urlscan.io logo urlscan.io
SecurityTrails logo

ad.gem88.win Open in urlscan Pro
2606:4700:3031::6815:5025  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm...
Effective URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm...
Submission: On January 18 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 79 HTTP transactions. The main IP is 2606:4700:3031::6815:5025, located in United States and belongs to CLOUDFLARENET, US. The main domain is ad.gem88.win. The Cisco Umbrella rank of the primary domain is 202230.
TLS certificate: Issued by GTS CA 1P5 on December 28th 2023. Valid for: 3 months.
This is the only time ad.gem88.win was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
56 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2a03:2880:f01... 32934 (FACEBOOK)
4 23.48.224.75 20940 (AKAMAI-ASN1)
2 2001:4860:480... 15169 (GOOGLE)
1 209.97.168.10 14061 (DIGITALOC...)
1 2400:6180:0:d... 14061 (DIGITALOC...)
5 23.48.224.144 20940 (AKAMAI-ASN1)
79 11
1    2606:4700:3032::ac43:adae (United States)

ASN13335 (CLOUDFLARENET, US)
ad.gem88.win
56    2606:4700:3031::6815:5025 (United States)

ASN13335 (CLOUDFLARENET, US)
ad.gem88.win
1    2607:f8b0:4006:81d::200a (Colchester, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4006:80f::2008 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2607:f8b0:4006:81e::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    23.48.224.75 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-224-75.deploy.static.akamaitechnologies.com
cdn.livechatinc.com
2    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    209.97.168.10 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
api4.storeip-shopify.com
1    2400:6180:0:d1::61a:e001 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
api6.storeip-shopify.com
5    23.48.224.144 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-224-144.deploy.static.akamaitechnologies.com
api.livechatinc.com
secure.livechatinc.com
accounts.livechatinc.com
Apex Domain
Subdomains		 Transfer
57 gem88.win
ad.gem88.win — Cisco Umbrella Rank: 202230
1 MB
9 livechatinc.com
cdn.livechatinc.com — Cisco Umbrella Rank: 5963
api.livechatinc.com — Cisco Umbrella Rank: 5415
secure.livechatinc.com — Cisco Umbrella Rank: 6663
accounts.livechatinc.com — Cisco Umbrella Rank: 7278
337 KB
3 gstatic.com
fonts.gstatic.com
70 KB
2 storeip-shopify.com
api4.storeip-shopify.com — Cisco Umbrella Rank: 303905 Failed
api6.storeip-shopify.com — Cisco Umbrella Rank: 271266 Failed
521 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
288 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
159 KB
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
57 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
1 KB
0 gmwin.io Failed
gmwin.io Failed
79 9
Domain Requested by
57 ad.gem88.win 1 redirects ad.gem88.win
4 cdn.livechatinc.com ad.gem88.win
secure.livechatinc.com
3 api.livechatinc.com cdn.livechatinc.com
3 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com www.googletagmanager.com
2 www.googletagmanager.com ad.gem88.win
www.googletagmanager.com
1 accounts.livechatinc.com cdn.livechatinc.com
1 secure.livechatinc.com cdn.livechatinc.com
1 api6.storeip-shopify.com ad.gem88.win
1 api4.storeip-shopify.com ad.gem88.win
1 connect.facebook.net ad.gem88.win
1 fonts.googleapis.com ad.gem88.win
0 gmwin.io Failed ad.gem88.win
79 13

This site contains links to these domains. Also see Links.

Domain
web.gem88.win
Subject Issuer Validity Valid
gem88.win
GTS CA 1P5		 2023-12-28 -
2024-03-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-28 -
2024-01-26		 3 months crt.sh
livechat.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-16 -
2024-08-15		 a year crt.sh
*.storeip-shopify.com
Sectigo RSA Domain Validation Secure Server CA		 2023-08-02 -
2024-08-02		 a year crt.sh

This page contains 2 frames:

Primary Page: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Frame ID: 4CEBD018C1ABEB528780D55931120535
Requests: 74 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=16649625&group=1&embedded=1&widget_version=3&unique_groups=0
Frame ID: 7811F19AB055A6653568D442AEF77EBB
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm... HTTP 301
    https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.livechatinc\.com/.*tracking\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

79
Requests

96 %
HTTPS

73 %
IPv6

9
Domains

13
Subdomains

11
IPs

2
Countries

1903 kB
Transfer

3635 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923 HTTP 301
    https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

79 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ad.gem88.win/
Redirect Chain
  • http://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
  • https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
16 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.18
Resource Hash
911b2a27d3669540b4ab50ee0f9608ff88c0469f9dd694b110efdbc1b81a2c5b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8479adcee961db01-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 18 Jan 2024 20:44:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oHE0awDOwBFKNof6IjDQOQBb3Heo%2BEuqb%2FEaFwDWt1DwGt6%2FV1OLtgN36uCTX8rfyLAOeN8HJeJ6LSwGaIBnOfRyC4OViKutNyWOalCJfoGMqwTYqAKRQi0hQIMJjCLm7soV%2F8IRw0qApfw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.1.18

Redirect headers

CF-RAY
8479adce1fbe259d-MIA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Thu, 18 Jan 2024 20:44:57 GMT
Expires
Thu, 18 Jan 2024 21:44:57 GMT
Location
https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6Re%2BYHRZbuN0%2FABOQh5PtWC%2BvuOXcrI6EzdMMAfUIWnRIMQA%2Fed62RkuBcrvePm%2BYwPT5RCKUWX3crkae%2F5diNORkZj%2BMAGQCCRyOJ9m7BIoiQPSEQepVTEfstRp38w2lJkoksO4fich8Q%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100,300,400,700,900
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6bb18753865e24b64d4ffdc33cf87d83ef112d23fe18adafab4dc99939f6e0c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 18 Jan 2024 20:44:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 18 Jan 2024 20:44:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Jan 2024 20:44:58 GMT
style.min.css
ad.gem88.win/build/ 		225 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/build/style.min.css?v=1.0.8
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a5dabcd9588c0e8c628952107c2c0bd572087ee84a8ea75ffddcda87d063a7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:44:59 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 24 May 2023 09:43:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"646ddc3f-383f9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjGBaO9sx60%2FTLbmJIY9CkcHa3O%2BKaKzqBtU%2FVunrnMRn%2BE%2Fq4SF6slhndoQGy9gL5CIpxVZmC8%2BvfpyMquKZwjGUocvB%2FCMR47bjDY2ay8bzmqVbgwNI%2Fy4oej8C0f2tCV%2BBHSYCd2bj4k%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8479add20cc1db01-MIA
alt-svc
h3=":443"; ma=86400
apphd.min.js
ad.gem88.win/build/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/build/apphd.min.js?v=1.0.0
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fddeffd4b4a71238d91e4d88e216ef4c20d77ab9010017d559c1c48220b1d69f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:44:59 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 24 Nov 2023 16:14:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6560cc01-15544"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nh10i62Y8zQzkTZUN%2Fx4%2BEy6FBbrQnTMK3G40J8HY972DWw9vrXaLnSlIE9VyhncArtV9rvG8hr3lSRGo2i5y4xvmq7DOxeFS6IzjTujOYNz5nRUJNmGrg4OWSzm4Udc2d3OguBbB3Mq3wQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8479add20cc4db01-MIA
alt-svc
h3=":443"; ma=86400
thumb-header-lazy.png
ad.gem88.win/images/ 		199 B
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-header-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
595eb22f555f9317ce271066d3536a64b5628d8d99c22e8844c48297b770fce4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:44:59 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-c7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APTFyqQCMEM8Kqxm15sMOvLa6acG7jLKwb3ZHEOzz56bdnoSlKooIgc4oUrC%2BnSYId6KvoJtfMFq1WJi5iKbX95y0AqiDHPpH7netDNFO0FCmut0And1zMEEgBe%2BCzDM8N59sxZrW38ElWc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add20cc6db01-MIA
alt-svc
h3=":443"; ma=86400
content-length
199
thumb-header-mb-lazy.png
ad.gem88.win/images/ 		189 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-header-mb-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab11db15dbc833f5586d15f59fa66b8cb1aa7d1086985d8c8b82b4b7d91f078c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:44:59 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-bd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1OkHisxjPItWgooSgV8wwz9UgwKXnmLgtABKe7x2jVnFf%2FOuWu6MkFaweYjjdrVt1qx6G9WGEsUOFWcQnzFgDBjjv9tC2ousb%2BY%2FIAoNZfnZO3CzrRRnlP0IYt7gZIsWZcFT%2F92jmiTyUk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add20cc7db01-MIA
alt-svc
h3=":443"; ma=86400
content-length
189
jack-top-lazy.png
ad.gem88.win/images/ 		112 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/jack-top-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64e213916d9877bca7d7dae986f5f87c6fe7699316371c948913c216b93c41f2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:44:59 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-70"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2BCfPtUulgoF0zAmB9K9QDEXn5A1dSpXIYSfLIhtbFkHqogEt7lgNWR%2FA41%2F6w5numc4yWcSWlOSu%2Fx2j01Uqyfqlka5kQh8ZJe9u43JwIbThmLovRlCHjNsBFE295G5TF8lxY2p5QRUkNY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add4fe1c0a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
112
tab-lazy.png
ad.gem88.win/images/ 		110 B
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa715f294b6d9b97487327a36ebd9038d88d3832a31e35bc65d1f2e84d1cee2f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:44:59 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-6e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NWzNGFTkbzWZikmbt1LwUK4uL5NQSyMUSdhVA3NbuP7kx8tdztYg%2B%2BaZmyWSWwNUl4fRVQRzPhDGfesWd%2Fs4wYUjaR8S2BOS2FfyvGTI5QoFm528QG4XPWzmL9CkRdo2u1vFw%2Blh65v5tvg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add54ea60a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
110
tab-active-lazy.png
ad.gem88.win/images/ 		110 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-active-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45e64a2d90de9f35073296ea108245328541ba68b6553bbeb5ed5cb6a8528176

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:44:59 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-6e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9lgvsn4R7XCvHwl%2BZzXOpr4xgekojLoiq%2FoSQPzr6SxGa0xAEHRnNfaIvkGGl6kI4CPhD0JhT0SRNlME4H7RlvovI3%2FCKgcifwZNWFSTh%2FqovNCYf2I4xT%2FzMIjavVU4DQRsssgpgxt8AIY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add55ec70a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
110
tab-full-lazy.png
ad.gem88.win/images/ 		111 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-full-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08e1ffda33d81046bf53cb65a20acc3dd4249e3c0e4e14b0e39f85e04194e98a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:44:59 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-6f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WHed%2BANULaC4M5amriOmfXLtBdpMPhRAYcpk5Pzzb9p%2Fdm1sCngPbYQUCrvZam3265RL%2Fgsnzm3%2BPuuBSfJQWy2LfZzbkTVFX0X7pS25cYZ%2BHunKIAPxQYkW4L56TQIYR7tiz%2Fej3clvRLo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add55ecd0a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
111
btn-lazy.png
ad.gem88.win/images/ 		116 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd67f2b53732ab3114169952b7564c7535f82d1bdc74dd1862520e521c9c25b9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:44:59 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-74"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jpvwe8TfRdU81qHAlM%2F82pXd2zA3rRqbFlV1wzmFbYggo0%2B%2FK%2FJlsbY4ubcDZriqxlMHGSTkx347roZSHKIXkbaO1OTmZU835z4e3kyheheJ3NxhpMILXykru9JGlVQ66dvrKBTh88XhQus%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add55ed00a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
116
dacotaikhoan-lazy.png
ad.gem88.win/images/ 		110 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/dacotaikhoan-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8850ad2a073a4e12ff7984cdc1d8a1815020c76f2e7cd96656fe04d0e4e31f2a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:44:59 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 14:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644bd254-6e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xigLb4JjjYnZxAKiFC2m35ltlRsOCoLEj3SvT2PUYGc0WrMOHQlil82fhLS97hGSXKEKSstpgMPMvt1LSS45jIWFAJc41AYyD8%2F1OjwwjZ1Ve6LxssreQBcZ3WPV632zRmcS3neudqLBwww%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add55ed20a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
110
btn-dl.png
ad.gem88.win/images/ 		145 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-dl.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0342a64f0d2ab3c294b31ca7b129729f4128731f037a4201fcd6e12a184d7cdc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:44:59 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-91"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DyY1qlQgVu2FXAIs6YCIQmmhnNoPsIuBASSeOiY3rvTcqtNl3EZ%2Bwj9lGmnVcKNDnd%2BNwmdJ%2BHZczZxeOpZN86X8Eqqu00WnlS2MnNaYI0e7aVAqxGWZQxG%2BULXsjL%2BB30F8WL8WcQeFdts%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add55ed50a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
145
thumb-thank-lazy.png
ad.gem88.win/images/ 		256 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-thank-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c91fd27f6f8293117478def18959bf5053f3dcf98ebb6347905974f6113f163

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:44:59 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-100"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j1zxzmFurSMPFUU2rHK3Po1iA%2FO3zhuhIP%2BNeOlRI2CYMBBkSFfGDZZA06HKZmPIIcLo4lPv7gEtwC3nsDzJGtjxmYjNb0mHVxALchFq2u5N8%2FbTfOJTo1KEw4XNFJ1IoS8HO5U8yQ1pD7Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add55ed70a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
256
hoac-lazy.png
ad.gem88.win/images/ 		111 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/hoac-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de851a1267df76e4648aaa1059368f8156ab759db4ef70da4245dd6326e7cef8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:44:59 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 14:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644bd254-6f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ECI1N5wKN2SiDke%2BGGr1l78W3prZe0Y7g28IyUxROd7GH3XNZqDW0o%2BVzO4M6Zk5avJp%2BSmWcuA7wTxZ1Y0ArdF55%2F8TaWmLIZsUhH5KeVzFM3lft%2BkydFzMpu1oj7jH0p3lSriyPD9Sdys%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add55ed80a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
111
game-lazy.png
ad.gem88.win/images/ 		117 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/game-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65c82fd39e63e481e8718fbc5507615e8d88331056eb7a3b5454ac94bd7faeab

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:44:59 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-75"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fh%2Bs5qZ4hPpkELWkUPAhffNMGHBUr%2FfyFZsmP91FWhHykqejVuthdJwk7alYqFzx7D8sQ0eVMzDFIQmO482sHJnXkoHvdiRH5uUiX19gDmffM6wU%2BtWdcqwMPXZRHRBv75O1Z%2FAq702RaK0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add55eda0a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
117
thumb-adv2-lazy.png
ad.gem88.win/images/ 		121 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-adv2-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa49fbae9156dc680c02ec2554ef484426e2a98f0f0d16b3050c951f1a031d67

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:44:59 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-79"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7bDkV5fBhpIuwy9wMWXPsWn2el26f61r4Bo40Be3aYO%2BZPbAkxHDtg4LUdjrTHv34ZttjGwxbPpdxTMHmHNXuapNrDolN3HN7EqUwlA6AeAl2ZFCeug0DemDstBPodM8S3FyTts%2FOYBntnY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add55edb0a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
121
loading-lazy.png
ad.gem88.win/images/ 		96 B
560 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/loading-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc3cade2468407b0311a0bb58b781b1ca93c01c1965c49e41ca133d694dfd316

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:44:59 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-60"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jxhVjDu3Om3eHdz8Rt6ZFs2OAtXsJBZKysmBp%2BmzTF1NCqNuaxgOrAcWMFhnWY9cjUYHBNvd%2FQ4%2BZwcob6uLBw9lRYg2M4Po6M2XWBivagD%2Fs8nlsdgFZ9UdG6SqZwgrg9wJTzYxLKY8hs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add55ede0a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
96
app.min.js
ad.gem88.win/build/ 		276 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/build/app.min.js?v=1.3.6
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
707a7ed66ec0a3a3a48dd9875948c4660ece2725b6b6aa03b635b2d30060aa1f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:44:59 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 24 Nov 2023 16:14:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6560cc01-44fd2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6rZ9GDezx13GewLToI3sSoTWAIzH0nNloVXkSZUQP%2F4XFYsUgfwjyEGIFqDRaIg3yTqGswXJEirIgwDv6AEHYI6RhAfqLQ1oxh2Jc7x27X4aT9yqfhuei2R2017Jih26%2FCervqnpP0iB4A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8479add55eca0a16-MIA
alt-svc
h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		184 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P4HXMRQ
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
20ec31f21d2cbac58e7e6f6e40fdadf664a2c3b892b4698213687457fb8d0257
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:44:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66651
x-xss-protection
0
last-modified
Thu, 18 Jan 2024 19:52:10 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 18 Jan 2024 20:44:59 GMT
bg.jpg
ad.gem88.win/images/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/bg.jpg?v=1.1
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd7fe97d8b0b2a686e232ef2a8b711f5195bc543f5b660e684685c7e66b8f2f0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:44:59 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-f17e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uc6YXlu4rwnARQXuLua3rZa%2Fdo8%2Bs3Uroa4ET1T82NjO5lLnoEQzQpokvIcU%2BPZFadqiFO5np1lpnzFwxIBtdF1G99cwsKLptFNqDKtdffNJ60tuo2lhOdOuoUNTbfR%2BfB62wpjwZdcbkPo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add55ee10a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
61822
bg-jack.png
ad.gem88.win/images/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/bg-jack.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
762ead9dbd6081f969db272c17bb280daa359f45e2f82519531a2392ca4fcaf1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:44:59 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-cb3e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Bi3eyNM1dbs%2FvCQLCAndBUNTs8sVATPT44YRWuVa6UQfQmheDeXgTk66gt2NMJstFlvwKcsFtl4u4f7FYdJI%2FhobyYsxBIPtGRtOpLdfkCMW6K%2BOM8k3AnLar6EIshgIL5YjLZ1uEhBlk4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add55ee20a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
52030
bg-form.png
ad.gem88.win/images/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/bg-form.png?v=1.0
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3ba98f60481267b1d7e20f2743d93ed2bba4daf00c9104801d8f51f4d7bf77c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:44:59 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-73f5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WOAuAXFL00R8R9IOPJZ6sje82MYJ6tW5M0XeNvS0CW%2BcJi7jZj50%2FNc1HLX3%2BaCSRy1lz7RQ4cMbm4t0A%2FEzcONHsrYmCAnuvi%2F2qi1694XAwqCM%2BQMDG9d19xI3SbGqa5BZn71%2FuclydYY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add55ee40a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
29685
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ad.gem88.win
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 01:48:29 GMT
x-content-type-options
nosniff
age
68190
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 01:48:29 GMT
js
www.googletagmanager.com/gtag/ 		287 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R9056WVBMG&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4HXMRQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f9e2239870527126a2d0e3913cc7e61f1e1e2ddf0ada4da600fd8c60f93428b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:44:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95913
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 18 Jan 2024 20:44:59 GMT
fbevents.js
connect.facebook.net/en_US/ 		213 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7aa4d5de5abdae4603540b48171e45742399584aa06f8ddefe4bdc547de20e35
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 18 Jan 2024 20:44:59 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57003
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
qS/CzETyMnfvgRfNYmdSDU+tpBjRyCs9ZxmcSyJ3H1GMTrZvknpkqPbBact5z3S6OA0WhjZ+/T9XqOOb+UXnTw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
tracking.js
cdn.livechatinc.com/ 		89 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/tracking.js
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/app.min.js?v=1.3.6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.75 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-75.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
dfbfc9dc04b6b4455ab64b11510a6e1bc4e942827cca6848d6aab7c59cb8a03f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
4r6nHU81zTrRACGDywdZY8QpFKVe36vb
content-encoding
br
date
Thu, 18 Jan 2024 20:44:59 GMT
last-modified
Thu, 18 Jan 2024 12:13:48 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
x-amz-server-side-encryption
AES256
etag
W/"cd051e509cdcfab77d1d9c4783aa5b1e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=28800
x-amz-cf-id
5SVDl71MJkmeYNlvqBabygD-xw_A1pBbuVnxCjYaN8YC5tVwAT37yA==
content-length
27375
expires
Fri, 19 Jan 2024 04:44:59 GMT
collect
www.google-analytics.com/g/ 		0
243 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-R9056WVBMG&gtm=45je41a0v9118954187z89118949234&_p=1705610699079&gcd=11l1l1l1l1&dma=0&cid=1527677585.1705610700&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705610699&sct=1&seg=0&dl=https%3A%2F%2Fad.gem88.win%2F%3Fa%3D0b08d04b25bcd0ad4484c0f9dbd56c4e%26utm_campaign%3Danw%26utm_source%3Dclickadu%26utm_medium%3Dpopunder%26utm_term%3D1977923&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1888
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R9056WVBMG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 20:44:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ad.gem88.win
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
api4.storeip-shopify.com/sw/ 		0
0
collect
api6.storeip-shopify.com/sw/ 		0
0
res
api4.storeip-shopify.com/ca/ 		57 B
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api4.storeip-shopify.com/ca/res?command=storeClientIP&affId=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_source=clickadu&utm_medium=popunder&utm_campaign=anw&utm_term=1977923
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/app.min.js?v=1.3.6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.97.168.10 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
cae5fb3cd0e270761ca6bc4e1706167b165ed124095a74573d5bc2f2f449df6e

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 18 Jan 2024 20:45:00 GMT
server
nginx/1.16.1
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Authorization
access-control-allow-methods
GET, POST, OPTIONS
res
api6.storeip-shopify.com/ca/ 		12 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api6.storeip-shopify.com/ca/res?command=storeClientIP&affId=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_source=clickadu&utm_medium=popunder&utm_campaign=anw&utm_term=1977923
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/app.min.js?v=1.3.6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2400:6180:0:d1::61a:e001 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 18 Jan 2024 20:45:00 GMT
server
nginx/1.16.1
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Authorization
access-control-allow-methods
GET, POST, OPTIONS
collect
gmwin.io/sw/ 		0
0
get-rank.html
ad.gem88.win/ 		2 KB
855 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/get-rank.html?t=1705610699000
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/app.min.js?v=1.3.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.18
Resource Hash
390ce98007919f2c965bbeca83ddaf8fb23fe662bca93006b5fc3dd7f1c20b78

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
X-CSRF-TOKEN
52b5de4367d651c6563e4405a8e5dd49
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.1.18
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M8eGlmhUkAAQIHasfAq%2BtymzGhfQ%2BUO5J%2F%2BzX3H1qOU%2FuVOUcYFiPimBubdoOnPm461%2Fu0vSERSi%2B%2FQquGWmnPYzqAXrsmKddQVUshsG43NTN4twY8tF%2BNTJhEA6Ri6liWoU4pU0HO27U1E%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
8479add9adf30a16-MIA
alt-svc
h3=":443"; ma=86400
notifications.html
ad.gem88.win/ 		2 KB
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/notifications.html
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/app.min.js?v=1.3.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.18
Resource Hash
fc4bb8ac313e71046cdd1825c199e757213f8bc16e9c012300b71ffa06a54fd8

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
X-CSRF-TOKEN
52b5de4367d651c6563e4405a8e5dd49
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.1.18
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TlvOD85SHJeuuahyh8peWK563Y31lZEGzKhr2pXXm%2BscUX45oZsGp%2BgwzQGIz84usdVijhtMUCQAdn%2FiViRxDyH9jC4BmdX44%2FoNDfKqGlThrUrVNytmsQcIMGMmHIrXS7yr09YEl9qpV4Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
8479add9adf40a16-MIA
alt-svc
h3=":443"; ma=86400
thumb-header.webp
ad.gem88.win/images/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-header.webp?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
637bc10ddc6784ea531a496255c1d649b56800f5e26dcdc2f41c31c244353761

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 16 May 2023 09:46:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64635110-108d6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=klzWrXCBVb3TNbUnQ6V2YfmbltPQ%2Ba%2BWh0c2B0Aq%2BG5woGZOYVKcGEdRQ%2BltZlYIW8cFTq17c9PeegKUS7goml9RuG0YRuaxQ3AIZGFf%2BtwzAK7Q6lV%2FfZ%2FIlt3U%2BK1YYcrpFiREkRgOqAg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add9be0a0a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
67798
thumb-header-mb.webp
ad.gem88.win/images/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-header-mb.webp?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698a7dd29e741793552da6fd4cc98192ad6da8478aeaa0443e27f57f4e9481b4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 09:37:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b93de-e102"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mmx5G3UYxGLsBRh8DglPSZiMd%2Fq21sl51YVfCZmphtMtYY20DOuowbFO6wBnVD3B9cEIPhG35nw%2Bu1i0J%2BNak1AOTUR5E8gp4ILQOmYpKStZ%2BnocG3tixLD%2B4aF8diFX5QMIGSWAChL2EAo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add9be180a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
57602
jack-top.png
ad.gem88.win/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/jack-top.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
150e991344277d2ed02609b431389e719a7133fc719ad8caf9e5b24740e8d694

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-2101"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pkykiXVgp9IhZWM2h6ehagE45%2Fv8ctgHPj1seZIDTH0ccgb3KjQRHv%2BFrZZmPa1Qb6dxjfo4mUZJAbkUEBapaj0Gd7PRm4wYnLuy6bieZ8N2Hh%2FqNalMH8xmFfFIsNbXaYTCvK0%2B1XYtzwY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add9be1c0a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
8449
tab-dangky.png
ad.gem88.win/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-dangky.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3717be19007b1fd3ccc6c03c33d310ea8e7d3e4d51bc8ba27e617b5f5b477403

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-187a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oS7sP4XdvPqyyTXY%2FU%2F6%2Bm0VUNXflfvvg%2BqRkOMC7aPt4oOs09HrSeK014apKsE%2Bn%2Fybwi2Hx%2BKA%2FHetzKHcpFWL5L%2FGCfNmjd15dWc%2Bzd0eqDQxkHYSKPC%2B2KlqFSoRMIXEa4QESBJdmGU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add9be1e0a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
6266
tab-dangky-active.png
ad.gem88.win/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-dangky-active.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40e20d0623dba65f3a7be919bd1b4213c5759ea7d362598e2fffcd03ecb72ade

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-1e90"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSDGmn%2BRIsSgiQ3BlTYKmkSQaZ746%2F8iOrYkWUpHvKYyAi5s5J94a4%2B%2FzJANK%2FwpmF%2F%2F2U4m04Kb9ijaRH3hYpyiNXPtcamwtPr4PJvZOL%2BS5OTcu%2BmI0A%2F75FHtGxI%2BTRWq261hL14i4H8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add9be1f0a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
7824
tab-dangky-full.png
ad.gem88.win/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-dangky-full.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6658297a10eb33e2d3d139f9cea73e2885635495fa475cc4f1fdf41c2ebac72

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-2723"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7KaV0poXYRvNk1whM1GxjR7GqNiFKoSLuZu7lUNavwLsU6OvxUkyaRznvOw73Zm25T7age1BgFXZrO%2BFNJgXJKYaxhQlOQU0XYiN8gFtQRzNyutgjGE9%2BXbyQOV2O7Y83xRr%2B2%2BzXFI3BKM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add9be220a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
10019
tab-dangnhap.png
ad.gem88.win/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-dangnhap.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a82b32ea4fcf428a441750c401b3a4752f501995403538889c6d697db4e265e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-1947"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XcKkMEeePaatMxoFskv1CdosmUJfT%2FYY1drzsQbNTOhUHkLeBck2PVxzfAs%2BhgJzZ7c3W%2FOXWQSndrp3eC5m1ret4NJPGlSlcIRrXEnu26KDiazgiPzyM1iuB8qcXQwXU3ClKzJ8Nt8TTGg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add9be230a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
6471
tab-dangnhap-active.png
ad.gem88.win/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-dangnhap-active.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e66619ac22c40ebb4b8ac9284325bb301e77423dee32a5bf091a8d0e8894ff45

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-1fb5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MD%2Fd74lA5rA56id5mrjnX6dyle7jRRf4rNN%2Fm7Ne2bhpOW8LSQJn9YmqnVacF1wQHfpXG3g%2B6RtKf6QnPblYdJQQCzTaFU7wBQuMn%2Fr7c79FmpiBq6fqNBLTHe6ZcqmnZdvJkFD43Qcx53s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add9be240a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
8117
tab-choinhanhweb.png
ad.gem88.win/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-choinhanhweb.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df4c4d50f9082a8d502245115432b004535b78dfc6dcc5d4f206e875fabc5575

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-20e9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4O4yIG8R%2FGwoEgsx1C38bg9Qn4Zfdh45G19q4WtglR91iqWQ9r7mU5D1H2jFWyhBX60e7oS0agsrfahLzW7s2z7XVL9gJivtCBOyZ1CLreAyhfvtbP3Cutat7Dm4Q0nxP1jaOFf4OZR1JY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add9be260a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
8425
btn-dangky.png
ad.gem88.win/images/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-dangky.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3c6d54c27cb6f6eb3986a10b70080fce7c6378d873340cb9856a7d41e556127

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-61c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JK8ZXWpOXIY4VM9NgLtvDZLLGH%2BKi6HOGUF4eGh0vwoTPjEK8SZAQIqH38eY6ZoeGpWIBH%2F21OiebOBViIuUMybjLiDrkntvg6Jxv%2Fog21hpaaQVbInxXBzIYG4P1X7POAiZ5YAXnrpPxiY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add9be270a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
25026
btn-dangnhap.png
ad.gem88.win/images/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-dangnhap.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36c64ee60a979a9056c04de2092ff68c0744e24029d7add30fc6c7342d3e47fb

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-599c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tcZWb16QDxW4gSsS4cPgkJsG6rhDSZeXz8QOii3eXdJMtvFWn4G1Gu%2FxGChxOJvXPNWrfJgnxPI1m8gvj3n0hT8JnrD2VvA5vm9wf4vB%2BD7%2BVg5miikTM%2BwaaBzjrv2RdgHSJzgBIfWmj%2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add9be290a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
22940
dacotaikhoan-v2.png
ad.gem88.win/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/dacotaikhoan-v2.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1334fc4f83d8709a632ab9fd8d22c4e2868b30534f58d11f8a029456666dcc71

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 16 May 2023 09:46:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64635110-157b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZHaRtnkC69u4PgHWmV0F3DqR6apiwJKTJsYZkfqUFQ6%2FrRv%2BzpMPrK9prummxkkMAB20JOYUhgslyb67oEJf2iCA3IUDcBKPZA7L4RAEr6mkIGRxwSeLuHTb5jQOjH%2FnQaFYKl4ILm9KmtU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add9be2b0a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
5499
btn-playweb.png
ad.gem88.win/images/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-playweb.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbcad0512f42296a7388501662662ef64652a9daa3fb39147352b657b61acb9c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-f69b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ALEiXG%2BDV7Vg20otZIkSJ5s5yzKz1bffwHuAGtyyPY%2FWY7sFHg%2B6345yEo0VmlOk4VHXktaIFKO5TIsPBrFbppLK6WYdpqkgU%2B8Vwn9M%2BrhNO%2Fx9tT4u79KNaFfuPgIZ0UIXXLXaUvBFlGQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add9be2e0a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
63131
thumb-thank.png
ad.gem88.win/images/ 		225 KB
225 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-thank.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c9d6b9b0ae9bc6c9c0059e96e8d679b82a868c59ec1e9bee350bc6e2edf2186

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-38349"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mPM5syD8ZPytLAU8leuTCrR2reFomHTjtf7breCQijzKCJh3rk9MO0W4rm020z%2B7UaOnZbH3x24j2HQU1Yv2mEuQhkul%2Bnw4ajmcUolGIx1LaX3ZLgtqp91J%2BpPqpDpc13CokW9lljKkilQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add9be2f0a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
230217
dacotaikhoan.png
ad.gem88.win/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/dacotaikhoan.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c5da9fa4f696362b6832648e51af1420004535e4e8267bf0dbbf289dbb51669

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 14:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644bd254-2d24"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mDleY51ZXc7Dm4RZfEvlyf1slBjcZnmExgxA%2B5mUYrxxik0h%2FsiJ8Qx6tPS6mctGrchxG0AcGMpoxsEohHBFfa%2BU5%2B5qF3MI1lECXMN5uAKLIlCVhAO0P5t5lqOU9fjIa0VWtJ97pNL7QyY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add9be310a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
11556
btn-ios.png
ad.gem88.win/images/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-ios.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9ce5a276819119f1b6223228d236ffdf3d8d83014b08a4e1c909310fd261f3d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-1c02e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q6zKZYhdWpZu7TFpiNURtcHumzJOGNPCTeKM4CIc1tMGcxyTMFzdXH%2BjCggNvafkbPCWkpz4Iz2JizP2RUH6mySCEYLEzy0eIwLrTttld626U3JN3br5kwXlmrTskRsrfx%2FNwveeF2qdS6g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add9be320a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
114734
btn-android.png
ad.gem88.win/images/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-android.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0210b490fceb299ba4561c1fc0a13f330191f5ee0aa4a17a4e700abe1037b85

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-1c1c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a1cwTbN8fggk48fQ1f9iEl%2F2tP52IikdA92rqubO1piW9cceSh7DLzfGP2Um3H1FGJ7aronC4%2Fr8h1KmVu6v%2FiQKqgOZp4ltZXLN7CKqtRuDURErbE42vWKYBOpbiurx4YLx%2F647hxzLq%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add9be330a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
115144
hoac.png
ad.gem88.win/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/hoac.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae34e2543ec92b8c440339855cf1829b8107fdecb3280d43ba905b59715f6fc0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 14:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644bd254-fd8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=55UI84h7JR1pyWtp3Daccs%2BJ%2F5BWQGaL6%2FyXIcJrsgl2gIHPlkcZJxNNYJcL5%2Fm83jvkpYTjG1SVTtUOEEIshk1TQBNZGv3wuUgoAfI0IVLGOlG%2F4x2dyblj%2FMZReIm8IcAHqwkrX0xYdWA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add9be340a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
4056
game1.png
ad.gem88.win/images/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/game1.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bc27df30f2056611a375e141bbd6ed4de7f7574a0acc2f265cd52fa8a7d72e6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-8ac6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oBauJ9WjDmF3K66IfbPbIg%2FMHMckTyzoGVzzE%2B%2ByhWBWghmDTo5QVWfxwPbCCsuwRHBFw1LtJaPB8OWKrpJ4PJ%2BdWlypjw4LxmWgVI7MFg03PK1nJE9AVek7eGzaHC3vuwUpznonCqt40j4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add9be350a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
35526
game2.png
ad.gem88.win/images/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/game2.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9d251e4fae4ce41096ac504dcc8277b13509f3b21716fa6bf2bbbf248299428

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-83a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dxIRmlZRZKfVTRj%2FmWqIjbm%2FGFPCpT5HDJmXpndCnbze4%2BAQOQq4GmwP3Ggn3N%2Fz3Qq7lA0fRAGvifePCLXmE%2BSUMDin4M8aI%2BcAPLnD%2F5l2%2BC8gEk9qQ6KlmFpK%2FvnIpfk4NUKPNncZcNA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add9be360a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
33705
game3.png
ad.gem88.win/images/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/game3.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a914ae4cdbc9c034bb19398eee3bff1effe990f4f934cd704842fd4b79ab01

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-8898"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9DtPsV6oWpvN6NOgf%2BdHhyR6dIQsyNRFYwUu0QA9R6jmcy7uT7t%2Fz508T7Mftp5KFGej%2BUPocAO3dHIVwHoJFVUHPgBqQF7RH03UyfeAgTPFzqCn4IEr6TPN4ZG3WaPvOMmrTuJZ2t4Fnk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add9be370a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
34968
game4.png
ad.gem88.win/images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/game4.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb2489c0eeffa420686b1bb54575790cadfeb3344d2063ac26bb38d4e1ee9c5b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-5a8c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QA5lgPqUj6VsbArlR%2BQJzRRMPV9v%2F1QMe9JDDkA6D0D1syc0sMQmHThjZqa4snG3d07IPCodDg6oxw7ektaI%2FXi2sqvpl2d4eO8bM8qXwEZTV2nXqzdjmXiAaSNR48QT1A%2B2G2e9YXyRIfo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add9be380a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
23180
thumb-adv2.png
ad.gem88.win/images/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-adv2.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bca08b5abefcb969515978e1a62cdc71eedb282539de0a93da72ef604ddfb905

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-8eed"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xoRT7o0fDuWWLrjbBVFJ8dYgLEIXfK6zddniQ9PbT29QfR1eDCRcj87hkglm56UY1aQXWvW3sBK5swHgEGVtQnjf9I4mEuxI1sI2Nq0sabK%2Fv1QJGVh2Zp%2Bxdd4zHFdejXImVvTCzWSgSBE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add9be3a0a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
36589
loading.gif
ad.gem88.win/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/loading.gif?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ade47c7bfe9cb00a16c8b4fa265aa07e8fa676f051e23d1d8a4fbfdb86fef1b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-663"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vql5sC5gyC5mvesBkFAOoYa21bNvGVyeuHefAAWK%2BrLKiUPopuh1SE3Nw8irHxZrr4SdOml1eijP28%2FAQNNVuw0iHaCcplVZxV74UeyC%2Bc1UEvoBW4WPCVoE0lcZMn37UK3%2B7z9tz18qUvY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add9be3b0a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
1635
icon-user.png
ad.gem88.win/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-user.png?v=1.0
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25adcb5829f4e373982ac7be939819c77761f28132c5728725638d766d49b06b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-784"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=59kGI7E%2BKtN2EO4Q0I1KvmGJHYzX3PIoAs2MmpYkXU4XoKGe3dQLUPScag2URE6G3yRHvITiyaVYb4ypTIKXpgILMCZvuNfUtGwufXloW5zRt4uG6uIiYWiB8AUXLEs%2BmHGRWqlAl%2FllXm8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add9be3c0a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
1924
bg-input.png
ad.gem88.win/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/bg-input.png?v=1.0
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b7d1a33f8a26fadb03580db340f76f5fed5e5b765d0563048687638f7a0269b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-b45"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5WeV0cMRBkUWKdCt7nANVdJgNN6TRjzGSsgT3tsRq4m%2BR80HGvaLduB0i5yOR%2FBWE0yMJmcmvORLOZPvKSRmpjJxIr8Rzi9kvIPQgyi3fRM4446r67aLUcw6JYN8rERyX7tkNptwCIS8Vis%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add9be3d0a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
2885
icon-lock.png
ad.gem88.win/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-lock.png?v=1.0
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41841244ce6ed4f465cfb868c420edeb0f64c532c5a31329bcdacf8c7841d852

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-6d3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8W0Rl8zvPKVW%2BfpgtHGk7DNUZtVrrsJGQm%2B4bmMxKjpvSTP4%2BzR4GgHVc%2FM5hGJT8AS%2BPQd16PBB1EIf%2F6hkbP7W9guqgj3kfGsiNA5JZOAbB2iFIWyxyMAGSEJOY2TU4F7cl0DaEO0Shs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add9be3f0a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
1747
fa-regular-400.woff2
ad.gem88.win/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/webfonts/fa-regular-400.woff2
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9

Request headers

Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
Origin
https://ad.gem88.win
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-350c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JWpfPY6L0M0t9uk5HBkLixIfUCbXeoEsqhQTaBOK%2BXSuBCMX9XEavyRFU39AY%2BDGbOdUp1lCgJPw98W%2BCYiULB8Jdd44MKylKNm7ng3Hivg0NJgy4y9BGPAzypnzKYl4fnLvc2Ht4ygJj28%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479add9be410a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
13580
JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ad.gem88.win
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:09:39 GMT
x-content-type-options
nosniff
age
178520
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27812
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:37:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Jan 2025 19:09:39 GMT
JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26a448d7f02e7b021d15ba5d546ce57d822e6c7728420eb089a23adf10ea26ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ad.gem88.win
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 11:06:33 GMT
x-content-type-options
nosniff
age
34706
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9512
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:58:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 11:06:33 GMT
icon-jacktop1.png
ad.gem88.win/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-jacktop1.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eed0f9e2fc88385306cc4d2aa8bcd1fc329e7354a29a265809094ba409045ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-b71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iblJBWPUsdyDqsVF0JJ4LX5u9U5b6nDJRkb5OLSvkpTawZpxuqVupabyB3QQcCNW%2F4b%2FiTFhkLoCsZ4Ra1HZaab7ymeAU4%2BWWtl%2FPVKNau230SLftVF%2FimC5%2FRkq8Jb9gYfGfVj3%2Bs3bjWM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479addba9680a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
2929
icon-jacktop2.png
ad.gem88.win/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-jacktop2.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed522d1bf5b935ecb33a5896bbf3d84e910104318a5b41c9b9f1e5ab3f72dc01

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-950"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AgyX%2BPR%2BVWdXOx11Arg7k7xMV0z9wZVE39N%2B4yCl8Pv28j2cH6pKbvqCQepx99UJlK38K5ZYqgRONDZ3wShGE8O%2BlGGcKeXH2y5%2BUQbzSLp%2FgACb1ZkGya4kgLwMKMqogc0i%2F%2BhFlj1fRrg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479addba96a0a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
2384
icon-jacktop3.png
ad.gem88.win/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-jacktop3.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6155fdbd8360064763e6e9eba26ee73353d2fe4754b58ae921a9541ccb40ca6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-874"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KHt8Wz6j1C8c40HNHvxDvbj58JMUniQt00oMizmak1E8fVprj4iARWxZ7imwtqTb7innai6dSZx%2Fs3pvQGqimCdLzBwb8OJAihNZJsH3v03Pc5ClV1yuWUqAqjB2O2zV9N75br5cypi3PGY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479addba96c0a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
2164
icon-jacktop4.png
ad.gem88.win/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-jacktop4.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
647be14a6401e00f3d516ae4415fcd53940ce6602d4efa9594a3572e949e6a8c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-5fe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NOiQBoq1V8nz0d7RcF87ihrHXya6GneCS8KN8nz9OFB3DKgpGy5brjUFf3iNfnCpYVBzxCNiwcXykmyMRvAmoznIvBK%2B1NVhPLsoGNWdph3ZS7ieC%2FOY3HmodCkWh51JDfp5eIxHrR8wZug%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479addba96e0a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
1534
icon-jacktop5.png
ad.gem88.win/images/ 		934 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-jacktop5.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
306b373301556d58c2ea00c4b5a45e65f61859ee5f4f812e4708b74c41af1d48

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-3a6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9b60L2v%2ByrspiXGXpio%2BivWA8DPlxuitVbB8txB%2FaW2hnTxfWwuqEU%2FICnL0LL8cURj6YYXfmIs%2BRsyI%2BTBzGV8YT9SkA9TqVkQFwVRuDinhFtiPXN5hCKvxLu0T73fOqgCNiR0SkoZtKQE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8479addba9720a16-MIA
alt-svc
h3=":443"; ma=86400
content-length
934
get_dynamic_configuration
api.livechatinc.com/v3.6/customer/action/ 		402 B
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=16649625&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fad.gem88.win%2F%3Fa%3D0b08d04b25bcd0ad4484c0f9dbd56c4e%26utm_campaign%3Danw%26utm_source%3Dclickadu%26utm_medium%3Dpopunder%26utm_term%3D1977923&channel_type=code&jsonp=__kk7gk3ndf9p
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.144 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-144.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fede407b794ed484b1109bf4618ed27648408d8a17b175a59e243a5c8819fe34
Security Headers
Name Value
Content-Security-Policy frame-ancestors ;
X-Frame-Options allow-from

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
frame-ancestors ;
date
Thu, 18 Jan 2024 20:45:00 GMT
content-length
402
vary
Accept-Encoding
x-frame-options
allow-from
content-type
application/javascript; charset=UTF-8
get_configuration
api.livechatinc.com/v3.4/customer/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=ef2f11e4-1091-4034-ac21-61891ac28f7e&version=108.0.2.50.156.93.2.3.4.26.3.4.1056&group_id=1&jsonp=__lc_static_config
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.144 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-144.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
30125e3c72c23b56d3b4c74bd29c2ce9947e5cdd286dc442b01e145fabbe48b2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
legacy
2024-05-31
cache-control
public, max-age=600
content-length
1721
expires
Thu, 18 Jan 2024 20:55:00 GMT
open_chat
secure.livechatinc.com/customer/action/ Frame 7811 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.livechatinc.com/customer/action/open_chat?license_id=16649625&group=1&embedded=1&widget_version=3&unique_groups=0
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.144 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-144.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4e4d53996a61b89653d8ac4e392e4221af3c21139ff9babfee23db2033876f67

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-length
2615
content-type
text/html; charset=utf-8
date
Thu, 18 Jan 2024 20:45:01 GMT
vary
Accept-Encoding
get_localization
api.livechatinc.com/v3.4/customer/action/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=ef2f11e4-1091-4034-ac21-61891ac28f7e&version=075b79d72a19c7c515c01775c17428ae_280255cebfb378fb1b940cc57366633a&language=vi&group_id=1&jsonp=__lc_localization
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.144 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-144.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
20fe76e9a86514a99ecd09e63a268f5c7492efea04cbefdd611d3e737ef5c9d3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:45:00 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
legacy
2024-05-31
cache-control
public, max-age=600
content-length
4673
expires
Thu, 18 Jan 2024 20:55:00 GMT
0.3c281e77.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 7811 		46 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/js/0.3c281e77.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=16649625&group=1&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.75 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-75.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6b1882751538bb6b1f01255645871ebd2a04fc619f45be11d6e16579c58f3a8e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
s7JOmISLwwgpEGiaMl95Z3wzNjv8vXC8
content-encoding
br
date
Thu, 18 Jan 2024 20:45:01 GMT
last-modified
Fri, 12 Jan 2024 09:52:27 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
etag
W/"502a11f37bddde8d4dc417fdb3443809"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
v_FMzHx__w8uunpibaLX21_WRx_QyvvgAH3ZTamAzspa5qX5bEfJ5w==
content-length
14898
expires
Fri, 17 Jan 2025 20:45:01 GMT
1.c5733af0.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 7811 		209 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/js/1.c5733af0.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=16649625&group=1&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.75 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-75.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e3e87b498af31b3820c0417ffe42e44d18d30319d22f9ff0b75b97b3efb96e89

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
j43VEgBEM.sbXBnegw.xhJBy9_6kCrLW
content-encoding
br
date
Thu, 18 Jan 2024 20:45:01 GMT
last-modified
Fri, 12 Jan 2024 09:52:27 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
etag
W/"4e97b2e808b7892b134b18c7e0f914f7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
a9bVnKukNXPg8b3vieS_DhPkAqDSN_PfW0ZfbvakW5Eq4yIAPAUsiQ==
content-length
66229
expires
Fri, 17 Jan 2025 20:45:01 GMT
iframe.b174d25c.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 7811 		808 KB
219 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/js/iframe.b174d25c.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=16649625&group=1&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.75 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-75.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1030fc8c187db2358c31d88b0ea4489e0f9398f0deda375d9545e11d90934fd6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
mmcQTPjpY_bzGm0spw27nqD2tBHpBh40
content-encoding
br
date
Thu, 18 Jan 2024 20:45:01 GMT
last-modified
Thu, 18 Jan 2024 12:13:52 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
etag
W/"638b31d408a172d71d52599872c55cc3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
4KoNaYSVga2zSHSHnE1Z-DBhnvnp0zgQCbWZmuJWg80bPBVhcbXm8g==
content-length
223672
expires
Fri, 17 Jan 2025 20:45:01 GMT
token
accounts.livechatinc.com/v2/customer/ Frame 7811 		195 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.livechatinc.com/v2/customer/token
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/widget/static/js/1.c5733af0.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.144 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-144.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e77be4af9400d071dc24c44aba2856540231d05208a94ef3ffcfee0a6a91cdd0

Request headers

Referer
https://secure.livechatinc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 20:45:01 GMT
content-type
application/json
access-control-allow-origin
https://secure.livechatinc.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
195
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-R9056WVBMG&gtm=45je41a0v9118954187&_p=1705610699079&gcd=11l1l1l1l1&dma=0&cid=1527677585.1705610700&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1705610699&sct=1&seg=0&dl=https%3A%2F%2Fad.gem88.win%2F%3Fa%3D0b08d04b25bcd0ad4484c0f9dbd56c4e%26utm_campaign%3Danw%26utm_source%3Dclickadu%26utm_medium%3Dpopunder%26utm_term%3D1977923&dt=&en=scroll&epn.percent_scrolled=90&_et=30&tfd=6922
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R9056WVBMG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 20:45:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ad.gem88.win
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api4.storeip-shopify.com
URL
https://api4.storeip-shopify.com/sw/collect?aff_id=0b08d04b25bcd0ad4484c0f9dbd56c4e
Domain
api6.storeip-shopify.com
URL
https://api6.storeip-shopify.com/sw/collect?aff_id=0b08d04b25bcd0ad4484c0f9dbd56c4e
Domain
gmwin.io
URL
https://gmwin.io/sw/collect?aff_id=0b08d04b25bcd0ad4484c0f9dbd56c4e

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 string| aff_id function| setCookiesLogIpv4 function| setCookiesLogIpv6 function| $ function| jQuery object| dataLayer boolean| isCHPlay boolean| isAppStore boolean| isApk boolean| isIpa number| isAction boolean| isRegis string| v object| google_tag_manager object| google_tag_data string| myDomainPV string| idPixelPV string| srcPV function| fbq function| _fbq object| iv object| key object| conf string| affId string| userAgent object| urlParams boolean| openCHplay boolean| ipv4Res boolean| ipv6Res string| query_string function| checkResp function| logIps function| parseUTM string| app_id object| session function| onRegFrmSubmit function| onLoginFrmSubmit function| onLogin function| onRegister boolean| isMobile object| notifications boolean| isIPadPro boolean| autofill object| idgame object| totaljackpot number| total object| namegames function| lazyLoading function| onPlayWeb boolean| jackpotRunning function| onJackpot number| notificationTimer boolean| notificationInit boolean| notificationCall boolean| notificationRunning function| onNotifications function| showInfo function| setEncrypt function| onDownloadAndroid function| onDownloadIos function| setCookiesTracking boolean| ipv4 boolean| ipv6 object| LC_API number| t function| getIP object| bootstrap function| Fingerprint2 object| CryptoJS function| UAParser object| __lc function| onYouTubeIframeAPIReady object| gaGlobal object| notijackpot boolean| __lc_inited

7 Cookies

Domain/Path Name / Value
.accounts.livechatinc.com/v2/customer/token Name: __lc_cid
Value: 56169620-6e37-4d65-b736-d10c8ca29eff
.accounts.livechatinc.com/v2/customer/token Name: __lc_cst
Value: 9b255d56b53991431ace7862830a05cf8709139e9c5503db44fb2014a29914550efc65f7882416044c9674726e79f7de2a1966dadead584f736da72bdb67
.accounts.livechatinc.com/customer/token Name: __lc_cid
Value: 56169620-6e37-4d65-b736-d10c8ca29eff
.accounts.livechatinc.com/customer/token Name: __lc_cst
Value: 9b255d56b53991431ace7862830a05cf8709139e9c5503db44fb2014a29914550efc65f7882416044c9674726e79f7de2a1966dadead584f736da72bdb67
.gem88.win/ Name: _ga
Value: GA1.1.1527677585.1705610700
.gem88.win/ Name: _ga_R9056WVBMG
Value: GS1.1.1705610699.1.0.1705610699.0.0.0
accounts.livechatinc.com/ Name: __oauth_redirect_detector
Value: counter=1&t=1705610731&tag=f6401bd21d92e6369b84cadcb255a25c903f78bf

6 Console Messages

Source Level URL
Text
javascript error URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Message:
Access to XMLHttpRequest at 'https://api6.storeip-shopify.com/sw/collect?aff_id=0b08d04b25bcd0ad4484c0f9dbd56c4e' from origin 'https://ad.gem88.win' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api6.storeip-shopify.com/sw/collect?aff_id=0b08d04b25bcd0ad4484c0f9dbd56c4e
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1977923
Message:
Access to XMLHttpRequest at 'https://api4.storeip-shopify.com/sw/collect?aff_id=0b08d04b25bcd0ad4484c0f9dbd56c4e' from origin 'https://ad.gem88.win' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api4.storeip-shopify.com/sw/collect?aff_id=0b08d04b25bcd0ad4484c0f9dbd56c4e
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://cdn.livechatinc.com/widget/static/js/iframe.b174d25c.chunk.js(Line 1)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other warning URL: https://cdn.livechatinc.com/tracking.js
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.livechatinc.com
ad.gem88.win
api.livechatinc.com
api4.storeip-shopify.com
api6.storeip-shopify.com
cdn.livechatinc.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
gmwin.io
secure.livechatinc.com
www.google-analytics.com
www.googletagmanager.com
api4.storeip-shopify.com
api6.storeip-shopify.com
gmwin.io
2001:4860:4802:32::178
209.97.168.10
23.48.224.144
23.48.224.75
2400:6180:0:d1::61a:e001
2606:4700:3031::6815:5025
2606:4700:3032::ac43:adae
2607:f8b0:4006:80f::2008
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81e::2003
2a03:2880:f012:8:face:b00c:0:1
0342a64f0d2ab3c294b31ca7b129729f4128731f037a4201fcd6e12a184d7cdc
08e1ffda33d81046bf53cb65a20acc3dd4249e3c0e4e14b0e39f85e04194e98a
1030fc8c187db2358c31d88b0ea4489e0f9398f0deda375d9545e11d90934fd6
11a5dabcd9588c0e8c628952107c2c0bd572087ee84a8ea75ffddcda87d063a7
1334fc4f83d8709a632ab9fd8d22c4e2868b30534f58d11f8a029456666dcc71
150e991344277d2ed02609b431389e719a7133fc719ad8caf9e5b24740e8d694
1c9d6b9b0ae9bc6c9c0059e96e8d679b82a868c59ec1e9bee350bc6e2edf2186
20ec31f21d2cbac58e7e6f6e40fdadf664a2c3b892b4698213687457fb8d0257
20fe76e9a86514a99ecd09e63a268f5c7492efea04cbefdd611d3e737ef5c9d3
25adcb5829f4e373982ac7be939819c77761f28132c5728725638d766d49b06b
26a448d7f02e7b021d15ba5d546ce57d822e6c7728420eb089a23adf10ea26ef
2bc27df30f2056611a375e141bbd6ed4de7f7574a0acc2f265cd52fa8a7d72e6
30125e3c72c23b56d3b4c74bd29c2ce9947e5cdd286dc442b01e145fabbe48b2
306b373301556d58c2ea00c4b5a45e65f61859ee5f4f812e4708b74c41af1d48
36c64ee60a979a9056c04de2092ff68c0744e24029d7add30fc6c7342d3e47fb
3717be19007b1fd3ccc6c03c33d310ea8e7d3e4d51bc8ba27e617b5f5b477403
390ce98007919f2c965bbeca83ddaf8fb23fe662bca93006b5fc3dd7f1c20b78
3c5da9fa4f696362b6832648e51af1420004535e4e8267bf0dbbf289dbb51669
40e20d0623dba65f3a7be919bd1b4213c5759ea7d362598e2fffcd03ecb72ade
41841244ce6ed4f465cfb868c420edeb0f64c532c5a31329bcdacf8c7841d852
45e64a2d90de9f35073296ea108245328541ba68b6553bbeb5ed5cb6a8528176
4e4d53996a61b89653d8ac4e392e4221af3c21139ff9babfee23db2033876f67
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e
595eb22f555f9317ce271066d3536a64b5628d8d99c22e8844c48297b770fce4
5ade47c7bfe9cb00a16c8b4fa265aa07e8fa676f051e23d1d8a4fbfdb86fef1b
5b7d1a33f8a26fadb03580db340f76f5fed5e5b765d0563048687638f7a0269b
5eed0f9e2fc88385306cc4d2aa8bcd1fc329e7354a29a265809094ba409045ce
637bc10ddc6784ea531a496255c1d649b56800f5e26dcdc2f41c31c244353761
647be14a6401e00f3d516ae4415fcd53940ce6602d4efa9594a3572e949e6a8c
64e213916d9877bca7d7dae986f5f87c6fe7699316371c948913c216b93c41f2
65c82fd39e63e481e8718fbc5507615e8d88331056eb7a3b5454ac94bd7faeab
698a7dd29e741793552da6fd4cc98192ad6da8478aeaa0443e27f57f4e9481b4
6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9
6b1882751538bb6b1f01255645871ebd2a04fc619f45be11d6e16579c58f3a8e
6bb18753865e24b64d4ffdc33cf87d83ef112d23fe18adafab4dc99939f6e0c6
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
707a7ed66ec0a3a3a48dd9875948c4660ece2725b6b6aa03b635b2d30060aa1f
762ead9dbd6081f969db272c17bb280daa359f45e2f82519531a2392ca4fcaf1
7a82b32ea4fcf428a441750c401b3a4752f501995403538889c6d697db4e265e
7aa4d5de5abdae4603540b48171e45742399584aa06f8ddefe4bdc547de20e35
85a914ae4cdbc9c034bb19398eee3bff1effe990f4f934cd704842fd4b79ab01
8850ad2a073a4e12ff7984cdc1d8a1815020c76f2e7cd96656fe04d0e4e31f2a
911b2a27d3669540b4ab50ee0f9608ff88c0469f9dd694b110efdbc1b81a2c5b
9c91fd27f6f8293117478def18959bf5053f3dcf98ebb6347905974f6113f163
ab11db15dbc833f5586d15f59fa66b8cb1aa7d1086985d8c8b82b4b7d91f078c
ae34e2543ec92b8c440339855cf1829b8107fdecb3280d43ba905b59715f6fc0
b0210b490fceb299ba4561c1fc0a13f330191f5ee0aa4a17a4e700abe1037b85
b6658297a10eb33e2d3d139f9cea73e2885635495fa475cc4f1fdf41c2ebac72
bb2489c0eeffa420686b1bb54575790cadfeb3344d2063ac26bb38d4e1ee9c5b
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bca08b5abefcb969515978e1a62cdc71eedb282539de0a93da72ef604ddfb905
c3ba98f60481267b1d7e20f2743d93ed2bba4daf00c9104801d8f51f4d7bf77c
cae5fb3cd0e270761ca6bc4e1706167b165ed124095a74573d5bc2f2f449df6e
cbcad0512f42296a7388501662662ef64652a9daa3fb39147352b657b61acb9c
dd7fe97d8b0b2a686e232ef2a8b711f5195bc543f5b660e684685c7e66b8f2f0
de851a1267df76e4648aaa1059368f8156ab759db4ef70da4245dd6326e7cef8
df4c4d50f9082a8d502245115432b004535b78dfc6dcc5d4f206e875fabc5575
dfbfc9dc04b6b4455ab64b11510a6e1bc4e942827cca6848d6aab7c59cb8a03f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e87b498af31b3820c0417ffe42e44d18d30319d22f9ff0b75b97b3efb96e89
e66619ac22c40ebb4b8ac9284325bb301e77423dee32a5bf091a8d0e8894ff45
e77be4af9400d071dc24c44aba2856540231d05208a94ef3ffcfee0a6a91cdd0
e9ce5a276819119f1b6223228d236ffdf3d8d83014b08a4e1c909310fd261f3d
ed522d1bf5b935ecb33a5896bbf3d84e910104318a5b41c9b9f1e5ab3f72dc01
f3c6d54c27cb6f6eb3986a10b70080fce7c6378d873340cb9856a7d41e556127
f6155fdbd8360064763e6e9eba26ee73353d2fe4754b58ae921a9541ccb40ca6
f9d251e4fae4ce41096ac504dcc8277b13509f3b21716fa6bf2bbbf248299428
f9e2239870527126a2d0e3913cc7e61f1e1e2ddf0ada4da600fd8c60f93428b5
fa49fbae9156dc680c02ec2554ef484426e2a98f0f0d16b3050c951f1a031d67
fa715f294b6d9b97487327a36ebd9038d88d3832a31e35bc65d1f2e84d1cee2f
fc3cade2468407b0311a0bb58b781b1ca93c01c1965c49e41ca133d694dfd316
fc4bb8ac313e71046cdd1825c199e757213f8bc16e9c012300b71ffa06a54fd8
fd67f2b53732ab3114169952b7564c7535f82d1bdc74dd1862520e521c9c25b9
fddeffd4b4a71238d91e4d88e216ef4c20d77ab9010017d559c1c48220b1d69f
fede407b794ed484b1109bf4618ed27648408d8a17b175a59e243a5c8819fe34