2de3[1,0], ens-cache13.de5[0,0,200-0,H], ens-cache8.de5[34,0]
Ali-Swift-Global-Savetime
1728878206
X-Swift-SaveTime
Mon, 14 Oct 2024 16:40:57 GMT
Accept-Ranges
bytes
EagleId
a3b55c9c17294173045898609e
Content-Length
11458
x-oss-request-id
670C967E90AF513730254DA2
Server
Tengine
10816.jpg
relaxgamescdn.com/app/t2/game/img/game9hub/small3/
18 KB
19 KB
Image
General
Full URL
https://relaxgamescdn.com/app/t2/game/img/game9hub/small3/10816.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.229 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
659128ef9f4f5c40d00761f01fdbf9ca31744e2d09a37a0200556220de7ba9d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

Content-MD5
8zMm4tDYh0mHZQxZb/hTmQ==
x-oss-storage-class
Standard
ETag
"F33326E2D0D8874987650C596FF85399"
Age
1740974
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:11:497750055
Date
Mon, 30 Sep 2024 06:05:30 GMT
x-oss-server-time
87
Content-Type
image/jpeg
Last-Modified
Tue, 27 Aug 2024 11:23:12 GMT
X-Swift-CacheTime
868658
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
16794747595521206765
Connection
keep-alive
Via
ens-cache2.l2de3[0,0,200-0,H], ens-cache10.l2de3[1,0], ens-cache11.de5[0,0,200-0,H], ens-cache11.de5[6,0]
Ali-Swift-Global-Savetime
1727676330
X-Swift-SaveTime
Sun, 20 Oct 2024 04:47:52 GMT
Accept-Ranges
bytes
EagleId
a3b55c9f17294173045937124e
Content-Length
18189
x-oss-request-id
66FA3FAAC3F2453130536086
Server
Tengine
10815.jpg
relaxgamescdn.com/app/t2/game/img/game9hub/small3/
17 KB
18 KB
Image
General
Full URL
https://relaxgamescdn.com/app/t2/game/img/game9hub/small3/10815.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.229 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
64747ea91bca99f338281893be79b2b52260a558369929df4e9126ebbf1ba877

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

Content-MD5
bUrpjogX+6Tz332qrydgng==
x-oss-storage-class
Standard
ETag
"6D4AE98E8817FBA4F3DF7DAAAF27609E"
Age
1740974
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:12:373262991
Date
Mon, 30 Sep 2024 06:05:30 GMT
x-oss-server-time
49
Content-Type
image/jpeg
Last-Modified
Tue, 27 Aug 2024 11:23:13 GMT
X-Swift-CacheTime
868658
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
978631636365532644
Connection
keep-alive
Via
ens-cache11.l2de3[0,0,200-0,H], ens-cache9.l2de3[1,0], ens-cache10.de5[0,0,200-0,H], ens-cache4.de5[4,0]
Ali-Swift-Global-Savetime
1727676330
X-Swift-SaveTime
Sun, 20 Oct 2024 04:47:52 GMT
Accept-Ranges
bytes
EagleId
a3b55c9817294173046043515e
Content-Length
17863
x-oss-request-id
66FA3FAAE901193431A3574F
Server
Tengine
10814.jpg
relaxgamescdn.com/app/t2/game/img/game9hub/small3/
14 KB
15 KB
Image
General
Full URL
https://relaxgamescdn.com/app/t2/game/img/game9hub/small3/10814.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.229 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
5140db25afd93c3a3fcc2e9878309bd55399045069f25d6d698337afbef81d01

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

Content-MD5
KwIF6pmcfmtHNDf1nyOcbQ==
x-oss-storage-class
Standard
ETag
"2B0205EA999C7E6B473437F59F239C6D"
Age
1740974
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:12:862013447
Date
Mon, 30 Sep 2024 06:05:30 GMT
x-oss-server-time
70
Content-Type
image/jpeg
Last-Modified
Tue, 27 Aug 2024 11:23:14 GMT
X-Swift-CacheTime
868658
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
10303776878696963147
Connection
keep-alive
Via
ens-cache5.l2de3[0,0,200-0,H], ens-cache18.l2de3[1,0], ens-cache3.de5[0,2,200-0,H], ens-cache7.de5[4,0]
Ali-Swift-Global-Savetime
1727676330
X-Swift-SaveTime
Sun, 20 Oct 2024 04:47:52 GMT
Accept-Ranges
bytes
EagleId
a3b55c9b17294173046271946e
Content-Length
14778
x-oss-request-id
66FA3FAA2CAF363835648E3D
Server
Tengine
10813.jpg
relaxgamescdn.com/app/t2/game/img/game9hub/small3/
15 KB
15 KB
Image
General
Full URL
https://relaxgamescdn.com/app/t2/game/img/game9hub/small3/10813.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.229 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
e1db9e599dbf1f8d852128cce1958062ccdcde45dea9915da378550fae35f992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

Content-MD5
eEobK90LRkoAy7f6m3iz1g==
x-oss-storage-class
Standard
ETag
"784A1B2BDD0B464A00CBB7FA9B78B3D6"
Age
1740971
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:11:376355020
Date
Mon, 30 Sep 2024 06:05:33 GMT
x-oss-server-time
109
Content-Type
image/jpeg
Last-Modified
Tue, 27 Aug 2024 11:23:16 GMT
X-Swift-CacheTime
1312597
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
11413302371805766943
Connection
keep-alive
Via
ens-cache17.l2de3[0,0,200-0,H], ens-cache6.l2de3[1,0], ens-cache6.de5[0,3,200-0,H], ens-cache4.de5[5,0]
Ali-Swift-Global-Savetime
1727676333
X-Swift-SaveTime
Tue, 15 Oct 2024 01:28:56 GMT
Accept-Ranges
bytes
EagleId
a3b55c9817294173046333634e
Content-Length
14908
x-oss-request-id
66FA3FAD91795F32372649F4
Server
Tengine
10812.jpg
relaxgamescdn.com/app/t2/game/img/game9hub/small3/
15 KB
16 KB
Image
General
Full URL
https://relaxgamescdn.com/app/t2/game/img/game9hub/small3/10812.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.229 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
e1de5e57d1d00a073208fccf9ce093d94eed60c516b88d0acc557d76818b8d27

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

Content-MD5
nOdtSWxRh+8xEZB9kD40jw==
x-oss-storage-class
Standard
ETag
"9CE76D496C5187EF3111907D903E348F"
Age
1740971
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:12:764246511
Date
Mon, 30 Sep 2024 06:05:33 GMT
x-oss-server-time
91
Content-Type
image/jpeg
Last-Modified
Tue, 27 Aug 2024 11:23:15 GMT
X-Swift-CacheTime
868661
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
9274505519145884436
Connection
keep-alive
Via
ens-cache7.l2de3[0,0,200-0,H], ens-cache7.l2de3[1,0], ens-cache11.de5[0,0,200-0,H], ens-cache11.de5[3,0]
Ali-Swift-Global-Savetime
1727676333
X-Swift-SaveTime
Sun, 20 Oct 2024 04:47:52 GMT
Accept-Ranges
bytes
EagleId
a3b55c9f17294173046367377e
Content-Length
15437
x-oss-request-id
66FA3FADB6DE1D323648FE1C
Server
Tengine
10811.jpg
relaxgamescdn.com/app/t2/game/img/game9hub/small3/
16 KB
17 KB
Image
General
Full URL
https://relaxgamescdn.com/app/t2/game/img/game9hub/small3/10811.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.229 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
7da6c6451df66012e898209a84777e9ef9903caca01499d8bead3265801ec407

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

Content-MD5
KY9ANqtJ010sI7FvIx5c3Q==
x-oss-storage-class
Standard
ETag
"298F4036AB49D35D2C23B16F231E5CDD"
Age
1740973
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:12:764246506
Date
Mon, 30 Sep 2024 06:05:31 GMT
x-oss-server-time
86
Content-Type
image/jpeg
Last-Modified
Tue, 27 Aug 2024 11:23:13 GMT
X-Swift-CacheTime
868659
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
6987437342535587764
Connection
keep-alive
Via
ens-cache18.l2de3[0,0,200-0,H], ens-cache2.l2de3[1,0], ens-cache11.de5[0,0,200-0,H], ens-cache10.de5[2,0]
Ali-Swift-Global-Savetime
1727676331
X-Swift-SaveTime
Sun, 20 Oct 2024 04:47:52 GMT
Accept-Ranges
bytes
EagleId
a3b55c9e17294173046632884e
Content-Length
16436
x-oss-request-id
66FA3FAB342C4833325ABE04
Server
Tengine
10810.jpg
relaxgamescdn.com/app/t2/game/img/game9hub/small3/
16 KB
16 KB
Image
General
Full URL
https://relaxgamescdn.com/app/t2/game/img/game9hub/small3/10810.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.229 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
139443c9d22cdb9a852adf083181e565bfe1bc002dbe1c053a6ab53dd4ebac67

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

Content-MD5
6yU1dzCFD7pwG85AvZ6eYw==
x-oss-storage-class
Standard
ETag
"EB25357730850FBA701BCE40BD9E9E63"
Age
1740973
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:11:751776989
Date
Mon, 30 Sep 2024 06:05:31 GMT
x-oss-server-time
94
Content-Type
image/jpeg
Last-Modified
Tue, 27 Aug 2024 11:23:16 GMT
X-Swift-CacheTime
868659
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
3345740054914800031
Connection
keep-alive
Via
ens-cache3.l2de3[0,7,200-0,H], ens-cache12.l2de3[8,0], ens-cache12.de5[0,0,200-0,H], ens-cache8.de5[4,0]
Ali-Swift-Global-Savetime
1727676331
X-Swift-SaveTime
Sun, 20 Oct 2024 04:47:52 GMT
Accept-Ranges
bytes
EagleId
a3b55c9c17294173046568988e
Content-Length
16043
x-oss-request-id
66FA3FABC3F24533321B6786
Server
Tengine
10809.png
relaxgamescdn.com/app/t2/game/img/game9hub/small3/
15 KB
16 KB
Image
General
Full URL
https://relaxgamescdn.com/app/t2/game/img/game9hub/small3/10809.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.229 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
65ae907fed4f5d45e1930f4d35efde1d9fea725d900482189722938b2c2e104a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

Content-MD5
i5pd9A9Rqy4/EmjY4yPlpg==
x-oss-storage-class
Standard
ETag
"8B9A5DF40F51AB2E3F1268D8E323E5A6"
Age
1740973
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:11:401185062
Date
Mon, 30 Sep 2024 06:05:31 GMT
x-oss-server-time
116
Content-Type
image/png
Last-Modified
Tue, 27 Aug 2024 11:23:14 GMT
X-Swift-CacheTime
868659
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
7080715688660765122
Connection
keep-alive
Via
ens-cache10.l2de3[0,0,200-0,H], ens-cache14.l2de3[2,0], ens-cache1.de5[0,0,200-0,H], ens-cache7.de5[1,0]
Ali-Swift-Global-Savetime
1727676331
X-Swift-SaveTime
Sun, 20 Oct 2024 04:47:52 GMT
Accept-Ranges
bytes
EagleId
a3b55c9b17294173046592117e
Content-Length
15220
x-oss-request-id
66FA3FAB9979C73232538E77
Server
Tengine
10808.jpg
relaxgamescdn.com/app/t2/game/img/game9hub/small3/
14 KB
15 KB
Image
General
Full URL
https://relaxgamescdn.com/app/t2/game/img/game9hub/small3/10808.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.229 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
ef0f0cdee845f8a54609d899b279cd524ee8fafd5621241e43aee9f4c9acd284

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

Content-MD5
PpudGXMC/aR4OXClEyhmMA==
x-oss-storage-class
Standard
ETag
"3E9B9D197302FDA4783970A513286630"
Age
1740970
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:11:497753610
Date
Mon, 30 Sep 2024 06:05:33 GMT
x-oss-server-time
100
Content-Type
image/jpeg
Last-Modified
Tue, 27 Aug 2024 11:23:20 GMT
X-Swift-CacheTime
868662
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
8417149967745113095
Connection
keep-alive
Via
ens-cache5.l2de3[0,0,200-0,H], ens-cache2.l2de3[1,0], ens-cache11.de5[0,0,200-0,H], ens-cache4.de5[7,0]
Ali-Swift-Global-Savetime
1727676334
X-Swift-SaveTime
Sun, 20 Oct 2024 04:47:52 GMT
Accept-Ranges
bytes
EagleId
a3b55c9817294173046643793e
Content-Length
14647
x-oss-request-id
66FA3FAD2CAF363639FAA13D
Server
Tengine
10807.jpg
relaxgamescdn.com/app/t2/game/img/game9hub/small3/
13 KB
14 KB
Image
General
Full URL
https://relaxgamescdn.com/app/t2/game/img/game9hub/small3/10807.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.229 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
8a52a2fb51a813a676579bb911515b48a3cfc04a541c7c5ec2e26d1ed5490a51

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

Content-MD5
Ni0anBRFbF2LSfE8ZCGgJg==
x-oss-storage-class
Standard
ETag
"362D1A9C14456C5D8B49F13C6421A026"
Age
539097
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:12:862016282
Date
Mon, 14 Oct 2024 03:56:47 GMT
x-oss-server-time
27
Content-Type
image/jpeg
Last-Modified
Tue, 27 Aug 2024 11:23:19 GMT
X-Swift-CacheTime
2070535
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
3096011536205392332
Connection
keep-alive
Via
ens-cache3.l2de3[0,0,200-0,H], ens-cache2.l2de3[2,0], ens-cache3.de5[0,1,200-0,H], ens-cache11.de5[6,0]
Ali-Swift-Global-Savetime
1728878207
X-Swift-SaveTime
Sun, 20 Oct 2024 04:47:52 GMT
Accept-Ranges
bytes
EagleId
a3b55c9f17294173046677533e
Content-Length
13109
x-oss-request-id
670C967F76EC4B3731531D6C
Server
Tengine
10806.jpg
relaxgamescdn.com/app/t2/game/img/game9hub/small3/
15 KB
16 KB
Image
General
Full URL
https://relaxgamescdn.com/app/t2/game/img/game9hub/small3/10806.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.229 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
22f6c15050870b9a5fe25d434ada68218790b2e5cedfd90fae0e270a4d19bed9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

Content-MD5
7t0uXjwyk2CjyxF2p5A2Iw==
x-oss-storage-class
Standard
ETag
"EEDD2E5E3C329360A3CB1176A7903623"
Age
1740972
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:11:573963643
Date
Mon, 30 Sep 2024 06:05:32 GMT
x-oss-server-time
98
Content-Type
image/jpeg
Last-Modified
Tue, 27 Aug 2024 11:23:17 GMT
X-Swift-CacheTime
868660
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
18243217926193195319
Connection
keep-alive
Via
ens-cache18.l2de3[0,0,200-0,H], ens-cache16.l2de3[2,0], ens-cache13.de5[0,1,200-0,H], ens-cache10.de5[15,0]
Ali-Swift-Global-Savetime
1727676332
X-Swift-SaveTime
Sun, 20 Oct 2024 04:47:52 GMT
Accept-Ranges
bytes
EagleId
a3b55c9e17294173046923050e
Content-Length
15539
x-oss-request-id
66FA3FAC342C48333237C404
Server
Tengine
10805.jpg
relaxgamescdn.com/app/t2/game/img/game9hub/small3/
17 KB
17 KB
Image
General
Full URL
https://relaxgamescdn.com/app/t2/game/img/game9hub/small3/10805.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.229 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
9587b49ec921aac7dc8adb7f380abba874efcf8d3a7c507585a1201886962295

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

Content-MD5
jlzZAA7tAJWa752GXU7clQ==
x-oss-storage-class
Standard
ETag
"8E5CD9000EED00959AEF9D865D4EDC95"
Age
1740972
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:12:618259745
Date
Mon, 30 Sep 2024 06:05:32 GMT
x-oss-server-time
77
Content-Type
image/jpeg
Last-Modified
Tue, 27 Aug 2024 11:23:18 GMT
X-Swift-CacheTime
868660
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
8885335601003171525
Connection
keep-alive
Via
ens-cache6.l2de3[0,0,200-0,H], ens-cache3.l2de3[1,0], ens-cache6.de5[0,0,200-0,H], ens-cache7.de5[1,0]
Ali-Swift-Global-Savetime
1727676332
X-Swift-SaveTime
Sun, 20 Oct 2024 04:47:52 GMT
Accept-Ranges
bytes
EagleId
a3b55c9b17294173046872253e
Content-Length
17107
x-oss-request-id
66FA3FACE2741F343972E126
Server
Tengine
10804.jpg
relaxgamescdn.com/app/t2/game/img/game9hub/small3/
20 KB
21 KB
Image
General
Full URL
https://relaxgamescdn.com/app/t2/game/img/game9hub/small3/10804.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.229 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
dffd4760cb5e3959761d757811ba2afe436c990facc665412d944eb96fbceac9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

Content-MD5
iuvKC8efB1EoZhaKWXj1Tw==
x-oss-storage-class
Standard
ETag
"8AEBCA0BC79F07512866168A5978F54F"
Age
1740972
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:11:327922961
Date
Mon, 30 Sep 2024 06:05:32 GMT
x-oss-server-time
48
Content-Type
image/jpeg
Last-Modified
Tue, 27 Aug 2024 11:23:19 GMT
X-Swift-CacheTime
1312596
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
1422923493537326573
Connection
keep-alive
Via
ens-cache6.l2de3[0,0,200-0,H], ens-cache6.l2de3[1,0], ens-cache6.de5[0,4,200-0,H], ens-cache8.de5[2,0]
Ali-Swift-Global-Savetime
1727676332
X-Swift-SaveTime
Tue, 15 Oct 2024 01:28:56 GMT
Accept-Ranges
bytes
EagleId
a3b55c9c17294173046871150e
Content-Length
20369
x-oss-request-id
66FA3FACC3F2453332C46D86
Server
Tengine
10803.png
relaxgamescdn.com/app/t2/game/img/game9hub/small3/
21 KB
22 KB
Image
General
Full URL
https://relaxgamescdn.com/app/t2/game/img/game9hub/small3/10803.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.229 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
56eed42688868b91629802e3093a6d8f8313e40f504c1db8aafdf258edec8009

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

Content-MD5
pbVsNn8iL0sui+cniYPW/w==
x-oss-storage-class
Standard
ETag
"A5B56C367F222F4B2E8BE7278983D6FF"
Age
1740972
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:12:373265948
Date
Mon, 30 Sep 2024 06:05:32 GMT
x-oss-server-time
47
Content-Type
image/png
Last-Modified
Tue, 27 Aug 2024 11:23:22 GMT
X-Swift-CacheTime
868660
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
7257554513869793718
Connection
keep-alive
Via
ens-cache8.l2de3[0,0,200-0,H], ens-cache14.l2de3[1,0], ens-cache10.de5[0,0,200-0,H], ens-cache4.de5[2,0]
Ali-Swift-Global-Savetime
1727676332
X-Swift-SaveTime
Sun, 20 Oct 2024 04:47:52 GMT
Accept-Ranges
bytes
EagleId
a3b55c9817294173046983954e
Content-Length
21909
x-oss-request-id
66FA3FACE2741F3339E5E026
Server
Tengine
10802.jpg
relaxgamescdn.com/app/t2/game/img/game9hub/small3/
20 KB
21 KB
Image
General
Full URL
https://relaxgamescdn.com/app/t2/game/img/game9hub/small3/10802.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.229 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
8112ac4698641dfa9a37ba601ab8323c9b807252e524b2f5e5d3aa24670d26d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

Content-MD5
5D9p9yI0bap+YbZYNjiQTg==
x-oss-storage-class
Standard
ETag
"E43F69F722346DAA7E61B6583638904E"
Age
1740971
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:11:427354956
Date
Mon, 30 Sep 2024 06:05:33 GMT
x-oss-server-time
106
Content-Type
image/jpeg
Last-Modified
Tue, 27 Aug 2024 11:23:26 GMT
X-Swift-CacheTime
868661
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
14517113802615084467
Connection
keep-alive
Via
ens-cache15.l2de3[0,0,200-0,H], ens-cache18.l2de3[1,0], ens-cache10.de5[0,0,200-0,H], ens-cache11.de5[2,0]
Ali-Swift-Global-Savetime
1727676333
X-Swift-SaveTime
Sun, 20 Oct 2024 04:47:52 GMT
Accept-Ranges
bytes
EagleId
a3b55c9f17294173046987702e
Content-Length
20467
x-oss-request-id
66FA3FADCB42C438398C3266
Server
Tengine
10801.png
relaxgamescdn.com/app/t2/game/img/game9hub/small3/
15 KB
16 KB
Image
General
Full URL
https://relaxgamescdn.com/app/t2/game/img/game9hub/small3/10801.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.229 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
1a066a782212df63b1b23a6351e68dc08958c93bcd071480129d72167e66ffb5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

Content-MD5
PRCvvz9dhfhyAlxshu5mqQ==
x-oss-storage-class
Standard
ETag
"3D10AFBF3F5D85F872025C6C86EE66A9"
Age
1740971
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:11:105103370
Date
Mon, 30 Sep 2024 06:05:33 GMT
x-oss-server-time
25
Content-Type
image/png
Last-Modified
Tue, 27 Aug 2024 11:23:21 GMT
X-Swift-CacheTime
868661
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
345558406186902280
Connection
keep-alive
Via
ens-cache4.l2de3[0,48,200-0,H], ens-cache8.l2de3[49,0], ens-cache3.de5[0,0,200-0,H], ens-cache7.de5[1,0]
Ali-Swift-Global-Savetime
1727676333
X-Swift-SaveTime
Sun, 20 Oct 2024 04:47:52 GMT
Accept-Ranges
bytes
EagleId
a3b55c9b17294173047152403e
Content-Length
15437
x-oss-request-id
66FA3FAD76EC4B38301A9574
Server
Tengine
10800.jpg
relaxgamescdn.com/app/t2/game/img/game9hub/small3/
19 KB
19 KB
Image
General
Full URL
https://relaxgamescdn.com/app/t2/game/img/game9hub/small3/10800.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.229 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
cece7454f836ecc803472bb24c9f0dcbaa3840970f573c281addf1082eef9fa7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://balsamgames.fun/

Response headers

Content-MD5
TlD8x7t//YC6NJvmrGmwbQ==
x-oss-storage-class
Standard
ETag
"4E50FCC7BB7FFD80BA349BE6AC69B06D"
Age
1740971
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:12:525312156
Date
Mon, 30 Sep 2024 06:05:33 GMT
x-oss-server-time
47
Content-Type
image/jpeg
Last-Modified
Tue, 27 Aug 2024 11:23:24 GMT
X-Swift-CacheTime
868661
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
8431720899684185650
Connection
keep-alive
Via
ens-cache10.l2de3[0,0,200-0,H], ens-cache3.l2de3[3,0], ens-cache7.de5[0,0,200-0,H], ens-cache8.de5[2,0]
Ali-Swift-Global-Savetime
1727676333
X-Swift-SaveTime
Sun, 20 Oct 2024 04:47:52 GMT
Accept-Ranges
bytes
EagleId
a3b55c9c17294173047151308e
Content-Length
18947
x-oss-request-id
66FA3FAD9979C733346C9877
Server
Tengine

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| lazyload object| IframeOnClick object| sessionStore boolean| popIsShow function| getQueryString function| getGameList function| renderNav function| selectFrom function| reported function| getQuery function| defineGameManualInterstitialSlot function| resumeGame function| printStatus object| googletag function| openPopUp function| closePopUp object| js_game_confg object| gameCfg string| title string| httpUrl string| hostUrl string| channel_id string| host function| showAd function| clickIntercept string| is_rookie object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_reactive_ads_global_state

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.stairsgame.com
balsamgames.fun
game.rookiegames.fun
relaxgamescdn.com
s.dailyreadingnews.com
securepubads.g.doubleclick.net
142.250.186.130
163.181.92.229
188.114.96.3
188.114.97.3
2a02:26f0:3500:3::b818:4d3c
47.88.85.171
05e695e9d067b73c076daa055053c9ad5247f86e30a5d11fe576fa37423ad1c4
06045155ebe3a0a976a6edf9d08d55301041f024159f2eb995be022216a21d22
139443c9d22cdb9a852adf083181e565bfe1bc002dbe1c053a6ab53dd4ebac67
1a066a782212df63b1b23a6351e68dc08958c93bcd071480129d72167e66ffb5
201df368b8d97e519c4b5a06aa451d728d689cdba91ebde36422a444e78a3b2c
22f6c15050870b9a5fe25d434ada68218790b2e5cedfd90fae0e270a4d19bed9
23074cc2de46f5a20c074f40b082d4ad590de7c717336b3f2c4583b7750e6c27
259b80ab4e64ed40cb05c75a8ac556d3d06859165a298f70c16247ee370ffe45
2b3b7f52686a130742537b7968f6f2d3ebb1b9683aab76edfad7e65a9b3ca123
2de5bf4ca944e6afa3e53c22c5301d9a8a686df91054328fd0a8148e67d333e3
4c10553e17aea4baff30a11715624d2721c711294b85d5a46999ef623dd2c99c
5140db25afd93c3a3fcc2e9878309bd55399045069f25d6d698337afbef81d01
52a9a954bc1a5d2291d26abc90293ac86b9e97a8d85cb48f4935ca257ca6e453
54c1f22720da8fabafb5725f58f090846aa1a34dcc1325442e9799fb34d189ad
565a0ae3eb00724ae2b213f4a15b5bfae32e417a49a628227932e9d3e025c8b3
56eed42688868b91629802e3093a6d8f8313e40f504c1db8aafdf258edec8009
58523800a89d89ff7117ff87c70dcb6974495e401630bbc4803dea1b6127b5b2
592e81b6cea7d6e226497bfa57722b8ae306281cf092d243bc96f4688c1147c2
5a69bc69149ba79997cc39226645fc50799b48495c791601668a1f6664d8fea4
64747ea91bca99f338281893be79b2b52260a558369929df4e9126ebbf1ba877
659128ef9f4f5c40d00761f01fdbf9ca31744e2d09a37a0200556220de7ba9d9
65ae907fed4f5d45e1930f4d35efde1d9fea725d900482189722938b2c2e104a
7ac771730442ba364d3cd3af4f94195521a44cce68e32794c2464db272f4b8e2
7da6c6451df66012e898209a84777e9ef9903caca01499d8bead3265801ec407
8112ac4698641dfa9a37ba601ab8323c9b807252e524b2f5e5d3aa24670d26d2
871a26e696b4878e8d4160dcfaf8ce199bb4d1f237af207f1cdb0b309b02ca88
8a18b2d1e4f1b4c0163721486d60819bc1f5e60b387471839431544f2e98bf88
8a52a2fb51a813a676579bb911515b48a3cfc04a541c7c5ec2e26d1ed5490a51
8cd3d1f5770e437a14347ea07932a09f9f33ccb924579c7e5108fb213bfb6988
8ea7e0353259a8c7a20ae7f49ad58f7c045da2b91e7fc60ec462f521fcf60026
916ec7bb5618fac1e1f8e13dee2214f0e4f64f6cc59fd1d854c45d72c40cd832
9587b49ec921aac7dc8adb7f380abba874efcf8d3a7c507585a1201886962295
9b8cbc01f1655b17e3e22cf229781baf7b519d650cdb80ad4e171adb1613685c
a30159b5222d9eadd8e19cd319cbac54e35462f0886b714298ca310bf7711ebb
a70010b404d0c42439e86dcf39d18d46e9bce5ec84ebb943769f75d7f3684a65
b5d368fb07267f9865b0e45d78329e30f457d1a46f38d3c162832fd294bd33f1
c2b7e663465f1883339dc7c03ff4e572033faf6c4efd52f367a3076351633de1
c7a555237ed1b056eaf87a2b6b149e3e509ae9edbedb5b60d0ffd56c8ac07509
c8a862baad5b19dd4c26d3765f026ce10db48bcd368e30cb33a32c62d7b1abef
c945f0237a45393ae61863864911538b4f94c87d6d751b6281082f19ba8b091c
cece7454f836ecc803472bb24c9f0dcbaa3840970f573c281addf1082eef9fa7
d7d462c2900ebf8d1e6bfef6387d1d367c560febebc21fae3a0d5abff9d9ce90
dffd4760cb5e3959761d757811ba2afe436c990facc665412d944eb96fbceac9
e1db9e599dbf1f8d852128cce1958062ccdcde45dea9915da378550fae35f992
e1de5e57d1d00a073208fccf9ce093d94eed60c516b88d0acc557d76818b8d27
ef0f0cdee845f8a54609d899b279cd524ee8fafd5621241e43aee9f4c9acd284
f183146080901b251bd6b924636a4749e2f8a0cfcb483a80ee084c5f07dd44dd