172.104.41.68 Open in urlscan Pro
172.104.41.68 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://172.104.41.68/register?ref=dutafilm
Effective URL:
https://172.104.41.68/home?register&ref=dutafilm
Submission: On March 08 via manual (March 8th 2022, 2:35:55 pm UTC) from RO — Scanned from DE

Summary HTTP 115 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 12 domains to perform 115 HTTP transactions. The main IP is 172.104.41.68, located in Singapore, Singapore and belongs to LINODE-AP Linode, LLC, US. The main domain is 172.104.41.68.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 30th 2021. Valid for: a year.

This is the only time 172.104.41.68 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	172.104.41.68 172.104.41.68	63949 (LINODE-AP...) (LINODE-AP Linode)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	51.210.32.132 51.210.32.132	16276 (OVH) (OVH)
19	2606:4700:20:... 2606:4700:20::681a:f27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
42	2606:4700:303... 2606:4700:3036::ac43:a29f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:471e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	213.187.229.56 213.187.229.56	43937 (PTNET) (PTNET)
13	2606:4700:10:... 2606:4700:10::ac43:2642	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2606:4700:10:... 2606:4700:10::6816:1983	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4761	13335 (CLOUDFLAR...) (CLOUDFLARENET)
115	14

14 172.104.41.68 (Singapore, Singapore) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1621-68.members.linode.com

172.104.41.68	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.210.32.132 (France)

ASN16276 (OVH, FR)
PTR: ns3172604.ip-51-210-32.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700:20::681a:f27 (United States)

ASN13335 (CLOUDFLARENET, US)

api2-hy8.tr8ngames.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2606:4700:3036::ac43:a29f (United States)

ASN13335 (CLOUDFLARENET, US)

nx-cdn.trgwl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:471e (United States)

ASN13335 (CLOUDFLARENET, US)

img.kotakputih.casa	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.187.229.56 (Canada)

ASN43937 (PTNET, EE)

tickers.playtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:10::ac43:2642 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:10::6816:1983 (United States)

ASN13335 (CLOUDFLARENET, US)

va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4761 (United States)

ASN13335 (CLOUDFLARENET, US)

tawk.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	trgwl.com nx-cdn.trgwl.com — Cisco Umbrella Rank: 157866	3 MB
28	tawk.to embed.tawk.to — Cisco Umbrella Rank: 8399 va.tawk.to — Cisco Umbrella Rank: 8094	230 KB
19	tr8ngames.com api2-hy8.tr8ngames.com	3 MB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
2	gstatic.com fonts.gstatic.com	47 KB
2	ibb.co i.ibb.co — Cisco Umbrella Rank: 13299	38 KB
1	tawk.link tawk.link — Cisco Umbrella Rank: 35004	3 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 403	39 KB
1	playtech.com tickers.playtech.com — Cisco Umbrella Rank: 139032	8 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	345 B
1	kotakputih.casa img.kotakputih.casa — Cisco Umbrella Rank: 623954	192 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	64 KB
115	12

	Domain	Requested by
42	nx-cdn.trgwl.com	172.104.41.68
23	embed.tawk.to	172.104.41.68 embed.tawk.to
19	api2-hy8.tr8ngames.com	172.104.41.68
5	va.tawk.to	embed.tawk.to
3	fonts.googleapis.com	embed.tawk.to
2	fonts.gstatic.com	fonts.googleapis.com
2	i.ibb.co	172.104.41.68
1	tawk.link
1	cdn.jsdelivr.net	embed.tawk.to
1	tickers.playtech.com	172.104.41.68
1	www.google-analytics.com	www.googletagmanager.com
1	img.kotakputih.casa	172.104.41.68
1	www.googletagmanager.com	172.104.41.68
115	13

This site contains links to these domains. Also see Links.

Domain
api.whatsapp.com
www.instagram.com
apk-depot.s3.ap-northeast-1.amazonaws.com
www.bearflagmuseum.org
nexusengine.com

Subject Issuer	Validity	Valid
juara.cc Sectigo RSA Domain Validation Secure Server CA	`2021-09-30` - `2022-09-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
ibb.co R3	`2022-02-05` - `2022-05-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-10` - `2022-07-09`	a year	crt.sh
*.trgwl.com R3	`2022-03-07` - `2022-06-05`	3 months	crt.sh
*.playtech.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-06-01` - `2022-06-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://172.104.41.68/home?register&ref=dutafilm
Frame ID: 0B41248CD03D9504589D5B3708AD242C
Requests: 99 HTTP requests in this frame

Frame: https://tickers.playtech.com/js?info=2&casino=winforfun88&currency=USD
Frame ID: 7AF1608837B556A32E154C99412B1CB8
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/6225a12c754/css/min-widget.css
Frame ID: 0F03F6A07EABFE6F81C0EF3CC99A37AE
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/6225a12c754/css/message-preview.css
Frame ID: C1EDCE94E5BEDF3A40283F099FE038D7
Requests: 5 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/6225a12c754/css/max-widget.css
Frame ID: 2A3FB582CE525D7AD0CDB40450DE00AF
Requests: 2 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/6225a12c754/css/bubble-widget.css
Frame ID: A456025CC40DB12414CC6C544AC11897
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

1 pesan baru

Page URL History Show full URLs

https://172.104.41.68/register?ref=dutafilm HTTP 302
https://172.104.41.68/home?register&ref=dutafilm Page URL

Detected technologies

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

115
Requests

100 %
HTTPS

79 %
IPv6

12
Domains

13
Subdomains

14
IPs

5
Countries

6841 kB
Transfer

8316 kB
Size

10
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://api.whatsapp.com/send?phone=+6285781688834

Search URL Search Domain Scan URL

URL: https://www.instagram.com/heyslot88

Search URL Search Domain Scan URL

URL: https://apk-depot.s3.ap-northeast-1.amazonaws.com/hy8.apk

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=6285781688834
Title: +6285781688834

Search URL Search Domain Scan URL

URL: https://www.bearflagmuseum.org/
Title: judi slot online

Search URL Search Domain Scan URL

URL: https://www.instagram.com/heyslot88/

Search URL Search Domain Scan URL

URL: https://nexusengine.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://172.104.41.68/register?ref=dutafilm HTTP 302
https://172.104.41.68/home?register&ref=dutafilm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

115 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request home Show response
172.104.41.68/
Redirect Chain

https://172.104.41.68/register?ref=dutafilm
https://172.104.41.68/home?register&ref=dutafilm

197 KB
26 KB

571ms
571ms

Document
text/html

172.104.41.68
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://172.104.41.68/home?register&ref=dutafilm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.104.41.68 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1621-68.members.linode.com

Software

nginx /

Resource Hash

414d328252c645d965da0dfb669ce2508572997718207bac420a080588eb7466

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Tue, 08 Mar 2022 14:35:47 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, s-maxage=0
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iHX3PTJcMtA4y%2B8Gbjs6tsY2fJMKyFDH5bnztGGxNfEcsSRYwQLpx0Ocs15P9clx2tUMvAOkXdFxEJolYpDMSTsVNi23MJsKSM5K5xhga7VybwoiboHv%2FK%2BS2Mb9UoKlm5QMz2Y%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 6e8c4ca20a97016a-SIN
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Tue, 08 Mar 2022 14:35:46 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, s-maxage=0
Location: /home?register&ref=dutafilm
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YPyFh5yf0XEgHYLiG3Z0gkVZa7%2FJNofa4PlBh62dJA357tyfuGlWo7fbjAdmO5EbrwsILzKfG%2Fk3yYL4grKGpj0dIRZwAyh1isbiAluFuxrN7WskYS9tHTcn%2B5hQ3NEd4mTbYk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 6e8c4c9fda2c87e9-SIN

GET
H/1.1 200
OK glyphicons-halflings-regular.woff
172.104.41.68/fonts/ 16 KB
18 KB 276ms
275ms Font
font/x-woff 172.104.41.68
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://172.104.41.68/fonts/glyphicons-halflings-regular.woff

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.104.41.68 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1621-68.members.linode.com

Software

nginx /

Resource Hash

71c12656535e99119c2a952c10554cd6f47c6923d2d96155a7833276e68992af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://172.104.41.68/home?register&ref=dutafilm
Origin: https://172.104.41.68
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 14:35:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: BYPASS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvJLBeYvE7xCZXr6JRDo%2BkC6YzrSmq41itwmiTEXkW%2FKZ7CbIGIpClOCwr6JONb%2BI%2BMFnU8KqLJKL8gCXvAd9dM5ri1fs91n%2B0S8SaLJ8LWZUZUaJLT57E5%2FJB%2FGFowaA8D%2FAMNMWGX%2BHWJBdnzcYvc%3D"}],"group":"cf-nel","max_age":604800}
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 07 Feb 2022 22:53:56 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"05af495751cd81:0"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: font/x-woff
Cache-Control: max-age=31536000
CF-RAY: 6e8c4ca5baba87c6-SIN

GET
H/1.1 200
OK Lato-Regular.woff2
172.104.41.68/fonts/ 178 KB
180 KB 834ms
484ms Font
application/font-woff2 172.104.41.68
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://172.104.41.68/fonts/Lato-Regular.woff2

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.104.41.68 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1621-68.members.linode.com

Software

nginx /

Resource Hash

983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://172.104.41.68/home?register&ref=dutafilm
Origin: https://172.104.41.68
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 14:35:47 GMT
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: BYPASS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 182708
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 07 Feb 2022 22:53:56 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "05af495751cd81:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7X%2BJfOrZMbA%2FMnc7dyOcpAYo2qU9gHV9NaUxtrVdXkyks4U1xhMcs7q8TX226b8voy9p0fB9Yf%2FnekTSdyb8xtu8qFvOWoAOEvROvhZp7n9tJhfeQtGUjuWIDO7hJ7%2B8%2FJaOcjXPKL0uO2bSTNpAgM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/font-woff2
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 6e8c4ca7eb27484c-SIN

GET
H/1.1 200
OK lato-bold.woff2
172.104.41.68/fonts/ 24 KB
26 KB 805ms
454ms Font
application/font-woff2 172.104.41.68
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://172.104.41.68/fonts/lato-bold.woff2

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.104.41.68 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1621-68.members.linode.com

Software

nginx /

Resource Hash

fa1e2abf03fae481aac90a92038552d55518c2cd36d7400370ebd357e1c1126f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://172.104.41.68/home?register&ref=dutafilm
Origin: https://172.104.41.68
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 14:35:47 GMT
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: BYPASS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 24388
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 07 Feb 2022 22:53:56 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "05af495751cd81:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iBgFrVDuYjRYb3bBciLwFUYUcWfXruMqb343YbhHupTp9OybM1YsQfNjbd%2F2b3LTueBV%2F6rbw0SYaAnALd3OyOIF8Q%2FKcXxqoc5DP2x2IQ0MsDkqJohjWVeGZOV%2B672%2BzPon4c8ohgGU4gmFWSSHuws%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/font-woff2
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 6e8c4ca7ea54879f-SIN

GET
H/1.1 200
OK Open24DisplaySt.woff2
172.104.41.68/fonts/ 6 KB
8 KB 658ms
308ms Font
application/font-woff2 172.104.41.68
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://172.104.41.68/fonts/Open24DisplaySt.woff2

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.104.41.68 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1621-68.members.linode.com

Software

nginx /

Resource Hash

2991f771f85700b7f88a8944a66afcd96199467920eec36cbb7ea77b6028f1dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://172.104.41.68/home?register&ref=dutafilm
Origin: https://172.104.41.68
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 14:35:47 GMT
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: BYPASS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 6100
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 07 Feb 2022 22:53:56 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "05af495751cd81:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOpd3IcQ2aZhixHGFs1%2BLlZgExplwmLACMMSaX4Z4KIQQpK%2B8gN3y8b9bhdu1PQXaCGBPyLNECbx8J%2FSA7iEfv78eZ9nQDyzNZTmtMYEm8Mv2exTW7WkjJezVvP45debOZNZzgc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/font-woff2
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 6e8c4ca7d947471b-SIN

GET
H/1.1 200
OK nexus-beta-desktop-css
172.104.41.68/Content/ 165 KB
44 KB 561ms
285ms Stylesheet
text/css 172.104.41.68
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://172.104.41.68/Content/nexus-beta-desktop-css?v=kxkw7jNXJ4K6LbUcM2NR_Wj8MIYv_Wo_LpI0EFO4DyY1

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.104.41.68 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1621-68.members.linode.com

Software

nginx /

Resource Hash

3822d4f71c4276578e48d5325bdb5e0b2956155f26a01d8a470d422089cf23f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/home?register&ref=dutafilm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 14:35:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Vary: User-Agent,Accept-Encoding
Content-Length: 43293
X-Xss-Protection: 1; mode=block
Last-Modified: Tue, 08 Mar 2022 14:35:47 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2FaGGSAnvvTaj5Ttg8djf8VEf58CFHXRUsPtKLyX6e9gFhb9tlUcdwvLa80GCbbIsWzbKjx2HhNcPoE0r5D0Xl24%2BfOh1f10cO%2F2kmwwIlw4qCbPjRn%2BRJ9oVsOL1GpM90rJtfc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css; charset=utf-8
Cache-Control: public
CF-RAY: 6e8c4ca77910883a-SIN
Expires: Wed, 08 Mar 2023 14:35:47 GMT

GET
H/1.1 200
OK nexus-beta-desktop-css
172.104.41.68/Content/Home/ 5 KB
3 KB 593ms
261ms Stylesheet
text/css 172.104.41.68
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://172.104.41.68/Content/Home/nexus-beta-desktop-css?v=3QTBY706xBJzO4T38C6SH7PQgKi3zzS4HdTHEKlxM_g1

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.104.41.68 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1621-68.members.linode.com

Software

nginx /

Resource Hash

e846fb2ccbbcbfaf3548535474955706f7b6dba9dc117029a6a578eeebcd3c9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/home?register&ref=dutafilm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 14:35:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Vary: User-Agent,Accept-Encoding
Content-Length: 1606
X-Xss-Protection: 1; mode=block
Last-Modified: Tue, 08 Mar 2022 14:35:47 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ouu%2FDDLGcr79Nl0wrpVoI%2BF6bsmdk91TDN8bVJMD0elVlzJWzDwuX1WT8MCcCCx7TRBL14tORNdzoLdpD4bYb3A4OBioBI6myHFX3RBCQZGbfezXwH9Rjmh5JDxpOWDQrV1BCVotzw4GiwQ%2FEtC2Jg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css; charset=utf-8
Cache-Control: public
CF-RAY: 6e8c4ca7bd79cbdc-SIN
Expires: Wed, 08 Mar 2023 14:35:47 GMT

GET
H/1.1 200
OK nexus-beta-desktop-dark-gold-css
172.104.41.68/Content/Theme/ 19 KB
7 KB 596ms
264ms Stylesheet
text/css 172.104.41.68
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://172.104.41.68/Content/Theme/nexus-beta-desktop-dark-gold-css?v=phpzhwfSJf9XBglWomvJVs5DLCW2XA9iOm4LV3pnH8A1

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.104.41.68 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1621-68.members.linode.com

Software

nginx /

Resource Hash

424ebfdc53333821484efe2dd2e4299e8079cc3164dcd47691f094c790200fda

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/home?register&ref=dutafilm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 14:35:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Vary: User-Agent,Accept-Encoding
Content-Length: 5305
X-Xss-Protection: 1; mode=block
Last-Modified: Tue, 08 Mar 2022 14:35:47 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zN6WdLIPYTsHb0ybjrSTn3rayKQxx67sxJ9jBXJhtrHPcpUdyizdVf%2FYxcT4EwstJj5wLC9erpoPIk%2FUtMGTu1mdQknb6gYRfILDHY3jHNvLOAdIkGUcbd9qJ8fbN%2BElndmEjxw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css; charset=utf-8
Cache-Control: public
CF-RAY: 6e8c4ca7bd7b6bf4-SIN
Expires: Wed, 08 Mar 2023 14:35:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 171 KB
64 KB 82ms
43ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Y115330H68

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

09dbcb3cddf388ce3e4a0edc608e2ceff3256cefbb0567503b8326c6fe7a09a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:48 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64546
x-xss-protection: 0
expires: Tue, 08 Mar 2022 14:35:48 GMT

GET
H2 200 logowhatsapp.png
i.ibb.co/2dX1f02/ 32 KB
32 KB 74ms
25ms Image
image/png 51.210.32.132
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/2dX1f02/logowhatsapp.png
Requested by: Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.210.32.132 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3172604.ip-51-210-32.eu
Software: nginx /
Resource Hash: 34984ad00abb1b783d6785ea2806cbac007736446357c28fe4a7574cdd60e195

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:48 GMT
last-modified: Tue, 17 Aug 2021 15:25:02 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32280
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ig.png
i.ibb.co/X5mdZVq/ 6 KB
6 KB 74ms
25ms Image
image/png 51.210.32.132
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/X5mdZVq/ig.png
Requested by: Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.210.32.132 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3172604.ip-51-210-32.eu
Software: nginx /
Resource Hash: af2c26292bb75dbaf9a8e5ff20f7564aa3c0822edbc65b3f887a51e6306f7e2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:48 GMT
last-modified: Mon, 06 Dec 2021 12:34:40 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 6088
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo_03466087-a4b6-49ad-a901-ea761c4cac72_1646520460187.png
api2-hy8.tr8ngames.com/images/ 20 KB
21 KB 905ms
829ms Image
image/png 2606:4700:20::681a:f27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-hy8.tr8ngames.com/images/logo_03466087-a4b6-49ad-a901-ea761c4cac72_1646520460187.png

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bac2b83e9b5ca55fa13ba2687ca9d50f5608a0d939acb25454962dd7ad5317d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:49 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 20504
x-xss-protection: 1; mode=block
last-modified: Sat, 05 Mar 2022 22:50:36 GMT
server: cloudflare
etag: "3218d96de330d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KjhQ3i8ryaSwyo1uEKg0apcf4bI%2BtPsamb5cYnU9hAiC8ycH%2FQoph6YK3%2BH0GQz8r%2BCZzR96lyvCxODndBO%2FPwoxZmHDw7QBMg%2Fjn47OwRcGN6sCRNHICfUmFEo5zw1GJ4J%2B8%2FL%2BXXVnXDRH9MI3%2Fj%2BsBPQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 6e8c4caa7eca9001-FRA

GET
H2 200 id_cbd_73c0f9b3-83cb-4573-9839-fcc7d3d3f80a_1634211332560.jpg
api2-hy8.tr8ngames.com/images/ 259 KB
260 KB 900ms
824ms Image
image/jpeg 2606:4700:20::681a:f27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-hy8.tr8ngames.com/images/id_cbd_73c0f9b3-83cb-4573-9839-fcc7d3d3f80a_1634211332560.jpg

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6026d009ef5615708c7dd6265a1344c2e2cccdb49e9b6ea0c432efa70124cdd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:49 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 265562
x-xss-protection: 1; mode=block
last-modified: Tue, 19 Oct 2021 23:31:09 GMT
server: cloudflare
etag: "65b43e6541c5d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X9rryj2NjonpEVywHCNGFu8Jl6uGH5GXoeEtr6GyOXuZAEXm%2ByfQQCUeINjqwVPGqwdNFpSi4%2FRP4ilhJXQcU2xp60q1XBfPoakK0whRFVU5ckqYCLny7%2BVonMGZ7di03%2Fj%2BneVZXInrR9BD3GApPRLaDiw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6e8c4caa7ee09001-FRA

GET
H2 200 id_cbd_81dcee02-4049-4703-b1af-fe136cccc67f_1638891139190.jpg
api2-hy8.tr8ngames.com/images/ 306 KB
307 KB 909ms
833ms Image
image/jpeg 2606:4700:20::681a:f27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-hy8.tr8ngames.com/images/id_cbd_81dcee02-4049-4703-b1af-fe136cccc67f_1638891139190.jpg

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6712d97891281fa1c4f5ca7fa525b6724068d2da5a6654e170c0a4bb0bfc178

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:49 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 312964
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Dec 2021 23:38:01 GMT
server: cloudflare
etag: "776d5aa243f1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3M9%2FyQ5MYE%2FrX8ovBZjuORk4WDj1Nk8Qh%2FEFMN6CtRLy3aXeSQN18e6UcbdwXFIptXVaLgDB%2B%2FohTbhkq0cIbXHx%2FVtcItNGl3Sz8IkdzzVoJ12KPXgp%2BtqJsATMru%2Bl6R1eBkF77Dfl8LssZqp1akL3bI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6e8c4caa7ee19001-FRA

GET
H2 200 id_cbd_25a59932-d8c8-44f1-94f7-d8fdabb59f0f_1634211354287.jpg
api2-hy8.tr8ngames.com/images/ 268 KB
269 KB 969ms
893ms Image
image/jpeg 2606:4700:20::681a:f27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-hy8.tr8ngames.com/images/id_cbd_25a59932-d8c8-44f1-94f7-d8fdabb59f0f_1634211354287.jpg

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbd766ec3adb16a1365df479085ad59b1ae4902b1e1d5ee7fb99e66ec1fe00cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:49 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 274784
x-xss-protection: 1; mode=block
last-modified: Tue, 19 Oct 2021 23:31:09 GMT
server: cloudflare
etag: "20909a6541c5d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTEDy2glbh7yEX7GNwvCVz906qC9iczu1z88ehtr4fkBqw7nGWC7ZZlrydsAwM%2BeIqXt40HHzvaPsYXJtlX6rYwAe6AoZi1J%2FRrkP7RtrWkRK3AmU60R6qjtzYnzvTNhfHy0wbQ5hsoNFXITv%2FxFrUMFctw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6e8c4caa7ee99001-FRA

GET
H2 200 id_cbd_8cd56462-aea9-484f-b480-f6a13253e13b_1638795764423.jpg
api2-hy8.tr8ngames.com/images/ 301 KB
302 KB 966ms
890ms Image
image/jpeg 2606:4700:20::681a:f27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-hy8.tr8ngames.com/images/id_cbd_8cd56462-aea9-484f-b480-f6a13253e13b_1638795764423.jpg

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b11f3ebed0d1114ebcd6fbe310a5f40a8ef3545155998b2fd9d769993de24c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:49 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 307786
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Dec 2021 23:38:02 GMT
server: cloudflare
etag: "245171a243f1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aDJPLpAtkxf9SYpzGenpGki%2BTnxVW6pymRnCyFR%2FPYc0POYLhbT6m7fUZJTOrKiF5pFJj3ropkQqXhhtZPA4AlY3ZtzbOgyhymoSrdBTlc9PGezgBFqI0ABmTuGijC4yJGFkQQgTTfykkiJ3PSHUnApVRDk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6e8c4caa7eea9001-FRA

GET
H2 200 id_cbd_5788559b-8649-4d47-bb60-29890218998c_1638891181227.jpg
api2-hy8.tr8ngames.com/images/ 308 KB
309 KB 974ms
899ms Image
image/jpeg 2606:4700:20::681a:f27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-hy8.tr8ngames.com/images/id_cbd_5788559b-8649-4d47-bb60-29890218998c_1638891181227.jpg

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b067a1708ef09d669f50e78cef5228f06d66298a40bd3718f49ca9c86d8f99e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:49 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 315189
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Dec 2021 23:38:02 GMT
server: cloudflare
etag: "eb50a9a243f1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FOjZYct5GmyUyExB2EIyYn1PO7pmSawyLc35%2BeMmix%2BgCy3CAgo5OrpB30Qv5C26LXDrG%2BPgZQhfkrQTaDSq%2BHxX23w6iAIOK5QRtoRhTS1bNUpOfzIloe74yVIR0v39lhjyB53q4Atqnp0kctu8JqBig2s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6e8c4caa7eec9001-FRA

GET
H2 200 id_cbd_0635b328-d7f3-452b-923a-4c5c9157cf95_1634211442480.jpg
api2-hy8.tr8ngames.com/images/ 276 KB
277 KB 862ms
860ms Image
image/jpeg 2606:4700:20::681a:f27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-hy8.tr8ngames.com/images/id_cbd_0635b328-d7f3-452b-923a-4c5c9157cf95_1634211442480.jpg

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a29f90d30fc7f86b6daa0138803f34079704437e4b11d2deb1c8717f0367291c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:49 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 282810
x-xss-protection: 1; mode=block
last-modified: Tue, 19 Oct 2021 23:31:11 GMT
server: cloudflare
etag: "754b506641c5d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zfd5Wq268F%2FbzuDaE%2FwEHDxRyFX%2Fp%2FT6q6Y%2B8Co0aTvY3tHcuxtDnwtjxJ0eLk%2FjGpXWn0AP6PN2EtrDNiAb3I3Q7CXNet8Q7xZ4RNQSOsYZ8g0ckyFfKMdKmGCY%2FOlFu76YBf3cMUvd9J5V9HQQbo2XzJ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6e8c4caa8ef19001-FRA

GET
H2 200 id_cbd_de9c9eb6-1a93-4cad-a134-03147972cf68_1634211399523.jpg
api2-hy8.tr8ngames.com/images/ 256 KB
257 KB 853ms
851ms Image
image/jpeg 2606:4700:20::681a:f27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-hy8.tr8ngames.com/images/id_cbd_de9c9eb6-1a93-4cad-a134-03147972cf68_1634211399523.jpg

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c80965a7f538b31d736fd29457c9d13908c50a2bffd3ea8c4ad5cf746564d33d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:49 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 262353
x-xss-protection: 1; mode=block
last-modified: Tue, 19 Oct 2021 23:31:10 GMT
server: cloudflare
etag: "94acf36541c5d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VsuSeCH42yxd%2BEPBc4%2B%2BNXlndbcbQ%2B9mlnC6RSVPEl5xmx6z9ze%2FAlN62OZQNtn9178UZmp9xzQeTn7A21%2FUp4Q2T2j8rfjD0aqDpUNfyMSUSzbj3kp%2BVsn18rm4OBOzEzfC4aZisYYIPCKDkNFnd0GukQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6e8c4caa8ef29001-FRA

GET
H2 200 id_cbd_fbc05e95-5b82-4e27-8ae4-0e202b55f007_1634211422853.jpg
api2-hy8.tr8ngames.com/images/ 284 KB
285 KB 908ms
906ms Image
image/jpeg 2606:4700:20::681a:f27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-hy8.tr8ngames.com/images/id_cbd_fbc05e95-5b82-4e27-8ae4-0e202b55f007_1634211422853.jpg

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71f9edc92a4cedec2d9164b63a2b5ced856d46e73b67e16fa8170d522dd35b47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:49 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 291105
x-xss-protection: 1; mode=block
last-modified: Tue, 19 Oct 2021 23:31:10 GMT
server: cloudflare
etag: "ddd2226641c5d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HW13Hmf%2BAj3qpKOJ8y7EFnNhxJsty4n1wk6BBCtGr8BPh2Ox%2Bv86CLo%2Bdba8ojSWJUhUuc02cm7Wplu1Q6ydDtgJ0x4XTgLo2n7r9QlL9nFk6BPsc0RcuSlcjjZE%2BpKADB5orhj23uefo9wGLppc92oQiPs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6e8c4caa9f1b9001-FRA

GET
H2 200 id_cbd_76f1d513-6c67-409f-a0b2-6ea212fd69ec_1634211377990.jpg
api2-hy8.tr8ngames.com/images/ 268 KB
270 KB 850ms
848ms Image
image/jpeg 2606:4700:20::681a:f27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-hy8.tr8ngames.com/images/id_cbd_76f1d513-6c67-409f-a0b2-6ea212fd69ec_1634211377990.jpg

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ccb0021f60da678c0fc52901057ad26b0a6d369c57dc6eb84915f6e90d3e938

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:49 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 274937
x-xss-protection: 1; mode=block
last-modified: Tue, 19 Oct 2021 23:31:10 GMT
server: cloudflare
etag: "22a9c66541c5d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZvumlhTkongAXR%2FLs7itt1Xr82o7cdKWPEEBpYxA5Kvr9DifLWvO%2FHovMWCemhMG3uHguOwDY5A4oZWbksPyVnpqzBL7k5ncC0%2BJdXErbQimYuht19bS%2FeIjz6P2lTotFBJLsSA23OfvKqIkMRVCuthXYw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6e8c4caa9f1d9001-FRA

GET
H2 200 pp-gates-of-riches-desktop.png
nx-cdn.trgwl.com/Images/banners/home/ 484 KB
486 KB 915ms
839ms Image
image/png 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/banners/home/pp-gates-of-riches-desktop.png

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b70b914fee505be534cff3c47ac726290689980ec28e650ec16069fd34dcf142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:49 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 496073
x-xss-protection: 1; mode=block
last-modified: Mon, 14 Feb 2022 21:49:32 GMT
server: cloudflare
etag: "0feb8bfec21d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYvaBPm3acVzCIDfLf0Q1HOIAvQY1IJ7ryRh%2FygRFSRSp8dNmI69K0ceaMg%2F7U6yUkK5UMNPXYsha1fKcUCM3ChfSFL%2FFpg07wtnA%2FacRwOLWbDOal7C954L1uVLGAkAmHEhdOcLpeg5UiBffmNC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4caaae8b8fe9-FRA

GET
H2 200 mg-bonus-epik-harian-desktop.jpg
nx-cdn.trgwl.com/Images/banners/home/ 223 KB
224 KB 940ms
876ms Image
image/jpeg 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/banners/home/mg-bonus-epik-harian-desktop.jpg

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4eeb8ff0404f46053fc1d6f8a67ffe8f4a6c190fd2b640e8d0abe3c61b5e6b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:49 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 228068
x-xss-protection: 1; mode=block
last-modified: Tue, 25 Jan 2022 01:35:46 GMT
server: cloudflare
etag: "045c8df8b11d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2n78iIpWLFhfSDVHLu4sePZN5CF%2F%2ByJw9wXebmW53iXNmzNQIh93JXks2sez%2Fej7mHEIkZAdASzuQUnwp7I0X7hV777uMUFEZmoZX9sHYe%2BN2HrMfo%2FaiMEqMZOZkGJJfLX4OVsIx63DhFwx3jt"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4caaae8c8fe9-FRA

GET
H2 200 9gaming-turnamen-harian-dqq-desktop.jpg
nx-cdn.trgwl.com/Images/banners/home/ 134 KB
135 KB 946ms
881ms Image
image/jpeg 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/banners/home/9gaming-turnamen-harian-dqq-desktop.jpg

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26684fcc763c293c9689ddc3369c4f5638472fd78401d0508dde5489dc197595

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:49 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 136936
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 00:10:10 GMT
server: cloudflare
etag: "09d77b84928d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pcDxE6hKAC5If77vYTtUswrd5WfitcbXjJ%2FSrESda5odmAOLIHupQASM17sV%2BrvbvyUoo%2FOacxVQQyuU%2Bq7SSpwNK1pvFeF%2BQGTSFynsWlKNJhiMUofloK12V4AUtVm0tKi0jOMazUroa%2BpqG77y"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4caaae8d8fe9-FRA

GET
H2 200 ionslot-fortune-cat-jalapeno-desktop.png
nx-cdn.trgwl.com/Images/banners/home/ 443 KB
444 KB 856ms
854ms Image
image/png 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/banners/home/ionslot-fortune-cat-jalapeno-desktop.png

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

296bbfa0b72f74ac94d80e0353e4ff2d8a2ded813826fad5b3fb220eb37a6480

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:49 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 453513
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Feb 2022 00:05:40 GMT
server: cloudflare
etag: "0a2f2411229d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ykpp5fx1zjm8%2BEhsRyLZQZbc8Ar%2FPbXfmXFRHZwRuzE08Azvw6d5pB%2F1MhZOJ4dxkWT4RWvLElSXgGKIDXEubpaLpYMneKQnaTQ4wOa8WhiD3PzpOdGYv5qsoeRvJrLmnMzXTsV0CstUhOr0hSDc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4caaae928fe9-FRA

GET
H2 200 hab-march-jackpot-race-desktop.png
nx-cdn.trgwl.com/Images/banners/home/ 430 KB
431 KB 887ms
886ms Image
image/png 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/banners/home/hab-march-jackpot-race-desktop.png

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72a0c1d66756fbd3ea8a457fa51af59805561ffb5f402202335ff287eecee39f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:49 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 439866
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Feb 2022 20:31:28 GMT
server: cloudflare
etag: "0d0f87fbd29d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YwaivfLAHXoHfRIA1hsansg816RzrQKbli9hho5RPqptnxgUVw1nJ%2FCOqdJdYULyPISeZ6D8CXYza3EZqA6kLpRVvOkSqhipSnC5joo%2BtYlJNxAw5UUIf0dKz5I2hnedX54hmW%2BYsTJIjmqrZcyD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4caaae958fe9-FRA

GET
H2 200 joker-grand-jackpot-desktop.jpg
nx-cdn.trgwl.com/Images/banners/home/ 234 KB
236 KB 840ms
838ms Image
image/jpeg 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/banners/home/joker-grand-jackpot-desktop.jpg

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34b2d744377e3d450f6f2795b98ccc23941d957f7a8ea89fd586e417e623d0a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:49 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 239915
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Feb 2022 20:31:20 GMT
server: cloudflare
etag: "01c347bbd29d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=73iJ6Jizd3WLs8A2OwX06Rvr3e3517CSpNQ1kPnHZQOLAQiYH79uixj5FRSYp7ZEt4QEmb7RChx85nkGrf%2BEuVlD5%2F8IRYSvoV%2BN2ERMT%2F4VV5R7yDqYduNCrifv%2BugWZEku9PNu0zVHH3MtNZyV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4caaae968fe9-FRA

GET
H2 200 png-event-jackpot-drop-surprise-desktop.jpg
nx-cdn.trgwl.com/Images/banners/home/ 127 KB
129 KB 871ms
870ms Image
image/jpeg 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/banners/home/png-event-jackpot-drop-surprise-desktop.jpg

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49664535e6da336f8dd04e17aa68eb557897c7de9b3be942b196ed84f1bb52ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:49 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 130274
x-xss-protection: 1; mode=block
last-modified: Thu, 03 Mar 2022 21:48:04 GMT
server: cloudflare
etag: "024b5c482fd81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v35nPpyHrbSkuHHiL%2B%2Bwep2vXBlT9k7nKfhVc91cE6Yntl%2Bwejmm01yWRf4PyC6XJssJUhKOm0xS7sbyt1ehNcHj9bzJJnUkocSTtxgE7Hxhh3TjpFH60TZARpPB59z5k6s7vmksGmAm%2B%2FWUZ%2FWZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4caaae978fe9-FRA

GET
H2 200 BCA_e1bab23f-dda6-4835-b3ce-d5039f28546c_1646563079133.png
api2-hy8.tr8ngames.com/images/ 979 B
2 KB 612ms
610ms Image
image/png 2606:4700:20::681a:f27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-hy8.tr8ngames.com/images/BCA_e1bab23f-dda6-4835-b3ce-d5039f28546c_1646563079133.png

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25e9cb2c38a9e51dd0e0a6f39b1bfe1a6f59bb7e88507ad82c34ab2b2b9e4288

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:48 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 979
x-xss-protection: 1; mode=block
last-modified: Sun, 06 Mar 2022 10:40:37 GMT
server: cloudflare
etag: "cf38239e4631d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iE6mnd7S9cIENhI04d%2FeX3y8LXYNclLJuOGOBbWKxIZL8qsFl54%2BDJVpzfC%2FXvQ2IbzS%2FWFQ98pl%2BkpTT1P1YCtAeFt%2BM4D3rIuzFeHJfj20MEmm%2FyZ7GVAPW4sCcZVjHI1wsN3nD0CdW2O%2BgggL7OngnLY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 6e8c4caa9f1f9001-FRA

GET
H2 200 BNI_3d30334c-d871-46fb-80b3-0fcb12f99b87_1646563359860.png
api2-hy8.tr8ngames.com/images/ 918 B
2 KB 623ms
621ms Image
image/png 2606:4700:20::681a:f27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-hy8.tr8ngames.com/images/BNI_3d30334c-d871-46fb-80b3-0fcb12f99b87_1646563359860.png

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4549533789cd22c67e36646d183e2349bc205ceb6b22af1d9421c83ac95df9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:48 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 918
x-xss-protection: 1; mode=block
last-modified: Sun, 06 Mar 2022 10:50:37 GMT
server: cloudflare
etag: "5cf0c134831d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLFx1K10HnspwakH7UB7jz8SJuF1vQoIBWS%2FcRWR3kFik7YmVBmiKf9vbdxBwBE03yTjQ2I7TbfxxtJL1Zz6bWm0CNfONJncuEbgz3XDR5pyb5Nl2h29s3Hg29QkZa%2Fw%2BvEEVBM9WUqRuwG4SBM4Vu3x0ns%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 6e8c4caa9f219001-FRA

GET
H2 200 BRI_a458ab91-91a3-49ac-98b3-1bfc5d1966bd_1642658721333.png
api2-hy8.tr8ngames.com/images/ 839 B
1 KB 612ms
610ms Image
image/png 2606:4700:20::681a:f27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-hy8.tr8ngames.com/images/BRI_a458ab91-91a3-49ac-98b3-1bfc5d1966bd_1642658721333.png

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

198b1cec1f6538854534bfaf1a77c3ba191f8ffb0cb2eed0c9be9513d1b55b31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:48 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 839
x-xss-protection: 1; mode=block
last-modified: Tue, 15 Feb 2022 23:29:01 GMT
server: cloudflare
etag: "fb5568d0c322d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8P%2BTcvqi%2Bi%2B54OGKCukGHxlfYUWwR%2FJjX1D5YFayECzLqCYjUGteLTTcNlJCvlZuRgB8JGwANQxCDHZsC8YV0GwNP5BtqFnORg68%2BZs1oH%2BWkj%2Frpqw%2FBXXTq9zmwHGb6jyJATa%2FW5srYGy8sHxOFKh6kcA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 6e8c4caa9f239001-FRA

GET
H2 200 GOPAY_6d9f75a3-3a2c-4be2-8179-3bbfd755d7cd_1618547094760.png
api2-hy8.tr8ngames.com/images/ 956 B
2 KB 622ms
621ms Image
image/png 2606:4700:20::681a:f27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-hy8.tr8ngames.com/images/GOPAY_6d9f75a3-3a2c-4be2-8179-3bbfd755d7cd_1618547094760.png

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01f26c1fdfbd986fa23c802d8e5b125b97afe4a9a556fdcf93c33fe888e9b29e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:48 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 956
x-xss-protection: 1; mode=block
last-modified: Tue, 19 Oct 2021 23:31:12 GMT
server: cloudflare
etag: "854eed6641c5d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XuXXbjT9s4h%2Bv5Yh9T65feZE3rBPLWzqdZkzZWnppkXCTKVMFrDQDqfKhoJcauvRhqCNkmXrMpayI1y%2Bbed4p7qo3KTdFbcBbrzeH8JLepwKj9YrICbwKL5VenUCAAwuXEBv%2FdO7RXvQS00kHpZKPdCsIKg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 6e8c4caa9f259001-FRA

GET
H2 200 MANDIRI_ec4427ff-2e6e-4657-a2fe-b3702bc15e7c_1640447670280.png
api2-hy8.tr8ngames.com/images/ 1 KB
2 KB 599ms
597ms Image
image/png 2606:4700:20::681a:f27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-hy8.tr8ngames.com/images/MANDIRI_ec4427ff-2e6e-4657-a2fe-b3702bc15e7c_1640447670280.png

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7aedc6ca549c685e560d1bd7a05840960b9589b35261a9bdeaf20bcefbf8df9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:48 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 1465
x-xss-protection: 1; mode=block
last-modified: Sat, 25 Dec 2021 15:55:23 GMT
server: cloudflare
etag: "fcd271d3a7f9d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQw%2Bd3CyKT%2BlIH1Y%2B4jkVhT5L64XGem13CIRgcqs%2F8lCpXwWsWSIgSc0XyByWHWj4NZuwC%2BmsP67E48wr4rP24CjkrdnCh0J6eXraAHoq4H820BGoKpWTTzT8foMHWJGPvPtua6Z1wN7i09h65Wt%2FUV6oqo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 6e8c4caa9f269001-FRA

GET
H2 200 OVO_ddd6e876-f366-4b0b-a506-d0e8210c55e9_1636675125287.png
api2-hy8.tr8ngames.com/images/ 965 B
2 KB 613ms
611ms Image
image/png 2606:4700:20::681a:f27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-hy8.tr8ngames.com/images/OVO_ddd6e876-f366-4b0b-a506-d0e8210c55e9_1636675125287.png

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41c04af3b1f1e46cb3f253b4ba1c559517a9fd1c18e06ebecdf8ba56b53ad2df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:48 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 965
x-xss-protection: 1; mode=block
last-modified: Fri, 12 Nov 2021 00:09:07 GMT
server: cloudflare
etag: "15b8e48259d7d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GbUABdazyAYxIjVH1fIIg%2FMwTVYtw%2BYw6U7jb5l1uICfmX7uWHbUEgWHauv%2F2TG63JnbN8pbqCkG%2BoFmQsHBollRLV1oUXWosfWr9xRHumzdFYWLw44Gce%2FG95m3vDTIgaftatrbVQWak%2FvBUGPR4S1MGXA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 6e8c4caa9f289001-FRA

GET
H2 200 TELKOMSEL_708c135d-74c5-482f-9d03-27a5f7035c60_1634747112593.png
api2-hy8.tr8ngames.com/images/ 923 B
2 KB 597ms
596ms Image
image/png 2606:4700:20::681a:f27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-hy8.tr8ngames.com/images/TELKOMSEL_708c135d-74c5-482f-9d03-27a5f7035c60_1634747112593.png

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

642ef5aec86961d7777b10d275f354c767cc604c2390afc2790f2a40ec25cecc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:48 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 923
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Oct 2021 16:38:07 GMT
server: cloudflare
etag: "b5be5ddcd0c5d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zVFJMBE%2B%2FqCdkZHoAn3olCr5QxBDtw7A5t3wguVbk%2FKeeI0kE6QW3693EDHUryExrDUdwYK8pRb6%2F4a11yLDTIZEIO%2BVsePDxxuRoV0XIIym7juXmCgQabBsZQ9ZMdpbCVfo28aBm%2BHa%2BWdOfHe%2ByMVYp20%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 6e8c4caa9f299001-FRA

GET
H2 200 XL_ea2a82b1-ca96-4eb1-9a52-cf378c6405e7_1618547094760.png
api2-hy8.tr8ngames.com/images/ 686 B
2 KB 629ms
628ms Image
image/png 2606:4700:20::681a:f27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-hy8.tr8ngames.com/images/XL_ea2a82b1-ca96-4eb1-9a52-cf378c6405e7_1618547094760.png

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c78efbcc2ad2825c8f24702f16c32b27c731d6fcfc3dc4dd984134c6173d8a7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:48 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 686
x-xss-protection: 1; mode=block
last-modified: Tue, 19 Oct 2021 23:31:12 GMT
server: cloudflare
etag: "d089126741c5d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEpjmGSEYDHW3drR0AIKrP%2BuvZ0QasHt9aZATBv%2B3rkvgTGQJnqOZw7x4K8819UfTzxYMzP2BhM3DSilD0QDbCeWBkJcKAKvICLMBN%2F%2FWE%2FK4xHAngV1j2l%2F0%2BghiYjLewNAV%2Fb4k6ccb4h5ElbhzsvGjws%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 6e8c4caa9f2c9001-FRA

GET
H2 404 Instagram_c9acfbee-86fd-48e1-b1a1-a1104369faae_1646749840968.png
api2-hy8.tr8ngames.com/images/ 0
0 605ms
604ms Image
application/json 2606:4700:20::681a:f27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api2-hy8.tr8ngames.com/images/Instagram_c9acfbee-86fd-48e1-b1a1-a1104369faae_1646749840968.png
Requested by: Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 200
OK captcha
172.104.41.68/ 2 KB
3 KB 282ms
281ms Image
image/jpeg 172.104.41.68
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://172.104.41.68/captcha

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.104.41.68 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1621-68.members.linode.com

Software

nginx /

Resource Hash

0468f6ba4529e9e72d41585904933dcf4e0197e2584810be5a023c19664b25bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/home?register&ref=dutafilm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 14:35:48 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=so8Bl5Fha8lNyEScdaj8epmBpMqjoGTEqhlhfbzcgjedHI9%2FEad8srPuIuFAP6rG19%2FUdzWrZ5fUmPiNUroqBvnF45B6Iw27NVkXAE0ICz%2BZASWgj%2FXX6lTWZ62p%2B%2B7NHpC7E9U%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: private, s-maxage=0
Connection: keep-alive
CF-RAY: 6e8c4caa8f9187fb-SIN
Content-Length: 1824
X-Xss-Protection: 1; mode=block

GET
H2 200 freebet.jpg
img.kotakputih.casa/images/hey88/ 191 KB
192 KB 109ms
33ms Image
image/jpeg 2606:4700:20::ac43:471e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.kotakputih.casa/images/hey88/freebet.jpg
Requested by: Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:471e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d70794a31349c39f0f8ea657ffc789593620edade134fed82e910715a297818

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 34541
last-modified: Mon, 06 Dec 2021 07:10:55 GMT
content-length: 195706
cf-bgj: h2pri
server: cloudflare
etag: "61adb77f-2fc7a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9QIeUfG8njAD0ZjDr2SkXmjsytohldbD5G%2BylUZcDS%2B129wzrM2fY%2BZ%2FQJYPUIX9cAFBouhrM%2FlLAbt7uS%2BihraiaeKIFQJ6V5wfpCTeKx2ZdhPl%2FQaa%2F%2Fkcyll9OcxpT8ECaxOKVDBskdoE3QGQqE0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 6e8c4caacdc183b8-MXP
expires: Wed, 09 Mar 2022 14:35:48 GMT

GET
H/1.1 200
OK nexus-beta-desktop-js Show response
172.104.41.68/bundles/ 468 KB
179 KB 290ms
289ms Script
application/javascript 172.104.41.68
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://172.104.41.68/bundles/nexus-beta-desktop-js?v=rI8eEaPmGOZeFGhggJRpd83nN0jiPZOcJC8P3VOv5PI1

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.104.41.68 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1621-68.members.linode.com

Software

nginx /

Resource Hash

0446d0e7a11862ad0864ee2a11876e9437f25cbe6e5ca0aed3f45dc8e4aedabc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/home?register&ref=dutafilm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 14:35:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Vary: User-Agent,Accept-Encoding
X-Xss-Protection: 1; mode=block
Last-Modified: Tue, 08 Mar 2022 14:35:48 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=frCOE1oggkXwwPsWjd%2F6SBra%2FF4MDquaXbDRhM%2FrSZz4kXZ69pyRD3c%2F%2BkJ0HLHh2xuEDe1JKACU2lGlHyfSdMQl75H4jZNmSwycClOLpmjuZZHNpd2EmbHhig9uTNW%2BY2%2FyjEtE0XbeXlTKnB9W%2Fkg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
CF-RAY: 6e8c4cab2fc0567c-SIN
Expires: Wed, 08 Mar 2023 14:35:48 GMT

GET
H/1.1 200
OK desktop-js Show response
172.104.41.68/bundles/Home/ 37 KB
15 KB 448ms
447ms Script
application/javascript 172.104.41.68
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://172.104.41.68/bundles/Home/desktop-js?v=Z_ce32yiYgPWDn0rPN8MfXPoT8Fa3IuYkqVIwUOPyE01

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.104.41.68 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1621-68.members.linode.com

Software

nginx /

Resource Hash

ba8145cf848d2c72f03c234538c70eef27c8b12f4594da3dec4e48a74217eb12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/home?register&ref=dutafilm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 14:35:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Vary: User-Agent,Accept-Encoding
Content-Length: 13906
X-Xss-Protection: 1; mode=block
Last-Modified: Tue, 08 Mar 2022 14:35:48 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9X%2BEX7T%2BN6qrfcTc85mC3Rs0Opqm0LxkffE2MIyHldVntGj7D8ziviZBEs7jFEClb%2BZdAozo3EWVqtA2yHhcXZT90srLL1Lx%2B%2BzKFcokGlLQPcQBlK8Yl2eQGsDA6EVvk%2BThkqU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
CF-RAY: 6e8c4cabb93c6c7e-SIN
Expires: Wed, 08 Mar 2023 14:35:48 GMT

GET
H2 200 flags.png
nx-cdn.trgwl.com/Images/nexus-beta/dark-gold/desktop/layout/ 24 KB
25 KB 895ms
830ms Image
image/png 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-beta/dark-gold/desktop/layout/flags.png?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/Content/nexus-beta-desktop-css?v=kxkw7jNXJ4K6LbUcM2NR_Wj8MIYv_Wo_LpI0EFO4DyY1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

511d4acc3bf3da61b5d7892aea8b65aa67945425439c75dd3cf2cfa1d2630b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:49 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24958
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 20:01:16 GMT
server: cloudflare
etag: "0ce75e4e5c8d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGgDuP71btOzOD3NG7aUu5Om3xgklDC1MfW1nK4k1SO8mVcUPLya4jwFRuRhYV4SjGBxax1lzxMbPxGcORuaZAdJ%2FNEUjHZcrUA%2FXWlsBWLAuhDD2l6jCp7BMAWfqYb%2F3nMg9N6gNxdOvBpG8Tlj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4caa6e318fe9-FRA

GET
H2 200 live-chat.svg
nx-cdn.trgwl.com/Images/nexus-beta/dark-gold/desktop/layout/ 588 B
1 KB 636ms
571ms Image
image/svg+xml 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-beta/dark-gold/desktop/layout/live-chat.svg?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/Content/nexus-beta-desktop-css?v=kxkw7jNXJ4K6LbUcM2NR_Wj8MIYv_Wo_LpI0EFO4DyY1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

667ee8612b9502ae0c6f0b8eac253c8bca307446262f7ac5c2cc1a84b50d9d65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 20:01:16 GMT
server: cloudflare
etag: W/"0ce75e4e5c8d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pkXzpOTPwqgmAJZ3EcXSwWxFyKjq3vgyEfwaxlFZ18G4yqpkxMc%2Ff2wpDDh10ecrfye7RgIjD07WUJMcburdiRgUcRkI0IfYOl6rDHcv4RnxCy1u05%2FwXdnvLovCFn7XMtbihFER2ZpunfPkv7Wd"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 6e8c4caa6e2f8fe9-FRA

GET
H2 200 mobile.svg
nx-cdn.trgwl.com/Images/nexus-beta/dark-gold/desktop/layout/ 733 B
1 KB 655ms
590ms Image
image/svg+xml 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-beta/dark-gold/desktop/layout/mobile.svg?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/Content/nexus-beta-desktop-css?v=kxkw7jNXJ4K6LbUcM2NR_Wj8MIYv_Wo_LpI0EFO4DyY1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbf8ea136cb9875f6548ddfeb8eaf0290fab91b50610dfdd8583f5bc8644e04d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Dec 2020 00:03:04 GMT
server: cloudflare
etag: W/"06c135775c7d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wVtAPPdcCw2qAK6XsQf3M%2FD7RgD2W2yZsdXBmnTPNQTEkFtvrkSfIn0ItnF071wjxkOvv%2B9aut1VnOkyoIpCyw0G8pWoaptdflVFC18esECvqczXY7NjJPnuQbgZ8vfps803fu06N86DoGjWBWGs"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 6e8c4caa6e2c8fe9-FRA

GET
H2 200 news.png
nx-cdn.trgwl.com/Images/nexus-beta/dark-gold/desktop/home/ 336 B
1 KB 557ms
542ms Image
image/png 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-beta/dark-gold/desktop/home/news.png?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/Content/Home/nexus-beta-desktop-css?v=3QTBY706xBJzO4T38C6SH7PQgKi3zzS4HdTHEKlxM_g1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dff011ccb52a0cf1b082e3a557246ca8a31cc7afb99dd695e2b6554f5e2fea8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:48 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 336
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 20:01:16 GMT
server: cloudflare
etag: "0ce75e4e5c8d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FdV4%2F%2Fuzv9J3pTheo1V3dzpcFxjSUOvFfYBM7NtFzcUPb9q3aB0%2F70gNgeEuEARRV4MYfwIZi86uG%2B6xmT4LFFQxRrTSX%2BGYgRbchpNw8VKsi3bUl%2FhRPYacIpRmvYrdICFYVLjcBDAL0hnmmEQG"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4caa6e378fe9-FRA

GET
H2 200 home.jpg
nx-cdn.trgwl.com/Images/nexus-beta/dark-gold/desktop/backgrounds/ 56 KB
57 KB 836ms
821ms Image
image/jpeg 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-beta/dark-gold/desktop/backgrounds/home.jpg?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5d68c2fed099818667fcce168c7dcdda4613c4163f9a7aa760f900abadd4b7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:49 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57427
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 20:01:14 GMT
server: cloudflare
etag: "0a144e3e5c8d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCZNofroGkhYztOs1DbDlyIC1F%2BxyfjYs9l17B4eSMCAjc8OjkWui0L9VB6benQy9Nk1OCLVYeL1FSZb3HyQG5yrESWlsx9F9rxP9QomUUAuoCUJD4LBHIwW6Li4JKDFaI48Djf9M8Dt6EbtOn1e"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4caaae8a8fe9-FRA

GET
H2 200 jackpot.png
nx-cdn.trgwl.com/Images/nexus-beta/dark-gold/desktop/home/ 16 KB
17 KB 797ms
782ms Image
image/png 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-beta/dark-gold/desktop/home/jackpot.png?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/Content/Home/nexus-beta-desktop-css?v=3QTBY706xBJzO4T38C6SH7PQgKi3zzS4HdTHEKlxM_g1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c89c23b0a66a0dbee30b0e02f1ce892302179eb910022d02d0b484ae7f075fa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:48 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16738
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 20:01:16 GMT
server: cloudflare
etag: "0ce75e4e5c8d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pb0eIVzxRZfWaU1jkm6a%2F9VFQ5pgAPNkXpLYMIFm1GT%2BttDu6eK%2FNA8lulndUDM2yH8MwHlgw58e9KQ7tEcNPXo1C6z6tBma3g%2FViMRVkUmSOJUKFFe7ozW7jia3nMai6SjmWNN9HGptJ7rsdXjf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4caa6e388fe9-FRA

GET
H2 200 new-games.png
nx-cdn.trgwl.com/Images/nexus-beta/dark-gold/desktop/home/ 507 B
2 KB 596ms
581ms Image
image/png 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-beta/dark-gold/desktop/home/new-games.png?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/Content/Home/nexus-beta-desktop-css?v=3QTBY706xBJzO4T38C6SH7PQgKi3zzS4HdTHEKlxM_g1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e5ac8f0c39a0d860bee7590a6fcbc147f7760f889bd27fc8b4be09edfccf78a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:48 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 507
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 20:01:16 GMT
server: cloudflare
etag: "0ce75e4e5c8d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rzix87gU73g2t9AEg7ZIA%2BWP98cXgNLo4FzY9Trm9bzu0lyGtuzX5nUxRWPHE5xJYkuJS5ZQgE5L7BNePEPJDZcy5RtkJg%2BzVoHdjIVonYP%2BiFHuTRTSOc0%2Bzp6YmAlcY6XhWsRhcFAQFrOPGOLq"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4caa6e348fe9-FRA

GET
H2 200 popular-games.png
nx-cdn.trgwl.com/Images/nexus-beta/dark-gold/desktop/home/ 360 B
2 KB 539ms
524ms Image
image/png 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-beta/dark-gold/desktop/home/popular-games.png?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/Content/Home/nexus-beta-desktop-css?v=3QTBY706xBJzO4T38C6SH7PQgKi3zzS4HdTHEKlxM_g1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ade929071b57665452d1d4abde2ed8b52a8daa3d2ea88a34690cc769c8f344c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:48 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 360
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 20:01:16 GMT
server: cloudflare
etag: "0ce75e4e5c8d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LEuA%2FpQzybPiNX6BzFpTEKRgv%2BnM22s2dS2e8tKSZbPD9ndVxQxkNPL2a10kIBEWc7j08xhTqRfYp8sNfSHfMmjUrzMMEmammHxAEGIEoHlu7p6DqJNIfZnj6VQsl5xai0qxbb3yXeig25QthD9e"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4caa6e398fe9-FRA

GET
H2 200 jackpot-games.png
nx-cdn.trgwl.com/Images/nexus-beta/dark-gold/desktop/home/ 404 B
1 KB 571ms
556ms Image
image/png 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-beta/dark-gold/desktop/home/jackpot-games.png?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/Content/Home/nexus-beta-desktop-css?v=3QTBY706xBJzO4T38C6SH7PQgKi3zzS4HdTHEKlxM_g1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f3e6456694935c28fa4fbe90929d439c8c9585c96d3a60ebc6c7f1227cf7ad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:48 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 404
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 20:01:16 GMT
server: cloudflare
etag: "0ce75e4e5c8d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2F5fI6ETDMZcoFzc%2FVPh%2FmVIoRKZcImTBhrf33XrVgaSUzUfSFuPBTomNf53ZFgc7LnedEDLFX1p1ArTg4lNc0xMT4F5n%2BB%2BKon61gcKVGPscUzQPkps0DZELyAtavdvJvtaU8fomq15zJuaFDc0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4caa6e338fe9-FRA

GET
H2 200 download-apk-background.png
nx-cdn.trgwl.com/Images/nexus-beta/dark-gold/desktop/home/ 602 KB
603 KB 890ms
889ms Image
image/png 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-beta/dark-gold/desktop/home/download-apk-background.png?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/Content/Home/nexus-beta-desktop-css?v=3QTBY706xBJzO4T38C6SH7PQgKi3zzS4HdTHEKlxM_g1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705fe4ec4cb74e95c6e9d81d49fbeba6e75bf0d84e899ae5d015c71cd1a314e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:49 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 616234
x-xss-protection: 1; mode=block
last-modified: Mon, 17 May 2021 02:31:40 GMT
server: cloudflare
etag: "04e69c4c44ad71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ECetNF8nuOGo0Zyc9VLQWxfMTKDpD1ACVJGSA7ABZM%2FazvLV1wBRk827l6POJkWBSDiF5JrL1Pb5F1l7DPLekCfj47pZ%2BLEwcTilOLhnvVzXP1UN7rPGPnRDRfZ2XLHtDBBVXszsh3i9vJoDi4JS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4cab4fab8fe9-FRA

GET
H2 200 icon-sprite.png
nx-cdn.trgwl.com/Images/nexus-beta/dark-gold/desktop/layout/ 4 KB
5 KB 566ms
565ms Image
image/png 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-beta/dark-gold/desktop/layout/icon-sprite.png?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b81a90d317b70f82719218970659a41b488eae52d89f93401a41bcc7b23f44e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:48 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4235
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Feb 2021 20:23:40 GMT
server: cloudflare
etag: "06ec4f1336d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7UJcMw8%2FOYH8N9zc3jpQgrd8DK3I%2Fdc8%2FGMVe9jE2%2FhfA0zAPiZ9IMTIOUdfTVCxA47YVFtNiZ5OZupcrys1zR1GoPrR1UHHq%2B2Y%2BXt2JyEvKAGrQ1ayCwCqfX%2FyDFOBepoTlM%2FvO9zWuc2DgdMD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4cab4faf8fe9-FRA

GET
H2 200 vs1024lionsd.webp
nx-cdn.trgwl.com/Images/providers/PP/ 11 KB
13 KB 566ms
564ms Image
image/webp 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/PP/vs1024lionsd.webp?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da75aa03800149209497bac011174ac23eb37ce5831894643963f6df95d5b2f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:48 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11744
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Dec 2021 21:24:52 GMT
server: cloudflare
etag: "0ea706e8f5d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUyU7FiAbp%2FmxnrcXMT3bFZMYy16HmCZBpVPTYo9gzPYJ5Md%2FRduYgROQiubUrT5BIWNLKwZl%2BQJA4lk0JCdBCoBISLv0FymbnteiQUS92IZm5Qz7PgR15N9VEPq5FKEz2W8M4pzEyaJATzuCCY%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4caaae8f8fe9-FRA

GET
H2 200 iw7az1sm3drhh.webp
nx-cdn.trgwl.com/Images/providers/JOKER/ 18 KB
19 KB 858ms
857ms Image
image/webp 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/JOKER/iw7az1sm3drhh.webp?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

201bd0f8d49394d93dede9a5b9be7350c40d20697e9c09ab3e73be908c90081a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:49 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17956
x-xss-protection: 1; mode=block
last-modified: Tue, 21 Dec 2021 00:17:56 GMT
server: cloudflare
etag: "092c9330f6d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9oL%2BrVvbeYMnwjb2iGm7TEDe2Mu20tnrVpP%2FFJb1JWyA%2BzqJzKFqg0a0lEgBOtHtwGS6oqrIVOA9BkoX6wN%2FxNocHoPW2XDQ56rVQsuV88Eqirrq3W%2FnlMAYbx1lFsm4pCHsMpSzq9v5MLHdnPRQ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4caaae9a8fe9-FRA

GET
H2 200 gpas_rriches_pop.webp
nx-cdn.trgwl.com/Images/providers/PLAYTECH/ 12 KB
13 KB 578ms
577ms Image
image/webp 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/PLAYTECH/gpas_rriches_pop.webp?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5549f5525c20d57edc7d3ae822ad6d3cb4d5fc2c0ff2921b7c487587999f4367

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:48 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12310
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Dec 2021 18:16:00 GMT
server: cloudflare
etag: "07090a516f1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h06AjPw4FWFxpetS8AQk0PBKgAMbp0Dog9Ouzl6%2B7TVLiuKap9BWhm%2FDVWfEz2RjuKS37CCjHI8ztPGTRmejS7NcoM7plNmbpEGIkYtG8kAk9BhsUypcBQBP%2F9xoCb9TVG85VF4dBhYCMzmNWubf"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4caaae9b8fe9-FRA

GET
H2 200 SGJellyFishFlowUltra.webp
nx-cdn.trgwl.com/Images/providers/HABANERO/ 24 KB
25 KB 876ms
875ms Image
image/webp 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/HABANERO/SGJellyFishFlowUltra.webp?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4d4206926650ac5f4dba4ee3f3f51a89f6fcaf895e677807486c8ce616f946f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:49 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24676
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Dec 2021 18:15:52 GMT
server: cloudflare
etag: "0bccba016f1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2h2vYybUixr0SBLZnOSz2n8%2BHgqjWoG8TTinhuUJqKezNNKZ2Ou4GmULNehcPLcZFm%2Feu65ij3KP39ryRhYBe6e2JRRqMklLMC5ylamB928LklDzFmHcZzYT5OYk2UGVdpqw6CUoyQrfqPPktKMS"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4caaae9c8fe9-FRA

GET
H2 200 SMG_playboyFortunes.webp
nx-cdn.trgwl.com/Images/providers/MICROGAMING/ 25 KB
26 KB 849ms
847ms Image
image/webp 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/MICROGAMING/SMG_playboyFortunes.webp?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4147d90124650418cd05066c006af47d978d6fcae6f495d08713771fd3e76aa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:49 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25676
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Dec 2021 18:15:56 GMT
server: cloudflare
etag: "0162ea316f1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8wsZHLmKhfAN6QRtBs99C41KdScuvt8ktbIL15S6dDf2OLr9wI0AiOn2X8b8RJw%2BTAkdNHr3tnw0dM%2BALr25GMIITmRsct4Gxo8fsMV%2BG%2BJOlPiDNv85U%2FLWE6LwDZQIXzlkUyWIBB3LHOm3NIAl"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4caaae908fe9-FRA

GET
H2 200 treasures-aztec.webp
nx-cdn.trgwl.com/Images/providers/PGSOFT/ 28 KB
29 KB 865ms
864ms Image
image/webp 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/PGSOFT/treasures-aztec.webp?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

040bf02b560fb5befb82f5c6fdda73b2fa533162470d1ce7b75a7acd63ae6066

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:49 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28450
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Dec 2021 18:15:58 GMT
server: cloudflare
etag: "0435fa416f1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LMcNJBk3f1fK4obXkTDMkqXotmmCVCFFaMrRgwTjnxCRSRDJ8yaKs1md8GIAfvZg0B%2FUa%2BYlgFcRAGfYgZkIH2mAEYH%2B0wfJzhZwS1cbceD51Yf9VzbOi974i%2BQSxA9YV3pe0zI7XaqyFCiVC7Or"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4caaaea68fe9-FRA

GET
H2 200 vs20rhinoluxe.webp
nx-cdn.trgwl.com/Images/providers/PP/ 12 KB
13 KB 602ms
601ms Image
image/webp 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/PP/vs20rhinoluxe.webp?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe934cabcff1421bcedf5ee7ba47db711c9a68c253ad37c853e352b79f87cded

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:48 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12348
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Dec 2021 21:25:10 GMT
server: cloudflare
etag: "07f2b11e8f5d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hoo0OXgeLZ1rNStRHRK9n%2BSIFkZiaOKXPnggNGxBNRYPsFAzuhEHxSS1y4JgKFxnuUBnjUKeyoAE3H2uTCMUIa85oIFmGbvjGCq8YsSoO9xXH9heRblrJK5IB3uSfrx03wAy5GeByqt8TEUTEZZ1"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4caaaea28fe9-FRA

GET
H2 200 hcu3p8r71kj3y.webp
nx-cdn.trgwl.com/Images/providers/JOKER/ 18 KB
19 KB 818ms
817ms Image
image/webp 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/JOKER/hcu3p8r71kj3y.webp?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

270a8bd37c5263b9d5dedb1940270fc706c7cc5e8d8877e23e27277f1428973f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:49 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18076
x-xss-protection: 1; mode=block
last-modified: Tue, 21 Dec 2021 00:17:54 GMT
server: cloudflare
etag: "06598320f6d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HSf011f5TYvS%2B0fwIw4d4LyWFLLMoV7ub94BtyuoGjm%2BbcFwDgeqMoQX171swjSI%2FC1uBBnx0Yb%2FGTJsyK6aTrKLl4JnB5q3Af6IMJL8kG9zi9rPLnTrxqIIFntTb9XWSNMrW6MpEZJwcYKHfLhR"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4caaaea18fe9-FRA

GET
H2 200 gpas_aogetroy_pop.webp
nx-cdn.trgwl.com/Images/providers/PLAYTECH/ 10 KB
11 KB 583ms
583ms Image
image/webp 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/PLAYTECH/gpas_aogetroy_pop.webp?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5991342f8cb19585746f942d4937a1db02dccfd839809edb791ad83eb8afb03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:48 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9774
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Dec 2021 18:16:00 GMT
server: cloudflare
etag: "07090a516f1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3W7LVHg73iqJCuz0vMxEofN0SL%2BdY%2Fxb1xT3nYscjaITRqPev%2FTTKDNOxy5h5MjR0%2FSn7BOK1a6sgCzMfd%2BQLT9TTuXGTUFJ7I%2FuLlB0If3XZb7l95VBBGRl%2FsXeeZzPUwXujgO2ArNq7a0uFsYL"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4caaaea38fe9-FRA

GET
H2 200 SGLuckyFortuneCat.webp
nx-cdn.trgwl.com/Images/providers/HABANERO/ 21 KB
22 KB 834ms
833ms Image
image/webp 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/HABANERO/SGLuckyFortuneCat.webp?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb70134c1038b9202ef0dea6f2857c1eaa8928f42e8b0339185e2c9206e07eb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:49 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21150
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Dec 2021 18:15:52 GMT
server: cloudflare
etag: "0bccba016f1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lTd1BxfdmsqjRt9VFBwrf0eaV%2Bm1Sqyybfc6uwMFfrMjn29x9d6EttALc8BMdJkPQneaQtw0%2F5fe0nim4VlZQXsDMqFSy%2BNtd78gIx7ABuioSvyfGYJ7uTxWDAhuRrgIsabECidc3p3m17fNhXt1"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4caaae988fe9-FRA

GET
H2 200 SMG_rugbyStarDeluxe.webp
nx-cdn.trgwl.com/Images/providers/MICROGAMING/ 25 KB
26 KB 878ms
877ms Image
image/webp 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/MICROGAMING/SMG_rugbyStarDeluxe.webp?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c879c4e61b57f4348613702e4ed173a074433907948d88e97df0345ef484c07d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:49 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25484
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Dec 2021 18:15:56 GMT
server: cloudflare
etag: "0162ea316f1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CaXR5ckNAi9eD0wIQKaLU6mIjKiolUydnsEUSv78FoezTnYa2D5rjvwv9k%2F7%2B0hcsM%2Fe6na9SvjYLEKKT5oEtcARNbig%2BmjipMQrsDN9lLg5f0sWJLajhx15yWrUwauaZo230vx0mMGVaWXE%2BYOf"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4caaaea58fe9-FRA

GET
H2 200 dreams-of-macau.webp
nx-cdn.trgwl.com/Images/providers/PGSOFT/ 25 KB
27 KB 828ms
827ms Image
image/webp 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/PGSOFT/dreams-of-macau.webp?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

999e38e52011747d3578ed4d82847f31c203a1773871857a5496b7e26bde2243

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:49 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25830
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Dec 2021 18:15:58 GMT
server: cloudflare
etag: "0435fa416f1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zlqYb992sdiApoqZldNsO7XAAIj5MIuQncabpwo44s7k8dsV%2B1ZmC9mPqGVl6KHb4nnYouj5WoV37VYIoLh4JaYGxiUBaNevEGr%2F8u%2Bk6sSBcPZLbBKnnRkJflXbFYsk4p3S%2F39W%2FWebDfmhv6d4"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4caaaea08fe9-FRA

GET
H2 200 vs25asgardjp.webp
nx-cdn.trgwl.com/Images/providers/PP/ 11 KB
13 KB 573ms
573ms Image
image/webp 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/PP/vs25asgardjp.webp?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db1ecf5f3f94ec4e2ec618a4253a204dbb29a0ddebb670deb00ef17e5c2d7a28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:48 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11514
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Dec 2021 21:25:16 GMT
server: cloudflare
etag: "06bf14e8f5d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OFvJaAxuIuejv%2Fp9CHdFh4A8DQcwp19ua15w5PPRnuMRdd%2FRNMKdVb4Hlhr52L6n%2FDPlnRixeNCwzxyYtTCG8OlLNKkpohdAw5AAsHDQf5x%2B1aauM2O9I%2FvgRUVacSdVTslrI3ArmErFbdDg4RfP"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4caaaea78fe9-FRA

GET
H2 200 vs10madamejp.webp
nx-cdn.trgwl.com/Images/providers/PP/ 12 KB
13 KB 561ms
560ms Image
image/webp 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/PP/vs10madamejp.webp?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7446e80f82d9eabad01cdb5e1be40a63666a70d76485b91c1e4d27e77bdf1940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:48 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12214
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Dec 2021 21:24:58 GMT
server: cloudflare
etag: "0714ae8f5d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wYGFWYFxHAZuhNro1KnoFjfyf4bFH%2BIJGyizNUIi%2BvXakN9KzrVpP9bThVCsMUZuXksnxXyTZqBSplcs2v2dkYdSVk4uY0vk%2BCM8od%2B1UHbqBCL%2Fi8NeqUm3LdecL27CHv1ppVKad8iVxB9%2Bj57s"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4caaaeab8fe9-FRA

GET
H2 200 vs20fruitswjp.webp
nx-cdn.trgwl.com/Images/providers/PP/ 11 KB
12 KB 553ms
552ms Image
image/webp 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/PP/vs20fruitswjp.webp?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aef31096fe452b5cd57305aa63107b198b95dd94e1d79417781006cd6095a1bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:48 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11284
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Dec 2021 21:25:06 GMT
server: cloudflare
etag: "025c9ee8f5d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPraMu6VjYToDgf1Dci7op6LjLiTgLMg6kdciXjEsoazkZCASKKyvuj8hgIylqvEUadB%2FpBGHKfLPrlHpRAvmHvZ%2FduppNNO2xU8J92jdLIHabtMNG%2FN%2BcZBxG%2FebWZqiHxXow2prmy8UDPZT%2Bcm"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4caaae9e8fe9-FRA

GET
H2 200 vs20doghousejp.webp
nx-cdn.trgwl.com/Images/providers/PP/ 11 KB
12 KB 571ms
570ms Image
image/webp 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/PP/vs20doghousejp.webp?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65f35d4d2edcf0548f77d94b1e1395c8a8db4126963ae2ae750dbe759afea1c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:48 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10968
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Dec 2021 21:25:04 GMT
server: cloudflare
etag: "0f897de8f5d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X8I%2F5PAg0sbwF0uyLyGATo%2BgpL%2Bx9gn207sa%2BXO2WJ3ZpvPMA3qDgVWo3fbjKvu5Ma8QKK4hqW3Lqtqy2B6yTjoQl857SaPB6f%2F%2Fb4WakuzD9ycW%2B489ec%2F07ARxE1k2R6Jh7DgxtpT1tkPgRjJH"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4caaaea98fe9-FRA

GET
H2 200 vs1dragon8_jp.webp
nx-cdn.trgwl.com/Images/providers/PP/ 12 KB
13 KB 592ms
591ms Image
image/webp 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/PP/vs1dragon8_jp.webp?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3776465d54f99fd586c8073512ff02f55e9b4ead97c8b0279ff3bd9f6cfc85df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:48 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12178
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Dec 2021 21:25:00 GMT
server: cloudflare
etag: "09e35be8f5d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XxUkXnFhNWIi1d%2BqfPjXuqVaYLErYcjnbWstw5Rcj2uVkChG4vkQYR9MUd2m3Xx%2BHuv6texw0f8MAocLe0cY7Xm5FGmIcYxtH69ILjC9iB5SoIVVNNVUQMoxvQp2s3qN07TFdwiKSfAmanwEZo91"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4caaaea88fe9-FRA

GET
H2 200 vs5aztecgems_jp.webp
nx-cdn.trgwl.com/Images/providers/PP/ 9 KB
10 KB 596ms
595ms Image
image/webp 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/PP/vs5aztecgems_jp.webp?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78270b3ee22279663af6c18ecce4af90167b5ea0a498f82b742f9aa1181c87c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:48 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9610
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Dec 2021 21:25:28 GMT
server: cloudflare
etag: "014e61be8f5d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DkgzHM0tpVtKdXLgqgrRB6tctn5FwdStsrmVNL74w7PIRgaH7WXj76Qs%2FA14hmUePJPY88BVvqvcLM0KeHJ%2FZvZApJn%2FY4BilrrsWlicsB329JTLOZgvzyVP%2B09QiGIeOvLwJvn3cDbOTbCNAIg5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4caaae9d8fe9-FRA

GET
H2 200 HY8.webp
nx-cdn.trgwl.com/Images/apk-qrcodes/ 4 KB
5 KB 534ms
534ms Image
image/webp 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/apk-qrcodes/HY8.webp?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3a2c9acfce0e14f32b913958078ff4a5bd2d0875d4b5e88e645865c5e71a0bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:48 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4029
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Oct 2021 15:11:47 GMT
server: cloudflare
etag: "44ecd4ccc4c5d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SPkMKNkHKF8ipqssU%2FkM2N%2BsE63s6sSfEgaciW4exmLy%2Fg5gNntKUPH8G49sZ%2BSv3hYatoyZ2EPquPzs%2F2nr0jDc0zEZqJ0Um4JR3u23Vw%2BvzoxJt5RBq1GC9SgxlBTWmGLuRM4JlL3jhxh2cuj9"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4cab4fb08fe9-FRA

GET
H2 200 download-android-button.webp
nx-cdn.trgwl.com/Images/nexus-beta/dark-gold/desktop/home/ 1 KB
2 KB 558ms
557ms Image
image/webp 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-beta/dark-gold/desktop/home/download-android-button.webp?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

647f73170206161a1e3ecbe5dfeed0c4fd32c69daaa0272b9265f70bd2d57926

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:48 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1124
x-xss-protection: 1; mode=block
last-modified: Mon, 17 May 2021 02:47:12 GMT
server: cloudflare
etag: "038edefc64ad71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2Fwcc26FETsDe%2Fd2z%2FZbRnJk65XdIe9sPrtG1ylOm7Tln0%2F3IMcIidX6goWRymGkNFUSy4cWjjU2YRlnfL0D6Zml1l6LDA0Zdp%2BdNfJHdopswRfQAVz%2BdjETio4g0%2BHR3vqkcdQ7XiSUTlTn%2BfSP"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4cab4fb18fe9-FRA

GET
H2 200 whatsapp.svg
nx-cdn.trgwl.com/Images/communications/ 1 KB
2 KB 569ms
568ms Image
image/svg+xml 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/communications/whatsapp.svg?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a5ec12896091137a7fc414bf6c8cf4d875038e5388a937da1b25b1450ebd181

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 14 Oct 2020 22:31:58 GMT
server: cloudflare
etag: W/"0c3abd379a2d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2FmhBPWvx7NDcrarI3bSvjYtdGDaWzF3xL7lSS%2F8313YHYcaoCHFt7Se40Q6A4k8Nnnov09E5whkqp5sc7m55MOXRaGcyWSEraABkuDdyUWwmozWIgWCXUFsIZsTlgXdaYcQp0F374qNLpqvj2cS"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 6e8c4cab4fb28fe9-FRA

POST
H2 204 collect
www.google-analytics.com/g/ 0
345 B 39ms
15ms Ping
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-Y115330H68&gtm=2oe370&_p=1679730504&_z=ccd.B&cid=942175863.1646750148&ul=en-us&sr=1600x1200&_s=1&sid=1646750148&sct=1&seg=0&dl=https%3A%2F%2F172.104.41.68%2Fhome%3Fregister%26ref%3Ddutafilm&dt=HEYSLOT88%3A%20Daftar%208%20Game%20Judi%20Slot%20Online%20Terbaik%20Gampang%20Menang%2C%20Slot%20Online%20Gacor%20Dengan%20Jackpot%20Terbesar&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y115330H68
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 14:35:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://172.104.41.68
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 notification.png
nx-cdn.trgwl.com/Images/nexus-beta/dark-gold/desktop/layout/popup/ 3 KB
5 KB 294ms
293ms Image
image/png 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-beta/dark-gold/desktop/layout/popup/notification.png?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/Content/nexus-beta-desktop-css?v=kxkw7jNXJ4K6LbUcM2NR_Wj8MIYv_Wo_LpI0EFO4DyY1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c54143f726291cacdc5bf8c8a42fde67796eb1f4368e6c887fcda6697e36b514

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:49 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3487
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 20:01:16 GMT
server: cloudflare
etag: "0ce75e4e5c8d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1F26tMy0awnkKZkNN9Coh%2BJhO%2B3Fx8bZLdUcbEMmqfzNIMISHDmL8xNjzKKH1cq3Bxjfq8Y%2FDHfoCrG53hxcNlREqFMyXMOkTabCTgwhMvylOFqob4%2Bva2EyDAJ3MsQPHq1qPlNnbevUdtbyXJ8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e8c4cb01f358fe9-FRA

GET
H/1.1 200
OK js Show response
tickers.playtech.com/ Frame 7AF1 8 KB
8 KB 412ms
96ms Script
application/json 213.187.229.56
PTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://tickers.playtech.com/js?info=2&casino=winforfun88&currency=USD
Requested by: Host: 172.104.41.68
URL: https://172.104.41.68/bundles/Home/desktop-js?v=Z_ce32yiYgPWDn0rPN8MfXPoT8Fa3IuYkqVIwUOPyE01
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.187.229.56 , Canada, ASN43937 (PTNET, EE),
Reverse DNS
Software: /
Resource Hash: 515aedfd85adc27203b2980960192cdb565966af782dc30e7cd2ca038dacc3e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 14:35:49 GMT
Age: 3
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=293
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 8258

GET
H/1.1 200
OK refresh
172.104.41.68/captcha/ 2 KB
3 KB 270ms
270ms Image
image/jpeg 172.104.41.68
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://172.104.41.68/captcha/refresh?0.8587543390877128

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.104.41.68 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1621-68.members.linode.com

Software

nginx /

Resource Hash

cc213d83c31b0ee708ae33c8414a448b043eb244b71d7c5d819c8a16eeb91743

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/home?register&ref=dutafilm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 14:35:49 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4FK99l41bMPb9WRyUIkG5bi3rbO09Xa%2F6SHAq28JuhrXuSzc5HkY42p32P8l%2FccbOqX5X%2F%2Bf5cRiykt15d2ADGz1d9j7mfZTqH8BK5UJb4EYNtrs4UoY0q51MlIB5xjxwAYiauo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: private, s-maxage=0
Connection: keep-alive
CF-RAY: 6e8c4cb0d8174d75-SIN
Content-Length: 1875
X-Xss-Protection: 1; mode=block

GET
H2 200 1fgtvq2er Show response
embed.tawk.to/6157097a25797d7a8901caf7/ 2 KB
1 KB 229ms
198ms Script
application/x-javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/6157097a25797d7a8901caf7/1fgtvq2er

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/home?register&ref=dutafilm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abba160085e218323c3576fb0a38fec9132e9e24d135409c558ae295c2abecd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://172.104.41.68/
Origin: https://172.104.41.68
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
server: cloudflare
etag: W/"stable-v4-6225a12c754"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 6e8c4cb07c7623af-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 08 Mar 2022 15:35:49 GMT

GET
H3 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/6225a12c754/js/ 121 B
484 B 159ms
140ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6225a12c754/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/6157097a25797d7a8901caf7/1fgtvq2er

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://172.104.41.68/
Origin: https://172.104.41.68
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 07 Mar 2022 06:08:42 GMT
server: cloudflare
etag: W/"da5bb1dc647470204df0e49f5afac2de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6e8c4cb83d5bcc42-ZRH
expires: Thu, 07 Apr 2022 14:35:50 GMT

GET
H3 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/6225a12c754/js/ 76 KB
27 KB 293ms
274ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6225a12c754/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/6157097a25797d7a8901caf7/1fgtvq2er

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://172.104.41.68/
Origin: https://172.104.41.68
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 07 Mar 2022 06:08:42 GMT
server: cloudflare
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6e8c4cb83d62cc42-ZRH
expires: Thu, 07 Apr 2022 14:35:50 GMT

GET
H3 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/6225a12c754/js/ 206 KB
61 KB 397ms
379ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6225a12c754/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/6157097a25797d7a8901caf7/1fgtvq2er

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2060b969f277041f8ac99199e026231ddd1da5b969a5f7d18746ff864161fcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://172.104.41.68/
Origin: https://172.104.41.68
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 07 Mar 2022 06:08:42 GMT
server: cloudflare
etag: W/"acd9a4e94762d82f523ab1e623af8c95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6e8c4cb83d5dcc42-ZRH
expires: Thu, 07 Apr 2022 14:35:50 GMT

GET
H3 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/6225a12c754/js/ 154 KB
37 KB 411ms
393ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6225a12c754/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/6157097a25797d7a8901caf7/1fgtvq2er

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a50396124fa8a8d001510dafc4b0fc4e870a2af183bd3ef2371e997896c0ffd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://172.104.41.68/
Origin: https://172.104.41.68
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 07 Mar 2022 06:08:42 GMT
server: cloudflare
etag: W/"30dd84441516564e17b8ae719674af98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6e8c4cb83d5ecc42-ZRH
expires: Thu, 07 Apr 2022 14:35:50 GMT

GET
H3 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/6225a12c754/js/ 2 KB
1 KB 162ms
143ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6225a12c754/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/6157097a25797d7a8901caf7/1fgtvq2er

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d757cd3e96c84acf115468ec9ce80cdbb41a52d1c78dbf8e595f9e8293c6a98e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://172.104.41.68/
Origin: https://172.104.41.68
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 07 Mar 2022 06:08:42 GMT
server: cloudflare
etag: W/"c674f58871fda7cd8f89e60f4c2bdbbe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6e8c4cb83d60cc42-ZRH
expires: Thu, 07 Apr 2022 14:35:50 GMT

GET
H3 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/6225a12c754/js/ 151 B
472 B 169ms
150ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6225a12c754/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/6157097a25797d7a8901caf7/1fgtvq2er

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://172.104.41.68/
Origin: https://172.104.41.68
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 07 Mar 2022 06:08:42 GMT
server: cloudflare
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6e8c4cb83d61cc42-ZRH
expires: Thu, 07 Apr 2022 14:35:50 GMT

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 4 KB
2 KB 227ms
226ms Fetch
application/json 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=6157097a25797d7a8901caf7&widgetId=1fgtvq2er&sv=undefined

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6225a12c754/js/twk-chunk-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b9c6099e8cbd8537955087b030595acc89951197e5cec421499cfba8f3c1ffb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: visitor-application-preemptive-fh05
server: cloudflare
etag: W/"2-59-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 6e8c4cbafceb23af-ZRH
access-control-allow-headers: content-type,x-tawk-token

POST
H3 200 start Show response
va.tawk.to/v1/session/ 1 KB
1 KB 755ms
738ms Fetch
application/json 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6225a12c754/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0278f9fb4270fd95e76f99679481329e5e33f19a1864c56de44f58c532f8dc2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://172.104.41.68/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Tue, 08 Mar 2022 14:35:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: visitor-application-preemptive-r97c
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://172.104.41.68
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 6e8c4cbbf880cc3e-ZRH
access-control-allow-headers: content-type,x-tawk-token

OPTIONS
H2 200 start
va.tawk.to/v1/session/ Frame 0
0 141ms
140ms Preflight 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://172.104.41.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 08 Mar 2022 14:35:51 GMT
x-served-by: visitor-application-preemptive-gtvh
access-control-allow-origin: https://172.104.41.68
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6e8c4cbb0cf723af-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 id.js Show response
embed.tawk.to/_s/v4/app/6225a12c754/languages/ 15 KB
4 KB 25ms
25ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6225a12c754/languages/id.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6225a12c754/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b937e693f251d663ac0b9855e0ead79c129f6762a10caac607385e961283a290

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 498
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 07 Mar 2022 06:08:42 GMT
server: cloudflare
etag: W/"ba7e2ba4aa321fa87f42066a44e8c829"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6e8c4cbc68ffcc3e-ZRH
expires: Thu, 07 Apr 2022 14:35:51 GMT

GET
H3 200 twk-chunk-2d0d2b7c.js Show response
embed.tawk.to/_s/v4/app/6225a12c754/js/ 7 KB
2 KB 22ms
21ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6225a12c754/js/twk-chunk-2d0d2b7c.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6225a12c754/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fee6dec9e7d648ac6be3c030ffc99fd2ac5f73398212f4cb2e43d7cdc28282ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2578
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 07 Mar 2022 06:08:42 GMT
server: cloudflare
etag: W/"1180d712a02848854eab38e1736e2616"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6e8c4cc0ceb4cc3e-ZRH
expires: Thu, 07 Apr 2022 14:35:51 GMT

GET
H3 200 twk-chunk-696bc286.js Show response
embed.tawk.to/_s/v4/app/6225a12c754/js/ 16 KB
5 KB 22ms
22ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6225a12c754/js/twk-chunk-696bc286.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6225a12c754/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

491d5591bc4e20a75fcb83094baf7750ca156a46708f3083867ad81be62dd925

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2578
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 07 Mar 2022 06:08:42 GMT
server: cloudflare
etag: W/"7fa59a8543abb34a957e57dfa3d6c9ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6e8c4cc0ceb7cc3e-ZRH
expires: Thu, 07 Apr 2022 14:35:51 GMT

GET
H3 200 twk-chunk-f1596d96.js Show response
embed.tawk.to/_s/v4/app/6225a12c754/js/ 10 KB
4 KB 45ms
45ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6225a12c754/js/twk-chunk-f1596d96.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6225a12c754/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3bc991894696096648f72d1bcf710b36bf6ed392f5ab9ea43ed9320d2fc03de

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2449
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 07 Mar 2022 06:08:42 GMT
server: cloudflare
etag: W/"d2ff3e7b6543e5bd7b128a6cc6018a38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6e8c4cc0ceb8cc3e-ZRH
expires: Thu, 07 Apr 2022 14:35:51 GMT

GET
H3 200 twk-chunk-48f46bef.js Show response
embed.tawk.to/_s/v4/app/6225a12c754/js/ 16 KB
5 KB 24ms
23ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6225a12c754/js/twk-chunk-48f46bef.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6225a12c754/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ece5164ad0cbbcb2f1ddfd2493e66713ffbbfc4dc48c9d2f88a1fdf942b063d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2578
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 07 Mar 2022 06:08:42 GMT
server: cloudflare
etag: W/"87101b515797c22e12768ce58003f0c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6e8c4cc0ceb9cc3e-ZRH
expires: Thu, 07 Apr 2022 14:35:51 GMT

GET
H3 200 twk-chunk-4fe9d5dd.js Show response
embed.tawk.to/_s/v4/app/6225a12c754/js/ 942 B
799 B 45ms
45ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6225a12c754/js/twk-chunk-4fe9d5dd.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6225a12c754/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2578
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 07 Mar 2022 06:08:42 GMT
server: cloudflare
etag: W/"5f434bdd806571a4e1b385bee9316ff6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6e8c4cc0cebacc3e-ZRH
expires: Thu, 07 Apr 2022 14:35:51 GMT

GET
H3 200 twk-chunk-2d0b9454.js Show response
embed.tawk.to/_s/v4/app/6225a12c754/js/ 546 B
688 B 23ms
22ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6225a12c754/js/twk-chunk-2d0b9454.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6225a12c754/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2578
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 07 Mar 2022 06:08:42 GMT
server: cloudflare
etag: W/"09c3819d373bd4178a620d721429fada"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6e8c4cc0cebbcc3e-ZRH
expires: Thu, 07 Apr 2022 14:35:51 GMT

GET
H3 200 twk-chunk-f163fcd0.js Show response
embed.tawk.to/_s/v4/app/6225a12c754/js/ 11 KB
4 KB 33ms
32ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6225a12c754/js/twk-chunk-f163fcd0.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6225a12c754/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb94ebe9718dddddc412d9054b58d2ec39bea39d4f40e2181bafc4fb21120c19

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 273
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 07 Mar 2022 06:08:42 GMT
server: cloudflare
etag: W/"5d825157bfbb4872b9ce8ea19e5eb7e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6e8c4cc0cebccc3e-ZRH
expires: Thu, 07 Apr 2022 14:35:51 GMT

GET
H3 200 twk-chunk-32507910.js Show response
embed.tawk.to/_s/v4/app/6225a12c754/js/ 70 KB
16 KB 32ms
31ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6225a12c754/js/twk-chunk-32507910.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6225a12c754/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d3fd12f6868eab82ef4955ed0bd69f4020d68ecb1d5c8183d1f98a17a8623aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2578
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 07 Mar 2022 06:08:42 GMT
server: cloudflare
etag: W/"4ebed0c978644c006e76d753e250d665"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6e8c4cc0cebecc3e-ZRH
expires: Thu, 07 Apr 2022 14:35:51 GMT

GET
H3 200 min-widget.css
embed.tawk.to/_s/v4/app/6225a12c754/css/ Frame 0F03 24 KB
5 KB 23ms
22ms Stylesheet
text/css 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6225a12c754/css/min-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6225a12c754/js/twk-chunk-2d0d2b7c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34533e0e1da75160a7daf8a64a6c8e84d3ee9b9265695cfdf0ce3ce7ccac0139

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2569
cf-polished: origSize=25050
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 07 Apr 2022 14:35:51 GMT
last-modified: Mon, 07 Mar 2022 06:08:42 GMT
server: cloudflare
etag: W/"ca07acfc9643befa104a07a93067f7c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6e8c4cc10f11cc3e-ZRH
cf-bgj: minify

GET
H3 200 message-preview.css
embed.tawk.to/_s/v4/app/6225a12c754/css/ Frame C1ED 37 KB
8 KB 30ms
30ms Stylesheet
text/css 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6225a12c754/css/message-preview.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6225a12c754/js/twk-chunk-2d0d2b7c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c441a4185403c04c6660b68f8e08dbb2c1006c6a0f792fd454216a35b73fc867

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2578
cf-polished: origSize=37650
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 07 Apr 2022 14:35:51 GMT
last-modified: Mon, 07 Mar 2022 06:08:42 GMT
server: cloudflare
etag: W/"792b46302ed8c4acdf03169ba30069fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6e8c4cc12f2fcc3e-ZRH
cf-bgj: minify

GET
H3 200 max-widget.css
embed.tawk.to/_s/v4/app/6225a12c754/css/ Frame 2A3F 72 KB
14 KB 30ms
29ms Stylesheet
text/css 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6225a12c754/css/max-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6225a12c754/js/twk-chunk-2d0d2b7c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a44a41a1ca5c56b7c8e93f6ac217c528a9fb559c3060d08816655dd8e047a177

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2576
cf-polished: origSize=74174
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 07 Apr 2022 14:35:51 GMT
last-modified: Mon, 07 Mar 2022 06:08:42 GMT
server: cloudflare
etag: W/"10800e304a016c10a8f6e969ac0c17d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6e8c4cc14f49cc3e-ZRH
cf-bgj: minify

GET
H3 200 bubble-widget.css
embed.tawk.to/_s/v4/app/6225a12c754/css/ Frame A456 13 KB
3 KB 32ms
31ms Stylesheet
text/css 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6225a12c754/css/bubble-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6225a12c754/js/twk-chunk-2d0d2b7c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2445
cf-polished: origSize=13594
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 07 Apr 2022 14:35:51 GMT
last-modified: Mon, 07 Mar 2022 06:08:42 GMT
server: cloudflare
etag: W/"ce7913b80c763449b3895d46419f7a6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6e8c4cc14f58cc3e-ZRH
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ Frame 0F03 7 KB
665 B 44ms
18ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6225a12c754/css/min-widget.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d1b077ad91dc6d449f971f581046afff929ab4f742fdfdb7c3017418425c9a56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://embed.tawk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 14:14:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 08 Mar 2022 14:35:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Mar 2022 14:35:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C1ED 7 KB
665 B 36ms
17ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6225a12c754/css/message-preview.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d1b077ad91dc6d449f971f581046afff929ab4f742fdfdb7c3017418425c9a56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://embed.tawk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 14:13:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 08 Mar 2022 14:35:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Mar 2022 14:35:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2A3F 7 KB
1 KB 22ms
17ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6225a12c754/css/max-widget.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d1b077ad91dc6d449f971f581046afff929ab4f742fdfdb7c3017418425c9a56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://embed.tawk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 14:13:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 08 Mar 2022 14:35:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Mar 2022 14:35:51 GMT

GET
H3 200 168-r-br.svg
embed.tawk.to/_s/v4/assets/images/attention-grabbers/ Frame A456 22 KB
6 KB 22ms
22ms Image
image/svg+xml 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://embed.tawk.to/_s/v4/assets/images/attention-grabbers/168-r-br.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1284937
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 22 May 2021 07:25:19 GMT
server: cloudflare
etag: W/"f66e029841759471d2ec78b86760dca7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6e8c4cc18f8acc3e-ZRH
expires: Thu, 07 Apr 2022 14:35:51 GMT

GET
H3 200 tawk-font-icon-2.woff2
embed.tawk.to/_s/v4/assets/fonts/ Frame A456 10 KB
11 KB 141ms
139ms Font
font/woff2 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/assets/fonts/tawk-font-icon-2.woff2?55755728=

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6225a12c754/css/bubble-widget.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://embed.tawk.to/_s/v4/app/6225a12c754/css/bubble-widget.css
Origin: https://172.104.41.68
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:52 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10520
last-modified: Sat, 22 May 2021 07:25:13 GMT
server: cloudflare
etag: "054b3b66812d0a4b87ffc6776f0a42f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6e8c4cc1a902cc42-ZRH
expires: Thu, 07 Apr 2022 14:35:52 GMT

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 295 KB
39 KB 55ms
27ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6225a12c754/js/twk-chunk-vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 165998
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19179-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6e8c4cc1dcb30208-ZRH

GET
H3 200 live-chat.svg
nx-cdn.trgwl.com/Images/nexus-beta/dark-gold/desktop/layout/ 588 B
2 KB 584ms
583ms Image
image/svg+xml 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-beta/dark-gold/desktop/layout/live-chat.svg?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/Content/nexus-beta-desktop-css?v=kxkw7jNXJ4K6LbUcM2NR_Wj8MIYv_Wo_LpI0EFO4DyY1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

667ee8612b9502ae0c6f0b8eac253c8bca307446262f7ac5c2cc1a84b50d9d65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 20:01:16 GMT
server: cloudflare
etag: W/"0ce75e4e5c8d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=obEmc6no5VljZd0vJoo%2B0N1i1PD1%2FtR6RftHTdK%2BZc%2BE1tWuJKbN8Rnrfgu%2FGbEE1Eds2%2FU7MJ07yQ%2Bs9PdHPvQh6a6yRaaJeVPwqgzR5y3%2FHX%2FPqQ62JlfoJtkJHeHyYEWxSwWck9g8b9xOzWp4"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 6e8c4cc1bdf08ffe-FRA

GET
H3 200 mobile.svg
nx-cdn.trgwl.com/Images/nexus-beta/dark-gold/desktop/layout/ 733 B
2 KB 570ms
570ms Image
image/svg+xml 2606:4700:3036::ac43:a29f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-beta/dark-gold/desktop/layout/mobile.svg?v=20220222

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/Content/nexus-beta-desktop-css?v=kxkw7jNXJ4K6LbUcM2NR_Wj8MIYv_Wo_LpI0EFO4DyY1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:a29f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbf8ea136cb9875f6548ddfeb8eaf0290fab91b50610dfdd8583f5bc8644e04d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://172.104.41.68/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Dec 2020 00:03:04 GMT
server: cloudflare
etag: W/"06c135775c7d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1khge9Ayu1Dtwb0Ge%2FQ%2FBzwqlHBt0I1Fdqlwh6hKSED4BpwqYD7CKJkf0GqDfwvBcJbRzLMrMtRMYAKfHPGRxW%2Bi0CQE3JUnQqBM2I8eeIeNWFN75u77bzqMx2rHrCsYUMm90G7eCp%2BC9Ipb8M1"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 6e8c4cc1bdf18ffe-FRA

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ Frame 0F03 23 KB
24 KB 32ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://172.104.41.68
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 19:30:55 GMT
x-content-type-options: nosniff
age: 500696
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 19:30:55 GMT

OPTIONS
H3 200 v3
va.tawk.to/log-performance/ Frame 0
0 185ms
184ms Preflight 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://172.104.41.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 08 Mar 2022 14:35:52 GMT
x-served-by: visitor-application-preemptive-4336
access-control-allow-origin: https://172.104.41.68
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6e8c4cc43cbecc42-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 v3 Show response
va.tawk.to/log-performance/ 5 B
344 B 158ms
157ms Fetch
text/html 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6225a12c754/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://172.104.41.68/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Tue, 08 Mar 2022 14:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: visitor-application-preemptive-7b9b
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://172.104.41.68
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 6e8c4cc56e8dcc42-ZRH
access-control-allow-headers: content-type,x-tawk-token

GET
H2 200 female-35.svg
tawk.link/avatar/ Frame C1ED 5 KB
3 KB 83ms
39ms Image
image/svg+xml 2606:4700:20::ac43:4761
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tawk.link/avatar/female-35.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4761 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

042173c3ad9cd2ba2862084cd253626fbb91932f676efafcb44cb9430663d8f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:53 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 981257
x-powered-by: Express
last-modified: Tue, 21 Dec 2021 02:34:00 GMT
server: cloudflare
etag: W/"143a-17ddad6a765"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ALBAhzsYwrS6%2FDMKfuNGr16dMqJHi9258x4Wxadr9%2BtRt5ejikNpZQuYlqO3WXJAkyE7aIuzmZY%2Bi9GC%2FeZyCyhmA9r8LZfC9qvy8Bp6ZfzGUK5P1Ya%2BXNrNeyIeYVSp9eyIg%2BW6Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=2592000, immutable
cf-ray: 6e8c4cc8f99df917-MXP

GET
H3 200 tawk-font-icon-2.woff2
embed.tawk.to/_s/v4/assets/fonts/ Frame C1ED 10 KB
11 KB 42ms
42ms Font
font/woff2 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/assets/fonts/tawk-font-icon-2.woff2?55755728=

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6225a12c754/css/message-preview.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://embed.tawk.to/_s/v4/app/6225a12c754/css/message-preview.css
Origin: https://172.104.41.68
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:35:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10520
last-modified: Sat, 22 May 2021 07:25:13 GMT
server: cloudflare
etag: "054b3b66812d0a4b87ffc6776f0a42f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6e8c4cc8bb37cc42-ZRH
expires: Thu, 07 Apr 2022 14:35:53 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ Frame C1ED 23 KB
23 KB 21ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://172.104.41.68
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 19:30:55 GMT
x-content-type-options: nosniff
age: 500698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 19:30:55 GMT

POST
H/1.1 200
OK online Show response
172.104.41.68/session/ 56 B
2 KB 269ms
269ms XHR
application/json 172.104.41.68
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://172.104.41.68/session/online

Requested by

Host: 172.104.41.68
URL: https://172.104.41.68/bundles/nexus-beta-desktop-js?v=rI8eEaPmGOZeFGhggJRpd83nN0jiPZOcJC8P3VOv5PI1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.104.41.68 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1621-68.members.linode.com

Software

nginx /

Resource Hash

1ada54267efab66fc4e94fc1449d3fca7b2a03801c9c8bc0d3acc39e1f1f8a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://172.104.41.68/home?register&ref=dutafilm
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

Date: Tue, 08 Mar 2022 14:35:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SY7M5AaQvOP5xluufz9jvV71FEy%2F55Y5GawFvPdYEjaBiO55ObNDKKSW8Df9N3SQMr7Zd62OF%2Bv2guFExaNRd9Q4C8OvGHAVmUkql11ZdPzNu%2BHkGAYa3DQUgJpKfKHUkYo5h6fQh8o3sqa31KBkPqY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/json; charset=utf-8
Cache-Control: private, s-maxage=0
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6e8c4ccfea766c63-SIN
X-Xss-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
172.104.41.68/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: bvvol2530amez4p2btktl3yt
172.104.41.68/	1970-01-20 02:09:02	Name: referral-code Value: dutafilm
172.104.41.68/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: HuO0NgAxcyNmWguk0swePuiV2DY-yIoI3OA4zeL_QkAL9JSoL2lBtKcRgkExzjNPbtyt8CcB6S0gRs--0r77S_WNwhsE4IsqSrw7g0bGrV01
172.104.41.68/	1970-01-20 18:57:02	Name: _ga_Y115330H68 Value: GS1.1.1646750148.1.0.1646750148.0
172.104.41.68/	1970-01-20 18:57:02	Name: _ga Value: GA1.1.942175863.1646750148
172.104.41.68/	1970-01-20 01:35:54	Name: AWSALBTG Value: twiGDhlgTza6BNAnqs2gpqfmyfwdy0J6BJ3nveEsh8hz907OTKvNYWkGo4DkYWW8iOAkXXwOt2hxa61P55yY3OcEnQJQXb7hWFtlcejAm/CU3UummI2nizdGc1FAK+kf/BmEIyJo+niz72Rht4oyGnl3J5AppG/CcgMu7yDOWyh5N25XbDY=
172.104.41.68/	1970-01-20 01:35:54	Name: AWSALB Value: OW2tFE3S+Q3APYcGIGvsONEBySP6n0tPlvNVDwOJ/fte2bcpXS4WIWnUDZRM0+iZcHnIqhsYrLvmTl9X8twVTqrtsJRnUwQZwWc7rcIRoVwTjK99AlVpjmxJp9+m
172.104.41.68/	1969-12-31 23:59:59	Name: twk_idm_key Value: g_WEqwS-akiFxR19yrV8y
172.104.41.68/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0
172.104.41.68/	1970-01-20 05:45:02	Name: twk_uuid_6157097a25797d7a8901caf7 Value: {"uuid":"1.18PseoetEbv9gAPXhVy9Wc2YG149o1SOKe1w0nvNqMjH75qFBTXNoXNGYrur5wmoO00LhrG1dsulf3nQt2gUXpYyFTL7xicsFns7as2wuwJbyCdXxbPcNRMQdXxbgejAbvCgLDbY6ej2B3N3zd","version":3,"domain":"172.104.41.68","ts":1646750151799}

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api2-hy8.tr8ngames.com/images/Instagram_c9acfbee-86fd-48e1-b1a1-a1104369faae_1646749840968.png Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2-hy8.tr8ngames.com
cdn.jsdelivr.net
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
i.ibb.co
img.kotakputih.casa
nx-cdn.trgwl.com
tawk.link
tickers.playtech.com
va.tawk.to
www.google-analytics.com
www.googletagmanager.com
172.104.41.68
213.187.229.56
2606:4700:10::6816:1983
2606:4700:10::ac43:2642
2606:4700:20::681a:f27
2606:4700:20::ac43:471e
2606:4700:20::ac43:4761
2606:4700:3036::ac43:a29f
2606:4700::6810:5514
2a00:1450:4001:808::200e
2a00:1450:4001:810::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::2008
51.210.32.132
01f26c1fdfbd986fa23c802d8e5b125b97afe4a9a556fdcf93c33fe888e9b29e
0278f9fb4270fd95e76f99679481329e5e33f19a1864c56de44f58c532f8dc2d
040bf02b560fb5befb82f5c6fdda73b2fa533162470d1ce7b75a7acd63ae6066
042173c3ad9cd2ba2862084cd253626fbb91932f676efafcb44cb9430663d8f2
0446d0e7a11862ad0864ee2a11876e9437f25cbe6e5ca0aed3f45dc8e4aedabc
0468f6ba4529e9e72d41585904933dcf4e0197e2584810be5a023c19664b25bc
09dbcb3cddf388ce3e4a0edc608e2ceff3256cefbb0567503b8326c6fe7a09a4
0b11f3ebed0d1114ebcd6fbe310a5f40a8ef3545155998b2fd9d769993de24c2
0d70794a31349c39f0f8ea657ffc789593620edade134fed82e910715a297818
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
198b1cec1f6538854534bfaf1a77c3ba191f8ffb0cb2eed0c9be9513d1b55b31
1ada54267efab66fc4e94fc1449d3fca7b2a03801c9c8bc0d3acc39e1f1f8a2e
1b81a90d317b70f82719218970659a41b488eae52d89f93401a41bcc7b23f44e
1d3fd12f6868eab82ef4955ed0bd69f4020d68ecb1d5c8183d1f98a17a8623aa
1e5ac8f0c39a0d860bee7590a6fcbc147f7760f889bd27fc8b4be09edfccf78a
201bd0f8d49394d93dede9a5b9be7350c40d20697e9c09ab3e73be908c90081a
25e9cb2c38a9e51dd0e0a6f39b1bfe1a6f59bb7e88507ad82c34ab2b2b9e4288
26684fcc763c293c9689ddc3369c4f5638472fd78401d0508dde5489dc197595
270a8bd37c5263b9d5dedb1940270fc706c7cc5e8d8877e23e27277f1428973f
296bbfa0b72f74ac94d80e0353e4ff2d8a2ded813826fad5b3fb220eb37a6480
2991f771f85700b7f88a8944a66afcd96199467920eec36cbb7ea77b6028f1dc
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
34533e0e1da75160a7daf8a64a6c8e84d3ee9b9265695cfdf0ce3ce7ccac0139
34984ad00abb1b783d6785ea2806cbac007736446357c28fe4a7574cdd60e195
34b2d744377e3d450f6f2795b98ccc23941d957f7a8ea89fd586e417e623d0a9
3776465d54f99fd586c8073512ff02f55e9b4ead97c8b0279ff3bd9f6cfc85df
3822d4f71c4276578e48d5325bdb5e0b2956155f26a01d8a470d422089cf23f5
3a5ec12896091137a7fc414bf6c8cf4d875038e5388a937da1b25b1450ebd181
4147d90124650418cd05066c006af47d978d6fcae6f495d08713771fd3e76aa0
414d328252c645d965da0dfb669ce2508572997718207bac420a080588eb7466
41c04af3b1f1e46cb3f253b4ba1c559517a9fd1c18e06ebecdf8ba56b53ad2df
424ebfdc53333821484efe2dd2e4299e8079cc3164dcd47691f094c790200fda
48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c
491d5591bc4e20a75fcb83094baf7750ca156a46708f3083867ad81be62dd925
49664535e6da336f8dd04e17aa68eb557897c7de9b3be942b196ed84f1bb52ca
5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526
511d4acc3bf3da61b5d7892aea8b65aa67945425439c75dd3cf2cfa1d2630b42
515aedfd85adc27203b2980960192cdb565966af782dc30e7cd2ca038dacc3e7
5549f5525c20d57edc7d3ae822ad6d3cb4d5fc2c0ff2921b7c487587999f4367
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
5b9c6099e8cbd8537955087b030595acc89951197e5cec421499cfba8f3c1ffb
5ccb0021f60da678c0fc52901057ad26b0a6d369c57dc6eb84915f6e90d3e938
5ece5164ad0cbbcb2f1ddfd2493e66713ffbbfc4dc48c9d2f88a1fdf942b063d
6026d009ef5615708c7dd6265a1344c2e2cccdb49e9b6ea0c432efa70124cdd8
642ef5aec86961d7777b10d275f354c767cc604c2390afc2790f2a40ec25cecc
647f73170206161a1e3ecbe5dfeed0c4fd32c69daaa0272b9265f70bd2d57926
65f35d4d2edcf0548f77d94b1e1395c8a8db4126963ae2ae750dbe759afea1c1
667ee8612b9502ae0c6f0b8eac253c8bca307446262f7ac5c2cc1a84b50d9d65
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
705fe4ec4cb74e95c6e9d81d49fbeba6e75bf0d84e899ae5d015c71cd1a314e2
71c12656535e99119c2a952c10554cd6f47c6923d2d96155a7833276e68992af
71f9edc92a4cedec2d9164b63a2b5ced856d46e73b67e16fa8170d522dd35b47
72a0c1d66756fbd3ea8a457fa51af59805561ffb5f402202335ff287eecee39f
7446e80f82d9eabad01cdb5e1be40a63666a70d76485b91c1e4d27e77bdf1940
78270b3ee22279663af6c18ecce4af90167b5ea0a498f82b742f9aa1181c87c9
7a50396124fa8a8d001510dafc4b0fc4e870a2af183bd3ef2371e997896c0ffd
7ade929071b57665452d1d4abde2ed8b52a8daa3d2ea88a34690cc769c8f344c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f
999e38e52011747d3578ed4d82847f31c203a1773871857a5496b7e26bde2243
9f3e6456694935c28fa4fbe90929d439c8c9585c96d3a60ebc6c7f1227cf7ad7
a29f90d30fc7f86b6daa0138803f34079704437e4b11d2deb1c8717f0367291c
a44a41a1ca5c56b7c8e93f6ac217c528a9fb559c3060d08816655dd8e047a177
a4eeb8ff0404f46053fc1d6f8a67ffe8f4a6c190fd2b640e8d0abe3c61b5e6b7
a7aedc6ca549c685e560d1bd7a05840960b9589b35261a9bdeaf20bcefbf8df9
abba160085e218323c3576fb0a38fec9132e9e24d135409c558ae295c2abecd7
aef31096fe452b5cd57305aa63107b198b95dd94e1d79417781006cd6095a1bd
af2c26292bb75dbaf9a8e5ff20f7564aa3c0822edbc65b3f887a51e6306f7e2c
b067a1708ef09d669f50e78cef5228f06d66298a40bd3718f49ca9c86d8f99e4
b3a2c9acfce0e14f32b913958078ff4a5bd2d0875d4b5e88e645865c5e71a0bd
b6712d97891281fa1c4f5ca7fa525b6724068d2da5a6654e170c0a4bb0bfc178
b70b914fee505be534cff3c47ac726290689980ec28e650ec16069fd34dcf142
b937e693f251d663ac0b9855e0ead79c129f6762a10caac607385e961283a290
ba8145cf848d2c72f03c234538c70eef27c8b12f4594da3dec4e48a74217eb12
bac2b83e9b5ca55fa13ba2687ca9d50f5608a0d939acb25454962dd7ad5317d1
bb94ebe9718dddddc412d9054b58d2ec39bea39d4f40e2181bafc4fb21120c19
c3bc991894696096648f72d1bcf710b36bf6ed392f5ab9ea43ed9320d2fc03de
c441a4185403c04c6660b68f8e08dbb2c1006c6a0f792fd454216a35b73fc867
c4549533789cd22c67e36646d183e2349bc205ceb6b22af1d9421c83ac95df9a
c54143f726291cacdc5bf8c8a42fde67796eb1f4368e6c887fcda6697e36b514
c78efbcc2ad2825c8f24702f16c32b27c731d6fcfc3dc4dd984134c6173d8a7d
c80965a7f538b31d736fd29457c9d13908c50a2bffd3ea8c4ad5cf746564d33d
c879c4e61b57f4348613702e4ed173a074433907948d88e97df0345ef484c07d
c89c23b0a66a0dbee30b0e02f1ce892302179eb910022d02d0b484ae7f075fa4
cbd766ec3adb16a1365df479085ad59b1ae4902b1e1d5ee7fb99e66ec1fe00cd
cbf8ea136cb9875f6548ddfeb8eaf0290fab91b50610dfdd8583f5bc8644e04d
cc213d83c31b0ee708ae33c8414a448b043eb244b71d7c5d819c8a16eeb91743
d1b077ad91dc6d449f971f581046afff929ab4f742fdfdb7c3017418425c9a56
d5991342f8cb19585746f942d4937a1db02dccfd839809edb791ad83eb8afb03
d5d68c2fed099818667fcce168c7dcdda4613c4163f9a7aa760f900abadd4b7f
d757cd3e96c84acf115468ec9ce80cdbb41a52d1c78dbf8e595f9e8293c6a98e
da75aa03800149209497bac011174ac23eb37ce5831894643963f6df95d5b2f5
db1ecf5f3f94ec4e2ec618a4253a204dbb29a0ddebb670deb00ef17e5c2d7a28
dff011ccb52a0cf1b082e3a557246ca8a31cc7afb99dd695e2b6554f5e2fea8d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e846fb2ccbbcbfaf3548535474955706f7b6dba9dc117029a6a578eeebcd3c9e
eb70134c1038b9202ef0dea6f2857c1eaa8928f42e8b0339185e2c9206e07eb8
f2060b969f277041f8ac99199e026231ddd1da5b969a5f7d18746ff864161fcc
f4d4206926650ac5f4dba4ee3f3f51a89f6fcaf895e677807486c8ce616f946f
f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
fa1e2abf03fae481aac90a92038552d55518c2cd36d7400370ebd357e1c1126f
fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867
fe934cabcff1421bcedf5ee7ba47db711c9a68c253ad37c853e352b79f87cded
fee6dec9e7d648ac6be3c030ffc99fd2ac5f73398212f4cb2e43d7cdc28282ed

172.104.41.68 Open in urlscan Pro 172.104.41.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

115 Requests

100 %HTTPS

79 %IPv6

12 Domains

13 Subdomains

14 IPs

5 Countries

6841 kBTransfer

8316 kBSize

10 Cookies

7 Outgoing links

Page URL History

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

172.104.41.68 Open in urlscan Pro
172.104.41.68 Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

100 %
HTTPS

79 %
IPv6

12
Domains

13
Subdomains

14
IPs

5
Countries

6841 kB
Transfer

8316 kB
Size

10
Cookies

115 HTTP transactions
0 data transactions