urlscan.io logo urlscan.io
SecurityTrails logo

www2.tw866.net Open in urlscan Pro
2606:4700:20::681a:127  Public Scan

Go To Rescan Add Verdict Report
URL: https://www2.tw866.net/
Submission: On June 30 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 23 HTTP transactions. The main IP is 2606:4700:20::681a:127, located in United States and belongs to CLOUDFLARENET, US. The main domain is www2.tw866.net.
TLS certificate: Issued by WE1 on June 28th 2024. Valid for: 3 months.
This is the only time www2.tw866.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 2606:4700:20:... 13335 (CLOUDFLAR...)
13 172.67.70.205 13335 (CLOUDFLAR...)
1 188.114.97.3 13335 (CLOUDFLAR...)
1 49.213.1.153 10098 (HENDERSON...)
1 2 104.244.42.65 13414 (TWITTER)
23 5
7    2606:4700:20::681a:127 (United States)

ASN13335 (CLOUDFLARENET, US)
www2.tw866.net
13    172.67.70.205 (United States)

ASN13335 (CLOUDFLARENET, US)
www2.tw866.net
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
www.fortuna888.net
1    49.213.1.153 (Hong Kong)

ASN10098 (HENDERSON-HK Towngas Telecommunications Fixed Network Ltd, HK)
PTR: 49-213-1-153.static.hdcdatacentre.com
inplayz.com
2    104.244.42.65 (United States)

ASN13414 (TWITTER, US)
twitter.com
x.com
Apex Domain
Subdomains		 Transfer
20 tw866.net
www2.tw866.net
436 KB
1 x.com
x.com — Cisco Umbrella Rank: 3378
1 twitter.com
twitter.com — Cisco Umbrella Rank: 383
4 KB
1 inplayz.com
inplayz.com
1 fortuna888.net
www.fortuna888.net
23 5
Domain Requested by
20 www2.tw866.net www2.tw866.net
1 x.com www2.tw866.net
1 twitter.com 1 redirects
1 inplayz.com www2.tw866.net
1 www.fortuna888.net www2.tw866.net
23 5

This site contains no links.

Subject Issuer Validity Valid
tw866.net
WE1		 2024-06-28 -
2024-09-26		 3 months crt.sh
fortuna888.net
GTS CA 1P5		 2024-05-30 -
2024-08-28		 3 months crt.sh
*.inplayz.com
Sectigo RSA Domain Validation Secure Server CA		 2024-06-24 -
2025-07-25		 a year crt.sh
twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-31 -
2024-10-29		 a year crt.sh

This page contains 5 frames:

Primary Page: https://www2.tw866.net/
Frame ID: 818026AFA6B682C0C2BEA2171C468053
Requests: 8 HTTP requests in this frame

Frame: https://www2.tw866.net/tpl/login.php
Frame ID: B3F6E61C03D6A3FC27CAF0F4D8904485
Requests: 12 HTTP requests in this frame

Frame: https://www.fortuna888.net/
Frame ID: D219226A417177151962B4D54BCA36A9
Requests: 1 HTTP requests in this frame

Frame: https://inplayz.com/tw/leaderboard
Frame ID: A2D1127FCC98E0550C2B6899049A20DC
Requests: 1 HTTP requests in this frame

Frame: https://x.com/FORTUNA_CASINO
Frame ID: 679C0FF32B83ED290EDED12719BE0700
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Welcom!! Client User!!

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

436 kB
Transfer

514 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://twitter.com/FORTUNA_CASINO HTTP 302
  • https://x.com/FORTUNA_CASINO

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www2.tw866.net/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www2.tw866.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
014cc2dbac4314ebc1898f793314508c355edb387b5a932cab4a3e04f921a172

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89c1fe97ae7e9a17-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 30 Jun 2024 23:39:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K43pe4bW9dj6XQRd7J4OaGTPvk5hCoYAAOcrZ3%2B0EriHjhwEhDaET19vWG73vmKehNuV8WotwtN%2FlWeckPgQ%2FhEWJsRdnuC2yMd3nk7uvXjRmcNXwREAPL%2FGxv515gdSk3o8Ik%2Fi1NdvDB39Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
jquery-1.9.0.min.js
www2.tw866.net/jq_js/ 		91 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.tw866.net/jq_js/jquery-1.9.0.min.js
Requested by
Host: www2.tw866.net
URL: https://www2.tw866.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fa0d5c3f538c76f878e012ac390597faecaabfe6fb9d459b919258e76c5df8e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www2.tw866.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 23:39:16 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 15 Apr 2013 07:52:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"180db0-16b8c-4da618754b100"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i8O9SGABAGP7hEz9NBGX9Wyt1QCMT5RJVmnRlABriuLhvBCOblj%2F5A8F2vB9LtJ4n2ArQ8TaZaIMBxiQdhU1LNyN46WKdm25DVKAgKBLwU12a61eZDiH2DBRSPSEiukYpxQqa6%2Fj%2FxckZ9Esuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89c1fe9b38399a17-FRA
alt-svc
h3=":443"; ma=86400
content-length
37124
config.js
www2.tw866.net/js/ 		138 B
427 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.tw866.net/js/config.js?20240701
Requested by
Host: www2.tw866.net
URL: https://www2.tw866.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78cc6295c72135d8d9a647347163f73c361cf87709d04e599dc053e016bbd65b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www2.tw866.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 23:39:15 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 26 Apr 2013 10:30:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"180d31-8a-4db4106f63ac0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H99zxPG3ohLsZAkfy0e9wCtCeVkjya2f0L0ce%2Bztfa0lMnKJ%2Blxe7uruLu2x7ztTkz5UT6lwMqMY4mj%2FRcmsF7z8K7NcfLSPY2MNCzoiWCDezXQlUBwL1wICkXqOXR8oE4lnz0GkW6XwdHBNfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
89c1fe9b383a9a17-FRA
alt-svc
h3=":443"; ma=86400
json2.js
www2.tw866.net/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.tw866.net/js/json2.js?20240701
Requested by
Host: www2.tw866.net
URL: https://www2.tw866.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9759915462c53f2bb071900f67e586d62a9b617ecbf0f7bef4f9d26f874145cf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www2.tw866.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 23:39:15 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 20 Jun 2012 03:01:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"180d53-1886-4c2de9e3a6d00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sqAf9zh6StuFV74zAvDlUAZTjYTPPy7Zl9tlnNSs3RZQToCJWPHeI6A5ON1aIohtw5nTHqYhobhskmVzMemymeRu3XTSQifKRavLpSha2znzzlyD6lR3F2tWa7O8PFfBds3qeRl%2Fj1vensbRMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89c1fe9b383b9a17-FRA
alt-svc
h3=":443"; ma=86400
content-length
1795
public.js
www2.tw866.net/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.tw866.net/js/public.js?20240701
Requested by
Host: www2.tw866.net
URL: https://www2.tw866.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0556683c1ecc901f2e1c40093dee2002b935353cecefaf9a48d0f97eca0f383f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www2.tw866.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 23:39:15 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 04 Dec 2018 06:59:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"180d4d-1da6-57c2cd0245300"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZxfIfVPC1t41D0Sw8eYiymAc2TGT0G1%2Fyuw2YgGLGSKC5ij8lUgP2mANuBU98ff9L%2BSv95XKyX833%2FHGyqLNm8y0b3yEBYh1swnUa5DJoHrSVjUe1GBzCHhVCg0bglabiDxvoRtGX1WwRFrtWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89c1fe9b383c9a17-FRA
alt-svc
h3=":443"; ma=86400
content-length
2165
browser.js
www2.tw866.net/js/ 		2 KB
816 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.tw866.net/js/browser.js?20240701
Requested by
Host: www2.tw866.net
URL: https://www2.tw866.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
138661c94b9154a24c2cb66a04175bbcc3f6b24dddad59b25e98195f1cead1b2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www2.tw866.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 23:39:15 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 23 Feb 2013 09:20:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"180d3b-8cc-4d660d135a180"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZEnSGx9aEhJa6r0jrV9SS8vPraGUyG0Qco2zyMKFUKzWSrPFmPLVyzzXitilQ88DyOybzs3UmL8iJRiG9q%2BrdmuwnpTQ4I%2FtfnTJA5AZ%2BQZhPYGMByGU0UUA2Z7u6UhRHM5yZ2YBHlL8Mdu8Mw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89c1fe9b383d9a17-FRA
alt-svc
h3=":443"; ma=86400
content-length
482
userinfo.js
www2.tw866.net/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.tw866.net/js/userinfo.js?20240701
Requested by
Host: www2.tw866.net
URL: https://www2.tw866.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5f8d5a7ba1f1755a3652c5ba7dc5b1bdb599ecd67c03057cce4f9f5020322a8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www2.tw866.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 23:39:15 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 23 Feb 2013 10:07:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"180d2e-abc-4d6617aaa5e40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gFSyYdshAUQtELlkWq3CzOXd01quXvh9uV%2BCOG5AR%2BuNQ2tuQ1%2FnysXMeRbcfL5%2BziBBtmS9I5xtu9Eh09ozBok3J86j%2BlxRyjC%2BX%2BXG63TdnaITSwfnfbC5BmwlkMqFWkcLN7NkSbW1LJObLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89c1fe9b383e9a17-FRA
alt-svc
h3=":443"; ma=86400
content-length
996
login.php
www2.tw866.net/tpl/ Frame B3F6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www2.tw866.net/tpl/login.php
Requested by
Host: www2.tw866.net
URL: https://www2.tw866.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56a36f0f9fb5f8b2fefc5647ea8d5fcaa3cc1724a908289e95aa33e080148c5d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www2.tw866.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89c1fea348409944-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 30 Jun 2024 23:39:16 GMT
expires
Mon, 01 Jul 2024 0:39:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jfPVnstPUayN4URjURWMkCDa8QxekFtj2mmGbICbqsnPEtueOObJI5pNwwvP3JDZC5KVRBrWeCRkcst2KhAW4TGjc3aLhIa8a68lDav4E73WqvS521YvzTfNi7djxGIl3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
www.fortuna888.net/ Frame D219 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.fortuna888.net/
Requested by
Host: www2.tw866.net
URL: https://www2.tw866.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www2.tw866.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89c1fea3b9c84da8-FRA
content-encoding
br
content-type
text/html
date
Sun, 30 Jun 2024 23:39:16 GMT
last-modified
Thu, 27 Jun 2024 09:56:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I1h7tKmGC5OIwTG0fuMlIZDFmEpwAOsujmuAyfEVLu%2FCCGeq8OcAHX9rG8vjlS2%2F2T%2BE2VwixeIcql8UAMpzMdbjWEPdL00tTuaeC1Zh0AdxPKHT9qA8nIWJqbRyyN8yhy3MDFs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
leaderboard
inplayz.com/tw/ Frame A2D1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://inplayz.com/tw/leaderboard
Requested by
Host: www2.tw866.net
URL: https://www2.tw866.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
49.213.1.153 , Hong Kong, ASN10098 (HENDERSON-HK Towngas Telecommunications Fixed Network Ltd, HK),
Reverse DNS
49-213-1-153.static.hdcdatacentre.com
Software
nginx/1.19.1 / Nuxt
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www2.tw866.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
content-encoding
br
content-type
text/html;charset=utf-8
date
Sun, 30 Jun 2024 23:39:17 GMT
server
nginx/1.19.1
vary
Accept-Encoding Accept-Encoding
x-powered-by
Nuxt
FORTUNA_CASINO
x.com/ Frame 679C
Redirect Chain
  • https://twitter.com/FORTUNA_CASINO
  • https://x.com/FORTUNA_CASINO
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://x.com/FORTUNA_CASINO
Requested by
Host: www2.tw866.net
URL: https://www2.tw866.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.65 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o / Express
Resource Hash
Security Headers
Name Value
Content-Security-Policy connect-src 'self' blob: https://api.x.ai https://api.x.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api.x.com https://api-stream.twitter.com https://api-stream.x.com https://ads-api.twitter.com https://ads-api.x.com https://aa.twitter.com https://aa.x.com https://caps.twitter.com https://caps.x.com https://pay.twitter.com https://pay.x.com https://sentry.io https://ton.twitter.com https://ton.x.com https://ton-staging.atla.twitter.com https://ton-staging.atla.x.com https://ton-staging.pdxa.twitter.com https://ton-staging.pdxa.x.com https://twitter.com https://x.com https://upload.twitter.com https://upload.x.com https://www.google-analytics.com https://accounts.google.com/gsi/status https://accounts.google.com/gsi/log https://checkoutshopper-live.adyen.com wss://*.pscp.tv https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com ws://localhost:8008/v2/ipc https://ads-twitter.com https://analytics.twitter.com https://analytics.x.com ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com https://x.com https://*.x.com https://localhost.twitter.com:3443 https://localhost.x.com:3443; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://x.com https://mobile.twitter.com https://mobile.x.com https://pay.twitter.com https://pay.x.com https://cards-frame.twitter.com https://accounts.google.com/ https://client-api.arkoselabs.com/ https://iframe.arkoselabs.com/ https://vaultjs.apideck.com/ https://recaptcha.net/recaptcha/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; img-src 'self' blob: data: https://*.cdn.twitter.com https://*.cdn.x.com https://ton.twitter.com https://ton.x.com https://*.twimg.com https://analytics.twitter.com https://analytics.x.com https://cm.g.doubleclick.net https://www.google-analytics.com https://maps.googleapis.com https://www.periscope.tv https://www.pscp.tv https://ads-twitter.com https://ads-api.twitter.com https://ads-api.x.com https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://scontent-sea1-1.xx.fbcdn.net https://*.googleusercontent.com https://t.co/1/i/adsct; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://x.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://recaptcha.net/recaptcha/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://client-api.arkoselabs.com/ https://www.google-analytics.com https://twitter.com https://x.com https://accounts.google.com/gsi/client https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.gstatic.com/cast/sdk/libs/caf_receiver/v3/cast_receiver_framework.js https://static.ads-twitter.com 'nonce-NzFhYjQ0ODgtZjQyZS00MGRhLTlhZWUtNDU1NjMxNzVlNDE5'; style-src 'self' 'unsafe-inline' https://accounts.google.com/gsi/style https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www2.tw866.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, max-age=0
content-encoding
gzip
content-security-policy
connect-src 'self' blob: https://api.x.ai https://api.x.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api.x.com https://api-stream.twitter.com https://api-stream.x.com https://ads-api.twitter.com https://ads-api.x.com https://aa.twitter.com https://aa.x.com https://caps.twitter.com https://caps.x.com https://pay.twitter.com https://pay.x.com https://sentry.io https://ton.twitter.com https://ton.x.com https://ton-staging.atla.twitter.com https://ton-staging.atla.x.com https://ton-staging.pdxa.twitter.com https://ton-staging.pdxa.x.com https://twitter.com https://x.com https://upload.twitter.com https://upload.x.com https://www.google-analytics.com https://accounts.google.com/gsi/status https://accounts.google.com/gsi/log https://checkoutshopper-live.adyen.com wss://*.pscp.tv https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com ws://localhost:8008/v2/ipc https://ads-twitter.com https://analytics.twitter.com https://analytics.x.com ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com https://x.com https://*.x.com https://localhost.twitter.com:3443 https://localhost.x.com:3443; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://x.com https://mobile.twitter.com https://mobile.x.com https://pay.twitter.com https://pay.x.com https://cards-frame.twitter.com https://accounts.google.com/ https://client-api.arkoselabs.com/ https://iframe.arkoselabs.com/ https://vaultjs.apideck.com/ https://recaptcha.net/recaptcha/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; img-src 'self' blob: data: https://*.cdn.twitter.com https://*.cdn.x.com https://ton.twitter.com https://ton.x.com https://*.twimg.com https://analytics.twitter.com https://analytics.x.com https://cm.g.doubleclick.net https://www.google-analytics.com https://maps.googleapis.com https://www.periscope.tv https://www.pscp.tv https://ads-twitter.com https://ads-api.twitter.com https://ads-api.x.com https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://scontent-sea1-1.xx.fbcdn.net https://*.googleusercontent.com https://t.co/1/i/adsct; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://x.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://recaptcha.net/recaptcha/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://client-api.arkoselabs.com/ https://www.google-analytics.com https://twitter.com https://x.com https://accounts.google.com/gsi/client https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.gstatic.com/cast/sdk/libs/caf_receiver/v3/cast_receiver_framework.js https://static.ads-twitter.com 'nonce-NzFhYjQ0ODgtZjQyZS00MGRhLTlhZWUtNDU1NjMxNzVlNDE5'; style-src 'self' 'unsafe-inline' https://accounts.google.com/gsi/style https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 30 Jun 2024 23:39:16 GMT
expiry
Tue, 31 Mar 1981 05:00:00 GMT
last-modified
Sun, 30 Jun 2024 23:39:16 GMT
perf
7402827104
pragma
no-cache
server
tsa_o
strict-transport-security
max-age=631138519
x-connection-hash
06956f1c586d459c5e2bb16826b828057339707a664233a7f2af468b54b575af
x-content-type-options
nosniff
x-frame-options
DENY
x-powered-by
Express
x-response-time
105
x-transaction-id
32eaacc991bef85b
x-xss-protection
0

Redirect headers

cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-encoding
gzip
content-length
100
content-security-policy
connect-src 'self' blob: https://api.x.ai https://api.x.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api.x.com https://api-stream.twitter.com https://api-stream.x.com https://ads-api.twitter.com https://ads-api.x.com https://aa.twitter.com https://aa.x.com https://caps.twitter.com https://caps.x.com https://pay.twitter.com https://pay.x.com https://sentry.io https://ton.twitter.com https://ton.x.com https://ton-staging.atla.twitter.com https://ton-staging.atla.x.com https://ton-staging.pdxa.twitter.com https://ton-staging.pdxa.x.com https://twitter.com https://x.com https://upload.twitter.com https://upload.x.com https://www.google-analytics.com https://accounts.google.com/gsi/status https://accounts.google.com/gsi/log https://checkoutshopper-live.adyen.com wss://*.pscp.tv https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com ws://localhost:8008/v2/ipc https://ads-twitter.com https://analytics.twitter.com https://analytics.x.com ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com https://x.com https://*.x.com https://localhost.twitter.com:3443 https://localhost.x.com:3443; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://x.com https://mobile.twitter.com https://mobile.x.com https://pay.twitter.com https://pay.x.com https://cards-frame.twitter.com https://accounts.google.com/ https://client-api.arkoselabs.com/ https://iframe.arkoselabs.com/ https://vaultjs.apideck.com/ https://recaptcha.net/recaptcha/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; img-src 'self' blob: data: https://*.cdn.twitter.com https://*.cdn.x.com https://ton.twitter.com https://ton.x.com https://*.twimg.com https://analytics.twitter.com https://analytics.x.com https://cm.g.doubleclick.net https://www.google-analytics.com https://maps.googleapis.com https://www.periscope.tv https://www.pscp.tv https://ads-twitter.com https://ads-api.twitter.com https://ads-api.x.com https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://scontent-sea1-1.xx.fbcdn.net https://*.googleusercontent.com https://t.co/1/i/adsct; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://x.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://recaptcha.net/recaptcha/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://client-api.arkoselabs.com/ https://www.google-analytics.com https://twitter.com https://x.com https://accounts.google.com/gsi/client https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.gstatic.com/cast/sdk/libs/caf_receiver/v3/cast_receiver_framework.js https://static.ads-twitter.com 'nonce-Y2JjYjcwYWItZjRlZS00OTk1LWIzNTMtODhiOTMyNWZiMzE3'; style-src 'self' 'unsafe-inline' https://accounts.google.com/gsi/style https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 30 Jun 2024 23:39:16 GMT
expiry
Tue, 31 Mar 1981 05:00:00 GMT
last-modified
Sun, 30 Jun 2024 23:39:16 GMT
location
https://x.com/FORTUNA_CASINO
perf
7402827104
pragma
no-cache
server
tsa_o
strict-transport-security
max-age=631138519
vary
Accept
x-connection-hash
06956f1c586d459c5e2bb16826b828057339707a664233a7f2af468b54b575af
x-content-type-options
nosniff
x-frame-options
DENY
x-powered-by
Express
x-response-time
108
x-transaction-id
b3b3f75dd91769bf
x-xss-protection
0
main.css
www2.tw866.net/css/ Frame B3F6 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www2.tw866.net/css/main.css
Requested by
Host: www2.tw866.net
URL: https://www2.tw866.net/tpl/login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e4370ea0b7305cf597a1d7af59b457ac18dad9da24d36c2107ae4943c97ee71

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www2.tw866.net/tpl/login.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 23:39:17 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 08 Oct 2021 11:55:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"180b9f-1811-5cdd60e5992c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F2cpy0NrMQvEDjg0K8%2Bk7ODw4a0BTthqi4oScJXypZEr0eBa801tmj1AqDJOJ%2BEPfGu053njggR0%2Ba1RxJ7SsH1WNscXytOillaBQhwu7fg3Y47H3swHPiRSRnn31KherA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89c1fea69aab9944-FRA
alt-svc
h3=":443"; ma=86400
content-length
1917
all.js
www2.tw866.net/tpl/js/ Frame B3F6 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.tw866.net/tpl/js/all.js
Requested by
Host: www2.tw866.net
URL: https://www2.tw866.net/tpl/login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www2.tw866.net/tpl/login.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 23:39:17 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XOl4XUW2wZs41V5WU8uvFebtsh%2BNMONvSE2lpyFB6xAwX0VSEPhKjfX2TLWj5cunqGkFHYqOJTzbNyOxCygb%2FqfoYYP2W1frftxn4NjaJSxnyDrG6e%2F9YVtFTCJ27F68oA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
89c1fea69aad9944-FRA
alt-svc
h3=":443"; ma=86400
login.ts1709631765.js
www2.tw866.net/js/ Frame B3F6 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.tw866.net/js/login.ts1709631765.js
Requested by
Host: www2.tw866.net
URL: https://www2.tw866.net/tpl/login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a65087fa5169ac007bcf4a81570eea10b9cdce6ba98987c15ff22fc849fdd02e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www2.tw866.net/tpl/login.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 23:39:17 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 05 Mar 2024 09:42:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1824e4-1307-612e6aa0caf40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h5jbV%2Fx%2BPdQ4XM6158J%2FExXud3tW3Rz5GlaJFxFp4L6UwSqNdv76ENUwJEjwNCwGIzxLHLevM4UU5XrT4yDUiTvt22ton8x79NueG5%2BNNroUrsFrbKUah5nPxlHJWhziog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89c1fea69ab09944-FRA
alt-svc
h3=":443"; ma=86400
content-length
2003
bg_recballs.php
www2.tw866.net/js/ Frame B3F6 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.tw866.net/js/bg_recballs.php
Requested by
Host: www2.tw866.net
URL: https://www2.tw866.net/tpl/login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daecef5867e1b1cd4cfedac55bffd6316cc5f07d42302dbeea016a79ef3e57fb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www2.tw866.net/tpl/login.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 23:39:17 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qx1OhXIz7P0Dqy0khQEUtj3ZqbNux6GvtsjVAuMLe8cq%2BKk0y4ulc%2Fi1bSwllqhg2BM53ZtIps4NlcZPAipRKMZojv%2F9325SW8xoGeBe6B5%2BFKA4Jum1NT6MtcxuQI%2FyZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
89c1fea69ab19944-FRA
alt-svc
h3=":443"; ma=86400
ToNewWeb.ts1641869756.js
www2.tw866.net/new_web/ Frame B3F6 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.tw866.net/new_web/ToNewWeb.ts1641869756.js
Requested by
Host: www2.tw866.net
URL: https://www2.tw866.net/tpl/login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b7c4362ad73f2a27040edabde48f026eade2f7e67f6ba2dc9cc80d1bf284abd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www2.tw866.net/tpl/login.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 23:39:17 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 11 Jan 2022 02:55:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1838e7-1208-5d5459792e700"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LxUeTVhjqQwwzBkBsRO%2FCEXst8c977fvsKq23nP9Y5X7DRAcbD2KT00tvg8CQV3KmJUMLiBZJBAmyIxbVfvaLvmOpECPDMUC7sD81j8t6YYt5SEWNK3qSw5uYNZECGpS4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89c1fea69ab29944-FRA
alt-svc
h3=":443"; ma=86400
content-length
1437
addition_login.css
www2.tw866.net/style/ Frame B3F6 		456 B
658 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www2.tw866.net/style/addition_login.css
Requested by
Host: www2.tw866.net
URL: https://www2.tw866.net/js/login.ts1709631765.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b880bf072954ce9012b92f4635d53a283078a3835572a1b2f8ea71fe55483a91

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www2.tw866.net/tpl/login.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 23:39:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 05 Mar 2024 09:42:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1839f2-1c8-612e6aa49b840"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W2XepoeoIWVreArsCrTslnH37kFlrg9aZVNJw0a7UM%2FFjm2YW0d5siMn7PQDdeRNU56Vk5VRaWk1hzunXpDBExLoWX4YAqN6Y04Fg6zshI2MoEbjewEkcDroELp2UHm%2BwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
89c1feaa1c3c9944-FRA
alt-svc
h3=":443"; ma=86400
login_add_pic.png
www2.tw866.net/images/ Frame B3F6 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www2.tw866.net/images/login_add_pic.png
Requested by
Host: www2.tw866.net
URL: https://www2.tw866.net/tpl/login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f787dc22f4fc15c3820c977c2d92607f44367dc9e1c916edcb285af0a75fe22f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www2.tw866.net/tpl/login.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 23:39:18 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 04 Mar 2024 03:17:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"180c0b-8417-612cd2bd15a40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YdxiGV%2FyPCIrTl2zXjKOKnc9%2B9rYTKfevNI0Yt4HT2Gd2qSnHc6e0a%2FD%2BrcEDGVQgmwQyRhxOqSLh6I4z%2FCgW39b0iO4lF3THzevaku2SoxMaiBB3FiM8s%2BuYQqQiBBlcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89c1feaa1c3e9944-FRA
alt-svc
h3=":443"; ma=86400
content-length
33998
leftImg.png
www2.tw866.net/images/ Frame B3F6 		145 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www2.tw866.net/images/leftImg.png
Requested by
Host: www2.tw866.net
URL: https://www2.tw866.net/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fa2d51d8f82979842d9ffdfa8b056a0bf0f943ec0226c61ef3b69e8bd09e4fc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www2.tw866.net/css/main.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 23:39:18 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 08 Oct 2021 11:55:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"180bdb-24325-5cdd60e5992c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qow03QzlWD1nUZGnLe4oQsfV%2FVm395pO6hsTNEpQZCdap4ZB2e2OGKGk3b3k%2BqpkE%2BJAPIeP4esoFchZ11YIjfZgn%2FMgl6Nhw3kd4oSAlB1uyCFxv2S%2F9OWXD1eLt1H9wA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
89c1feaa1c429944-FRA
alt-svc
h3=":443"; ma=86400
leftImg2.png
www2.tw866.net/images/ Frame B3F6 		108 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www2.tw866.net/images/leftImg2.png
Requested by
Host: www2.tw866.net
URL: https://www2.tw866.net/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcec1339b94b1b2f8f8ee5ca7e94776ac9a5088d57be9752b874816b75b9497f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www2.tw866.net/css/main.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 23:39:19 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 08 Oct 2021 11:55:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1837df-1ae8b-5cdd60e5992c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u7pWccG5M7UbNDYbmJhsniIPDkwWtzKuMJNhSk7yp4jZGXvEUr%2FImqC7Q339voeG9fB6N1sSxfeL2iaOpazjyJ%2BnVkC37CTNmAz1%2F1SvDgq2nOOEx4p9Csco48ywUVT%2FJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89c1feaa1c439944-FRA
alt-svc
h3=":443"; ma=86400
content-length
110690
logo.png
www2.tw866.net/images/ Frame B3F6 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www2.tw866.net/images/logo.png
Requested by
Host: www2.tw866.net
URL: https://www2.tw866.net/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5554de7827ccd0820adab03c8785daa45f026265603352e2985bd1acf50513bf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www2.tw866.net/css/main.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 23:39:18 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 08 Oct 2021 11:55:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"18392a-6cbf-5cdd60e5992c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D9CKbqLius6G5zug%2Bmj7UTzz97Hf4kk6Sui0WCeLMOP5l%2Bs10kSUWYaxqbNM6oII4Mez%2Fj3MkDi%2BzYH683u%2Bw63qMsnSU2Yp22k40OqiGXQ%2Bj8iX7ryh5G54NicXCMREbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89c1feaa1c449944-FRA
alt-svc
h3=":443"; ma=86400
content-length
27967
background.jpg
www2.tw866.net/images/ Frame B3F6 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www2.tw866.net/images/background.jpg
Requested by
Host: www2.tw866.net
URL: https://www2.tw866.net/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
568611115d8f2a2743d07aecb52022087f366f8bef04c0e2e5d9ebe56b09beeb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www2.tw866.net/css/main.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 23:39:18 GMT
cf-cache-status
MISS
last-modified
Fri, 08 Oct 2021 11:55:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"183178-fe08-5cdd60e5992c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wliVtMDJA1fdxJw0etlxT5mUVAqE9uB673FVqCzQg8CxTN8A7gJjurXtKkHuXBNlo%2BMJqHpy2KQj5ZMsyijYH7QikDvJ9tspuIbQnc5b1%2FDb1vqIsf0C5l086yFq0PBPUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89c1feaa2c459944-FRA
alt-svc
h3=":443"; ma=86400
content-length
65032
favicon.ico
www2.tw866.net/ 		209 B
591 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www2.tw866.net/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www2.tw866.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 23:39:20 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XCnfH6gB9WLNgYMuL5pjA0InLxmMB4%2B%2FaEHbU0mRyyoUdkdgDF%2FUHVCRsoacIxiisYK4K6iVqyEoaqQ1PHNB9vT4QXKDERQj0wzwik%2Fn2ocqhT2hHuX7FZE1EljkMYHLCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
89c1febbccee9944-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 undefined| event object| fence object| sharedStorage boolean| global_webstyle boolean| global_nologo boolean| global_shwBingo function| $ function| jQuery string| rowsSet string| colsSet number| bgDivX number| bgDivY string| bg_close_position number| bg_close_align object| root number| intStamp string| char_set undefined| newcmd string| tmpStr object| aryMember object| aryCasino object| browser string| ajax_r object| arySet object| arySeq object| aryStar object| aryCName number| BallCnt number| intLANG string| strSGW string| SoundFile undefined| CasinoData object| aryNo1 object| aryNo2 object| aryNo3 object| aryFavor object| arySysPlaySet object| aryParame object| aryBetSp1 object| aryBetSp1_2 object| aryBetSp2 object| aryBetSp2_2 object| aryBetSp_N object| aryBetSp_R object| aryBetSp_S number| j function| getReplyT function| logout function| getReplyS function| getReplyA function| goToMyState function| chkNatural function| ListObj function| JQAjaxSynsSend function| JQAjaxCbackSend function| proAryToJSON function| getBrowserSet function| brsveras function| brsvergc function| brsverop function| brsverff function| brsverie function| clrCookies function| getOSInfo function| osverwin function| getBrowseInfo function| getUserAgent function| getUserScreen function| setKUKI string| strBO string| strBI string| strUS string| strUB string| strUA function| loaded

14 Cookies

Domain/Path Name / Value
www2.tw866.net/ Name: useros
Value: %7B%22os%22:%22Windows%22%7D
www2.tw866.net/ Name: userinfo
Value: %7B%22appName%22:%22Netscape%22,%22platform%22:%22Win32%22%7D
www2.tw866.net/ Name: userscreen
Value: %7B%22screen%22:%221600*1200%22%7D
www2.tw866.net/ Name: userbrowser
Value: %7B%22kit%22:%22gc%22,%22ver%22:%22126.0.0.0%22%7D
www2.tw866.net/ Name: useragent
Value: %7B%22userAgent%22:%22Mozilla/5.0%20(Windows%20NT%2010.0,%20Win64,%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/126.0.0.0%20Safari/537.36%22%7D
.twitter.com/ Name: guest_id
Value: v1%3A171979075650571032
.x.com/ Name: guest_id
Value: v1%3A171979075666225351
.tiktok.com/ Name: _ttp
Value: 2icXIMPoiQ7OMKUJfjC7uwqUwaN
inplayz.com/ Name: User
Value: %7B%22Account%22%3A%22%22%2C%22Password%22%3Anull%2C%22AddTime%22%3Anull%2C%22Rank%22%3A0%2C%22Token%22%3A%22%22%2C%22Name%22%3A%22%22%2C%22Site%22%3A%22%22%2C%22AuthKey%22%3A%22%22%2C%22Email%22%3A%22%22%2C%22HeadShotPath%22%3A%22%22%2C%22SiteID%22%3A%22%22%2C%22Status%22%3A0%2C%22RenameCount%22%3A0%2C%22MemberShips%22%3Anull%7D
inplayz.com/ Name: CookiesAllowed
Value: false
inplayz.com/ Name: TimeZone
Value: 0
inplayz.com/ Name: OddType
Value: EU
inplayz.com/ Name: Sort
Value: League
.line.me/ Name: _ldbrbid
Value: tr__k1y/XGaB7KZ0xQq1CvsqAg==

3 Console Messages

Source Level URL
Text
network error URL: https://www2.tw866.net/tpl/js/all.js
Message:
Failed to load resource: the server responded with a status of 404 ()
recommendation verbose URL: https://www2.tw866.net/tpl/login.php
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
network error URL: https://www2.tw866.net/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

inplayz.com
twitter.com
www.fortuna888.net
www2.tw866.net
x.com
104.244.42.65
172.67.70.205
188.114.97.3
2606:4700:20::681a:127
49.213.1.153
014cc2dbac4314ebc1898f793314508c355edb387b5a932cab4a3e04f921a172
0556683c1ecc901f2e1c40093dee2002b935353cecefaf9a48d0f97eca0f383f
138661c94b9154a24c2cb66a04175bbcc3f6b24dddad59b25e98195f1cead1b2
4b7c4362ad73f2a27040edabde48f026eade2f7e67f6ba2dc9cc80d1bf284abd
4fa2d51d8f82979842d9ffdfa8b056a0bf0f943ec0226c61ef3b69e8bd09e4fc
5554de7827ccd0820adab03c8785daa45f026265603352e2985bd1acf50513bf
568611115d8f2a2743d07aecb52022087f366f8bef04c0e2e5d9ebe56b09beeb
56a36f0f9fb5f8b2fefc5647ea8d5fcaa3cc1724a908289e95aa33e080148c5d
78cc6295c72135d8d9a647347163f73c361cf87709d04e599dc053e016bbd65b
7e4370ea0b7305cf597a1d7af59b457ac18dad9da24d36c2107ae4943c97ee71
7fa0d5c3f538c76f878e012ac390597faecaabfe6fb9d459b919258e76c5df8e
9759915462c53f2bb071900f67e586d62a9b617ecbf0f7bef4f9d26f874145cf
a65087fa5169ac007bcf4a81570eea10b9cdce6ba98987c15ff22fc849fdd02e
b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642
b880bf072954ce9012b92f4635d53a283078a3835572a1b2f8ea71fe55483a91
daecef5867e1b1cd4cfedac55bffd6316cc5f07d42302dbeea016a79ef3e57fb
dcec1339b94b1b2f8f8ee5ca7e94776ac9a5088d57be9752b874816b75b9497f
e5f8d5a7ba1f1755a3652c5ba7dc5b1bdb599ecd67c03057cce4f9f5020322a8
f787dc22f4fc15c3820c977c2d92607f44367dc9e1c916edcb285af0a75fe22f