www.hk88casino.com Open in urlscan Pro
104.221.132.71 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ur2g7.gunthies.com/
Effective URL:
https://www.hk88casino.com/
Submission: On April 28 via api (April 28th 2024, 10:56:14 pm UTC) from US — Scanned from DE

Summary HTTP 104 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 15 domains to perform 104 HTTP transactions. The main IP is 104.221.132.71, located in United States and belongs to ESITED, US. The main domain is www.hk88casino.com.
TLS certificate: Issued by R3 on April 27th 2024. Valid for: 3 months.

This is the only time www.hk88casino.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
45	2606:4700:303... 2606:4700:3037::6815:5fcb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	163.181.92.232 163.181.92.232	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1	18.172.112.42 18.172.112.42	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	203.107.86.226 203.107.86.226	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
6	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	104.221.132.71 104.221.132.71	22552 (ESITED) (ESITED)
1 4	52.212.88.72 52.212.88.72	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:235... 2600:9000:235a:9a00:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	63.140.62.27 63.140.62.27	16509 (AMAZON-02) (AMAZON-02)
1 1	52.16.30.197 52.16.30.197	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:1c00:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.193.39.239 18.193.39.239	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	63.140.62.17 63.140.62.17	16509 (AMAZON-02) (AMAZON-02)
13	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	163.181.92.231 163.181.92.231	() ()
104	20

45 2606:4700:3037::6815:5fcb (United States)

ASN13335 (CLOUDFLARENET, US)

ur2g7.gunthies.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.181.92.232 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

sdk.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.112.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-42.fra60.r.cloudfront.net

tags.benarnews.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.107.86.226 (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

collect-v6.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.221.132.71 (United States)

ASN22552 (ESITED, US)

www.hk88casino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.212.88.72 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-88-72.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bbg.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:235a:9a00:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-27.data.adobedc.net

bbg.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.30.197 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-30-197.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:1c00:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.39.239 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-39-239.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-17.data.adobedc.net

ssc.benarnews.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.hk88game.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.181.92.231 (None, )

ASN- ()

sdk.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	gunthies.com ur2g7.gunthies.com	456 KB
13	hk88game.com www.hk88game.com	637 KB
6	gstatic.com fonts.gstatic.com	143 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31 region1.google-analytics.com — Cisco Umbrella Rank: 2404	22 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 233 bbg.demdex.net — Cisco Umbrella Rank: 128234	2 KB
3	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1272	29 KB
3	51.la sdk.51.la — Cisco Umbrella Rank: 78995 collect-v6.51.la — Cisco Umbrella Rank: 63196	27 KB
2	sharethis.com buttons-config.sharethis.com — Cisco Umbrella Rank: 5071 l.sharethis.com — Cisco Umbrella Rank: 4715	1 KB
2	benarnews.org tags.benarnews.org ssc.benarnews.org	30 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	92 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 84	348 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1310	517 B
1	omtrdc.net bbg.sc.omtrdc.net — Cisco Umbrella Rank: 161874	269 B
1	hk88casino.com www.hk88casino.com	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	1 KB
104	15

	Domain	Requested by
45	ur2g7.gunthies.com	ur2g7.gunthies.com
13	www.hk88game.com	www.hk88casino.com www.hk88game.com
6	fonts.gstatic.com	fonts.googleapis.com
3	www.google-analytics.com	tags.benarnews.org www.google-analytics.com
3	tags.tiqcdn.com	tags.benarnews.org
3	dpm.demdex.net	1 redirects
2	sdk.51.la	ur2g7.gunthies.com www.hk88casino.com
1	ssc.benarnews.org
1	region1.google-analytics.com	www.googletagmanager.com
1	l.sharethis.com	ur2g7.gunthies.com
1	buttons-config.sharethis.com	ur2g7.gunthies.com
1	www.googletagmanager.com	www.google-analytics.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cm.everesttech.net	1 redirects
1	bbg.sc.omtrdc.net	tags.benarnews.org
1	bbg.demdex.net	tags.benarnews.org
1	www.hk88casino.com	ur2g7.gunthies.com
1	collect-v6.51.la	sdk.51.la
1	fonts.googleapis.com	ur2g7.gunthies.com
1	tags.benarnews.org	ur2g7.gunthies.com
104	20

This site contains links to these domains. Also see Links.

Domain
vm.rampenbf.com

Subject Issuer	Validity	Valid
gunthies.com GTS CA 1P5	`2024-04-21` - `2024-07-20`	3 months	crt.sh
*.51.la GlobalSign GCC R3 DV TLS CA 2020	`2023-04-20` - `2024-05-21`	a year	crt.sh
tags.voatibetan.com Amazon RSA 2048 M03	`2023-12-07` - `2025-01-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
www.hk88casino.com R3	`2024-04-27` - `2024-07-26`	3 months	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M02	`2024-03-19` - `2025-04-17`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
*.sc.omtrdc.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-07` - `2025-03-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
sharethis.com Amazon RSA 2048 M03	`2024-04-19` - `2025-05-17`	a year	crt.sh
ssc.benarnews.org DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-09` - `2025-03-11`	a year	crt.sh
hk88game.com GTS CA 1P5	`2024-03-19` - `2024-06-17`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.hk88casino.com/
Frame ID: C7E997EDE83C0B5F4A21D52E062E0C79
Requests: 103 HTTP requests in this frame

Frame: https://bbg.demdex.net/dest5.html?d_nsid=0
Frame ID: E473C14FA1B8B980B8CE4861DCFD6827
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Website bán hàng trực tiếp chính thức của HK88-giảm giá cực lớn khi gửi tiền lần đầu-quà tặng hào phóng không ngừng

Page URL History Show full URLs

https://ur2g7.gunthies.com/ Page URL
https://ur2g7.gunthies.com/?btwaf=34045980 Page URL
https://www.hk88casino.com/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

104
Requests

81 %
HTTPS

50 %
IPv6

15
Domains

20
Subdomains

20
IPs

5
Countries

1443 kB
Transfer

3001 kB
Size

16
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://vm.rampenbf.com/1eyhxrc8bcfgg1v7pbyk0cgk2y

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ur2g7.gunthies.com/ Page URL
https://ur2g7.gunthies.com/?btwaf=34045980 Page URL
https://www.hk88casino.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1714344970918 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1714344970918

Request Chain 64

https://cm.everesttech.net/cm/dd?d_uuid=06563311276760962050454694656039395915 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zi7UCwAAAMVs8gNe

104 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 403 /
ur2g7.gunthies.com/ 143 B
658 B 369ms
332ms Document
text/html 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ur2g7.gunthies.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 87baa43868cfa5f9-FRA
content-encoding: br
content-type: text/html;charset=utf8
date: Sun, 28 Apr 2024 22:55:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T76PIYMfMRQw1g65KMaO%2BChFIK%2FDB4s0rXMgMpGeHc%2BotH3fXc29u27vcLTPdqrw%2FN2G2sl0yvs9XGILmYZAJIe3PmgjEDZc4NOHBaNLHGZzO5ZY3neNrLibT%2Ba7Wvq%2BkjpOXBYaXmp6wFLuldD2OxI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 / Show response
ur2g7.gunthies.com/ 36 KB
9 KB 16429ms
16429ms Document
text/html 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ur2g7.gunthies.com/?btwaf=34045980
Requested by: Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa2fb3b23e9ecf9cbccbcf3eae8ace5ac9b339fc66c0347eb9a5f10111480ad3

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://ur2g7.gunthies.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 87baa43a99f5a5f9-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 28 Apr 2024 22:56:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mf5c8Zl4JYW5k25c18fMKEp665k7kCo1BE9jtA1bOG4OD%2FtKTnPhqzbG0JByg4sTxc6WsBJ7AobIbjv5fWb8v8e%2F9xkgb4NEhjc%2BZSAVMKJlpwoXaihz%2BcEY5NLPkmMrn%2FqnK%2Fd2PdU1n2cFW4zNBxg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 default.js Show response
ur2g7.gunthies.com/template/Brasil/a3/js/ 610 KB
180 KB 805ms
804ms Script
application/javascript 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ur2g7.gunthies.com/template/Brasil/a3/js/default.js
Requested by: Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df083a053146d36f99daea6b5d3348ef38e9955487c5f223f09daf613b38d771

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 09 Jan 2024 04:31:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"659ccc3c-98882"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X2NpCnWaJWdiW0YuhxtVRkZRLo2V97Wbikqr0HzlhKl%2BwrgF5Q2J1MSJu5HQYl9kvqQkh9k0rznMuScYF39mnwwhFAEq2wXamWFrMJKOCsEAj4GXPfRTQDGNbFwJxjX%2FKjAfIda5ogIdAWHgbi85%2F8k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 87baa4a158e2a5f9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 default.css
ur2g7.gunthies.com/template/Brasil/a3/css/ 206 KB
38 KB 623ms
622ms Stylesheet
text/css 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ur2g7.gunthies.com/template/Brasil/a3/css/default.css
Requested by: Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d5325062a4bcbc105515fc1f50831ad509422aaa9aebd0fc63154e3f1177999

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:41:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"652778fc-33879"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T5%2BXWQttAveotUXeKF%2BQaXwRlULH%2BM7mEp1qq0BH6Gwa%2F6bRhCzMSouwmeqiu53WXuGyv%2FYkyYpW3xZDO9tCbF0P3K2GCt%2FxzGKG0B0m45Q3fVmSmtXaFAmHt668DJTSNYPYVPRVe6sG%2BMrNqHPXMKg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 87baa4a158e4a5f9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 custom.css
ur2g7.gunthies.com/template/Brasil/a3/css/ 405 B
674 B 316ms
315ms Stylesheet
text/css 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ur2g7.gunthies.com/template/Brasil/a3/css/custom.css?timestamp=2022-06-24%2018:14:15.614318
Requested by: Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b6b897ffcf23cc5ad4fd6f6a2b3e0075cc0fe8c3ddf1d228e6d4166698003dc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:40:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"652778d0-195"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rB%2B4k7dFjlYhqfCuQR%2FjkCrrNVWtxGWkVY0gsD2hcdK4K93csexkqPCMY1aLc8BnaEDUjI38RZ5qtxuAJthM3nw3Vn7dR30bxkwyNFVPVlqM2VIBey6u%2BNo7d3F3lIklWdjr4yMEc5I0baO1IksoKrM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 87baa4a158e5a5f9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 tealium.js Show response
ur2g7.gunthies.com/template/Brasil/a3/js/ 1 KB
941 B 322ms
321ms Script
application/javascript 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ur2g7.gunthies.com/template/Brasil/a3/js/tealium.js
Requested by: Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cb8e7e84820ea31dd4864d4498faad211103b7042b9b6cb35281a8527cebc8a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:45:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"652779cc-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QnmGEld1usEiFnCW20aCEQ9kN5BkG8CvApByGKhI1Cn7cbP%2BhRrHXQwzHzYXxmQjqTtU7rNEw88T3O94CbG2UXSIUNCePIUGPnPzP5x%2BROQ%2FdLfzie%2FUjny%2FFo%2Bn3dlfGpoCpn4bVXyihhUAzrjr3PQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 87baa4a158e7a5f9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 modernizr-2.6.2.min.js Show response
ur2g7.gunthies.com/template/Brasil/a3/js/ 15 KB
7 KB 326ms
324ms Script
application/javascript 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ur2g7.gunthies.com/template/Brasil/a3/js/modernizr-2.6.2.min.js
Requested by: Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed8fb982cca8eef53eb358236213c23fbf11c5ea803d9e1ba23cc8f671b9c1ab

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:45:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"652779d4-3c2e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GNKem1FZ4Wru9L7Q2AfqTzAIeCJOXDUfFPDEOo%2BZVsevks%2B3P0B%2F7NvTGF2BXCz8cOpCKWt58kvSEOmCdaDqEvPMpmCn9GpbN44oIlLgbbMpw2byRp8q%2FX76eYzKVAPhZ0C6NlwdtuKue4kdsSb4Z1I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 87baa4a158e8a5f9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 utag.js Show response
ur2g7.gunthies.com/template/Brasil/a3/js/ 252 B
631 B 338ms
337ms Script
application/javascript 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ur2g7.gunthies.com/template/Brasil/a3/js/utag.js
Requested by: Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4301ded2563a0304c0daa4858238efc1c4174095c6bf2a244168e7381c2a3b0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:45:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"652779e8-fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VWSDXN%2BouCDcru6%2BgjNXb%2F2bBG2NJArCkYeaTedEPbAhn6xQeWL%2FL%2Bm66MTIaEtMJmV4mGMMBumBZ08zVyRUK%2B2fsIEazFvdVduANh%2BsBVlLgCcXCrzf5TXmCTDRonL2gL51ap%2BS5ywBBzZ18yeIYUI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 87baa4a158e9a5f9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.fancybox.min.js Show response
ur2g7.gunthies.com/template/Brasil/a3/js/ 67 KB
22 KB 472ms
471ms Script
application/javascript 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ur2g7.gunthies.com/template/Brasil/a3/js/jquery.fancybox.min.js
Requested by: Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:45:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"652779f4-10a9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lKna9BbHTPih3g6w6TrBr51P72NX2g1vCknBzMPieuSidCBiu6s2NSNyt9yfruTO%2B6GvvwZckYOYFxYBRog1tXOAcXEr5zJ9mRxfzx%2BxhEH49R3FSukQt3o6AdbVdoq1MeNaGGURmFvF4kWjKYF3YGg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 87baa4a158eba5f9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 sharethis.js
ur2g7.gunthies.com/template/Brasil/a3/js/ 203 KB
46 KB 673ms
673ms Script
application/javascript 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ur2g7.gunthies.com/template/Brasil/a3/js/sharethis.js
Requested by: Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:11 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:45:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65277a04-32d37"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OVW709Sq%2FrooLLkJTd1f5sRB6p1yDd4wvVYUqm9ICZupd1Da5mcpj1x6LbuFxZ4gyoEE5%2Fyh03KW6x%2Bk8SP9PHNNwX072VLgTuPAvP%2BR0EGWmcoBCfpxLPibjd2tp5luBhPgL%2BXOd6vJTWoXIcVsWC4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 87baa4e37994a5f9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 trackingdata.js Show response
ur2g7.gunthies.com/template/Brasil/a3/js/ 2 KB
1 KB 340ms
338ms Script
application/javascript 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ur2g7.gunthies.com/template/Brasil/a3/js/trackingdata.js
Requested by: Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 992265ef5439b4925f0b0deeafb9061066e91515da7958f59bc399fc8e2f9b7a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:46:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65277a10-733"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wMhckwpYPZvuKiRvOuW%2F7wQYk7rtdX4uloja6GyGENJWw3zi4o%2FgZzihODhJYB4G3dizGb1qWEBvqobLST6OJWx7qNJQ6GcMgQ6rbDsy42TAd5gzTAr04Rq2BBtc65ZVQS4SscuoKKgCMIGTwq64aWM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 87baa4a158eca5f9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 rfa_responsive.css
ur2g7.gunthies.com/template/Brasil/a3/css/ 42 KB
7 KB 317ms
316ms Stylesheet
text/css 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ur2g7.gunthies.com/template/Brasil/a3/css/rfa_responsive.css
Requested by: Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8af1b42afb95212800e87123d521a7154072e6d4e2ccaced3974d325b04d46e8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:38:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65277842-a613"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vx3OUGUlFz9JiObmIvi9fotTsBlnkkYIcBtiR%2BGt%2FsN3inbjYW1sbZi30zjAQ5YjHeKkdKCcLrZUmcecGleysAPXGJK0MoNtIe9%2F3LI%2BN8Pv8VT9pLDoOdGzEB%2BFdTEVtZn5sNR4jXtyu2g3i37B8Hw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 87baa4a158eda5f9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 jquery.sidr.dark.css
ur2g7.gunthies.com/template/Brasil/a3/css/ 0
0 10600ms
10599ms Stylesheet
text/html 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ur2g7.gunthies.com/template/Brasil/a3/css/jquery.sidr.dark.css
Requested by: Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XqqXUrSNbAI0xlDehiWQtUjyI47HbE6%2BRhbtngEj51voq8dVJl%2FXiwzCB9%2FlS8sJVxCCK5dvKAyIdmAfBFYvlFz6ehGL7qjSsHI3EkuVlSAOtqtM41cddA%2BvaJR0DSkKfEbP4kIVn901CWcV4MXLohw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-ray: 87baa4a158efa5f9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.sidr.min.js Show response
ur2g7.gunthies.com/template/Brasil/a3/js/ 4 KB
2 KB 353ms
352ms Script
application/javascript 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ur2g7.gunthies.com/template/Brasil/a3/js/jquery.sidr.min.js
Requested by: Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fbb7d0e3338e89ebead71b921eb04443793b56bbdd434e2e5cf58ecf5991b96

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:46:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65277a1c-e59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sN36KcBcO%2FNrincPLs8X6MtfGpMpkTX8hgiV%2Fv7It83kbsq41FM84xRDyXuC8rNNg8SEJx2AcbKjESPkjtU7LyA9mu%2BnSiRistOBotHoJLlE138QgkT0sxB%2FxK4Diggb3lq3UQd7%2BMovve7Y1Se0QJE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 87baa4a158f0a5f9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 benar.css
ur2g7.gunthies.com/template/Brasil/a3/css/ 7 KB
2 KB 351ms
350ms Stylesheet
text/css 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ur2g7.gunthies.com/template/Brasil/a3/css/benar.css
Requested by: Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0123e3039dbf234d506b0774986ef08e75fcac3fe7c965e5bd8640a14f02290

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:38:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65277856-1ae8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RvPQw7UnYPdFobUZRIVlGuOIAGo9GQosayvakQ2CJaDMOiQYP%2FpM%2FqMXxitHwq5x46fHQyLA2Ed%2BcdQX%2B4oQ2Q1b6AvzEvRMOy%2BamcD5RChLImtWUPlYWaot0GDyuqBaFvC3xoXoRXXYfpyMJzsNwgg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 87baa4a158f2a5f9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 service.css
ur2g7.gunthies.com/template/Brasil/a3/css/ 71 B
532 B 320ms
319ms Stylesheet
text/css 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ur2g7.gunthies.com/template/Brasil/a3/css/service.css
Requested by: Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df8729ca85a298b83df80d745512a143f2460abe7848da74126b25e09d40f2d1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:38:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65277862-47"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GkXi3RXUlJdZPN9dEkAMra7UB%2B0eiG%2FUfyDuX88Np5cXUXl8cgRSFYpM8cFBXCNt2g6MGEffwJ%2FPI9CrLseqOb%2FPHj2MNoF%2F4LgNt9G4YHy24CWLtOAiQ%2BwMWOchFZVucsXrN3Bvg2r4SuNVJwf1AYs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 87baa4a158f3a5f9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 kplayer.js Show response
ur2g7.gunthies.com/template/Brasil/a3/js/ 5 KB
2 KB 329ms
328ms Script
application/javascript 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ur2g7.gunthies.com/template/Brasil/a3/js/kplayer.js
Requested by: Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfd11f3d2f5af43d38cc7d2d61e0629909f1f1638cf5fef4a84fd4413465e644

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:46:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65277a28-14ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VlGskMLKS%2BB5CZcDaCXMGyfit7VIMX2pdsOfxkJGoDy1omUPD%2BdXP0Mwe%2F%2FP9xzCFkb3%2BmN%2FHI46coKW7%2FdfseFJSIawl4Mve7cGiNlBpQXcMD25%2BPryQKVR4EfsteJUKCZwZ8wBhoYZuIcaM5hgXDg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 87baa4a158f6a5f9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 orsxg5a.script Show response
ur2g7.gunthies.com/js/ 69 B
470 B 10406ms
10405ms Script
application/javascript 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ur2g7.gunthies.com/js/orsxg5a.script
Requested by: Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6a5e1645a903494ee67716aa35ff8e2e00ba2adc530cdfca0b34dd5ce517e2d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nPeuARpjaarXRRxiJrJbNtFVuS9E7rUZcoYob8yZ4fIV1YBQF55sWOeESf1xXlNO5YGMoXUnOj%2BqWqficBoCGiamqjbMIQABzSabFrW7djQmkiEcckpgdTSk6BXGe1lTArAEaYH9ganJ8w9EpPrWweM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 87baa4a158f7a5f9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 slick.css
ur2g7.gunthies.com/template/Brasil/a3/css/ 5 KB
2 KB 322ms
322ms Stylesheet
text/css 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ur2g7.gunthies.com/template/Brasil/a3/css/slick.css
Requested by: Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89a4a5eb4f7fedc4d946dd6fa5c1ee9be4bc396b592490385a605ecbb22ef141

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:39:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6527787c-1352"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N8hn60M8qbRH%2FsokfDOwpU8nIzLQ01e80YWzEA0DMh%2BOFGckk%2BwB2zS5fdTBCLI3Qt5%2BtuYVchM%2B5dOfkTFgR%2Bf65skf3Q%2FwL4dM25Jg%2FYKBV86ULABRSoWl2OXhloM3anxCl1QcTYFlXJ5hbGYjqbY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 87baa4a158f9a5f9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 logo.png
ur2g7.gunthies.com/uploads/images/ 10 KB
10 KB 10579ms
10578ms Image
image/jpg 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ur2g7.gunthies.com/uploads/images/logo.png?n=&w=180
Requested by: Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Server
Resource Hash: 0ce5a9c1701c608219cee0ceb496e1311242be718d84819ab243ad85138ea581

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Sun, 28 Apr 2024 22:56:10 GMT
cf-cache-status: MISS
last-modified: Sun, 28 Apr 2024 22:56:10 +0000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Server
etag: "faeac4e1eef307c2ab7b0a3821e6c667"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZdeVmJ5cyq%2BYoGwITNjKkxpStQdEUbw1VqwZYBmIcbEV50tj%2B8HIWnoeEy0LMMISWxfPY8fxn7RGeYkcbyqatQSYubax1KoL%2BW5aH5ajsCQOtv5Nq%2B0cx1aBgCzicsWHBT%2BmCz5skRDqQJi9Q5xelBY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpg
cache-control: max-age=14400
cf-ray: 87baa4a158faa5f9-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Apr 2024 23:56:10 +0000

GET
H3 200 header_enlink_black.png
ur2g7.gunthies.com/template/Brasil/a3/image/ 8 KB
8 KB 323ms
323ms Image
image/png 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ur2g7.gunthies.com/template/Brasil/a3/image/header_enlink_black.png
Requested by: Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08a346e9e53d6b54b5075053c3728817e6eff5a781c95c3ea7d64512a9d50400

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:00 GMT
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:54:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65277bfa-1f82"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jC17zk210nEsKZIRtwqosW2%2FQn65Ghqiy9hEjnzYQJEO%2Fwo7pyTVvI55SXRl%2BzTTq65zyRGvC%2BBE%2BfvSX7YTrjCvPPwlEyFUyrpY5npZIp6OukS1nwtUlZRJarGkLB0lnri84oLfWXveawi6McBGkaY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 87baa4a158fba5f9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 header_idlink_black.png
ur2g7.gunthies.com/template/Brasil/a3/image/ 11 KB
12 KB 321ms
321ms Image
image/png 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ur2g7.gunthies.com/template/Brasil/a3/image/header_idlink_black.png
Requested by: Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c0c65e68f43ee3a26128e8c516a9de1bdcaa463ae97d6e3ec6f9ca7646b9aee

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:00 GMT
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:54:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65277c00-2cbd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pn3mBxIpPUdd1fta3b4JF2nK8BaDYPCszQ5e55h%2F2uh0tlOFyiNwYxob3lEHXxG%2Fvsncrhc8bD7heKvw6JppFOTOmENnQLpINyor3UWtYa3fxSAUZ15Vhyt33aA0mj4ykJsDC60anfF4Om%2FM7LuCkm0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 87baa4a35a4ba5f9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 header_mslink_black.png
ur2g7.gunthies.com/template/Brasil/a3/image/ 12 KB
12 KB 348ms
348ms Image
image/png 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ur2g7.gunthies.com/template/Brasil/a3/image/header_mslink_black.png
Requested by: Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab0b63987969ba7b2b8415f4c72ad9d8911ef888682a82971e1b6c3749f82e06

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:01 GMT
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:54:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65277c06-2f8e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wGQLxNKvlq%2Fb0a47UKg1Cs8zKokVj7axdVz4EShzhGQioQBPjJmI6qbP%2B20vPONZzKveiK0jlpBwvKRJjwb1G%2FJF64i%2FY6nE8YqXHcekd4TdeCA%2FHe4oS%2Btt6Ydq1XUa0y7DGOWKkypqdd3HI1LyfLs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 87baa4a55bafa5f9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 header_thlink_black.png
ur2g7.gunthies.com/template/Brasil/a3/image/ 7 KB
7 KB 321ms
321ms Image
image/png 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ur2g7.gunthies.com/template/Brasil/a3/image/header_thlink_black.png
Requested by: Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c52364aa5bb36383e699d5bab6646c1a6e2ff7f000bd99ff4f13184b6714a7e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:01 GMT
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:54:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65277c08-1afb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c8GcU6sjDtfeTf5O4Z7KcKgSOieYVkSlqx5CWUQ5NeaBOC2xrTTegSUpN8CvBJPt6vZzRPVXzrld0cRmLSlkM0eLI2svrgY91jWFVWMYZenJNmlFfAWTotS%2BS5SGWA5DikWmBk2dkKCGiPM8pP3Zh8U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 87baa4a78d41a5f9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 header_bnlink_black.png
ur2g7.gunthies.com/template/Brasil/a3/image/ 7 KB
8 KB 319ms
318ms Image
image/png 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ur2g7.gunthies.com/template/Brasil/a3/image/header_bnlink_black.png
Requested by: Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:11 GMT
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:54:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65277c0c-1cb4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CIA%2Bg1aj76%2FKtqXEi07zKS%2FI5VF%2BpfawmFsiEzdp9YYwhkHuqKTXfbwnz5mV3eT6piBL30pS3l8PURZjE15JIjxUmRHXSQdVbdy4hBny%2BShLWjpzpfdo7MHiPXfVvNEDfD98lZ6CcmlYoEC0S43kloc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 87baa4e399a5a5f9-FRA
alt-svc: h3=":443"; ma=86400

GET FRkJVRuij6OhMlOOZD
ur2g7.gunthies.com/uploads/images/ 0
0

GET
H3 502 D2ulnKZtH3I0qT8k
ur2g7.gunthies.com/uploads/images/ 644 B
644 B 318ms
317ms Image
text/html 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ur2g7.gunthies.com/uploads/images/D2ulnKZtH3I0qT8k

Requested by

Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:11 GMT
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YSugN4nuknOTrX2R2qrjfVqA2fSAQ1xFJAb8eXq%2F%2Figtb57QlfM1GVkXB%2F3lPYC5gZFGZ6%2BtOUEdB4i3XiJRfP4BIuQNkLFcQwz6Wl%2Btb71ZMyEkcKWXKYwbwdWqyiDgQNoplK1YuiROPTO3hbROdeo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 87baa4e3d9d2a5f9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6373
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET IfB1VRuij6OhMlOAnGR
ur2g7.gunthies.com/uploads/images/ 0
0

GET Gzwuh69hMlQRxpnj4ohqozpk
ur2g7.gunthies.com/uploads/images/ 0
0

GET
H3 502 D2uyoUAyLFQRxJShZD
ur2g7.gunthies.com/uploads/images/ 646 B
646 B 338ms
335ms Image
text/html 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ur2g7.gunthies.com/uploads/images/D2uyoUAyLFQRxJShZD

Requested by

Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:11 GMT
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PJXhDFWJXmx%2FEl4bV8OOXt8MKNmvDEdy5fDKSbelQ1TUqKmNMpccXA%2B7nSfWzotOpgP44BYsoBfSnVQFVvHB0Io3hCShpZKzDyoSKdgk1xZl%2F9QV3ghwdomuu14uPg3coEjaUBCKY0X8LzZSkRxnLxM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 87baa4e3d9d5a5f9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6373
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 502 FRkJVSHlZlOIrzVk
ur2g7.gunthies.com/uploads/images/ 5 KB
5 KB 317ms
314ms Image
text/html 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ur2g7.gunthies.com/uploads/images/FRkJVSHlZlOIrzVk

Requested by

Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:11 GMT
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wsBruk5gRUWVvYFeX%2BcyCnt8bgQIpAa6qCcjUieWgOIfM4zyYbjbyFstfumnnnm4%2Bx6CkRAe3afVrKeeEPVIVEBbdoLJjiGwSoekmjc5uZMM%2FHYb46r2Oaa1xnhrqu9m9dAJI6%2Bi5K9A0OEexwr0Jcs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 87baa4e3d9d6a5f9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6373
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 502 IUW1rrT7tJ4tqTwQgT4k
ur2g7.gunthies.com/uploads/images/ 6 KB
6 KB 322ms
320ms Image
text/html 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ur2g7.gunthies.com/uploads/images/IUW1rrT7tJ4tqTwQgT4k

Requested by

Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:11 GMT
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l7eN8%2FzAFEtqAu6nS9boi4NpASelw%2Brc3WXEWRzRoB%2F5ZuaTVGPb5o9I%2BMZVVaAdWZ4uNAEnFfEyCMWFnuGRJgMqA445bzPnPN5EzrVU9ubKSdOqQ%2BaYPz1KY9ZMzaakqUyUsXIZYDH7zDSTjBEtNBU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 87baa4e3d9d8a5f9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6373
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 502 ITucLzS1qPOQo3Hk
ur2g7.gunthies.com/uploads/images/ 2 KB
2 KB 320ms
318ms Image
text/html 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ur2g7.gunthies.com/uploads/images/ITucLzS1qPOQo3Hk

Requested by

Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:11 GMT
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b0ogerq7ZRO9hP4jK3djbKFnQoL3PbsW1w14PKjmGaDHzBNnsGRV9wmOqoHrGzyI7y%2F%2FKIWwIxpK4jMAi04Hn07wWHpBsCxPii4E6w60U7SDbrYtldRl90ry4lFGLBgrmeKRvJ6Ws%2F5OFOYfcs5vOM0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 87baa4e3d9d9a5f9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6373
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 502 Gzwuh69hMlO0nBT7xJ5aZD
ur2g7.gunthies.com/uploads/images/ 6 KB
6 KB 318ms
316ms Image
text/html 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ur2g7.gunthies.com/uploads/images/Gzwuh69hMlO0nBT7xJ5aZD

Requested by

Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:11 GMT
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y2r%2FqfPXUeznZ%2BCEcB%2FCyBFhJTYtHMicV77w3Wc05UEi3o4utPeSGNde8w4V%2BeZwFnNWn84NQC5CnSvuW5n5Lxki11hX0sTaXfHk%2F52jp4VMjGI1vKOVXrxDoG8v8Dv9etjGntYZvgegPI0Q%2BxlaTkE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 87baa4e3d9dba5f9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6373
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 502 j5EhMlOGnTyhVSEuZD
ur2g7.gunthies.com/uploads/images/ 652 B
652 B 343ms
340ms Image
text/html 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ur2g7.gunthies.com/uploads/images/j5EhMlOGnTyhVSEuZD

Requested by

Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:11 GMT
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mh40ObHpOJUL3R25z7o21fRgyvUdXUaWpoNp1bcTLYYF%2BQoJU5Vp6AMtkFbElijkOcb4pvte3vgKcj8auvPMMBcLwEovP5tXatZ8czMdLToJElTteYbBzz7VrCvWSrzns1Veylz6EYDmEtu4MJoPWQM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 87baa4e3d9dda5f9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6373
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET FUI54ohOovO0nT-uhdScZD
ur2g7.gunthies.com/uploads/images/ 0
0

GET
H3 502 IGVmVSMc4ohUqPOBLGR
ur2g7.gunthies.com/uploads/images/ 645 B
645 B 334ms
332ms Image
text/html 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ur2g7.gunthies.com/uploads/images/IGVmVSMc4ohUqPOBLGR

Requested by

Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:11 GMT
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yLn32NdmEOC8xphIUdpIdOCz607QMoX8%2F6l9vr%2FcAgKnLmHMIKL9AxklfMRkShBPJ8H1O2FtJy2ZJRc2wO8nfZB5teBn4JU64sNVk88Z3HyIHC%2Bja7VflNSFBOfq1fogZb3u%2B9o9OcqeFuD%2FRh9pfdE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 87baa4e3d9dfa5f9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6373
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 502 ITIhVRuuMmbtIfB0ZD
ur2g7.gunthies.com/uploads/images/ 6 KB
6 KB 322ms
320ms Image
text/html 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ur2g7.gunthies.com/uploads/images/ITIhVRuuMmbtIfB0ZD

Requested by

Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:11 GMT
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WWDc%2F81y1aZtudgkT7W7IXphfXOV6GCKG%2FEXmmGMnb%2BWF3DVL2%2BOiTWBVJ45ZxetI7I%2FgkNWPPGRRYWxH5ZvLP9JLM1I75MC9cdIV0o0ioHcxtV%2BqJZSd9t3%2BZ7PbwS1hKztbrO%2BOR8ISFnyTx1sNws%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 87baa4e3d9e0a5f9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6373
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 502 FRkJVR1cn2IfVRRk
ur2g7.gunthies.com/uploads/images/ 6 KB
6 KB 322ms
320ms Image
text/html 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ur2g7.gunthies.com/uploads/images/FRkJVR1cn2IfVRRk

Requested by

Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:11 GMT
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GqFbW7iAyWTMVsP1qYyOD8BC7cSn6182ukJFj1dlBx0v4GgkjxWxNA7ljc7Nc0vNRrRS%2BB4r%2BN3O2jA1iiTuK5BA4fxlMTworic2l%2BRWmVERzuteunOwuTYHrtdQkxpTIDa2SsHFA%2FxDjpc5UtPejnY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 87baa4e3d9e1a5f9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6373
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 502 HKKuhdZtpTIhLJk0rGR
ur2g7.gunthies.com/uploads/images/ 6 KB
6 KB 318ms
316ms Image
text/html 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ur2g7.gunthies.com/uploads/images/HKKuhdZtpTIhLJk0rGR

Requested by

Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:11 GMT
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o5IzlUDU169DP8wTafRjIz5KK0oGbyqCotJfCUXrq4qdNxcPGkQaELTW6d6PScnGm10C8hlAF6YcXUGRtQxYmYPYmWKEygI5bH2xvGAFg7ajN6c%2FyGLb19UPGIuCP06BRCfSMlJ2Bzr6rVn3IMK563w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 87baa4e3d9e2a5f9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6373
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 502 DhT6bJ4tM8BunFO0nrT7tGR
ur2g7.gunthies.com/uploads/images/ 6 KB
6 KB 337ms
335ms Image
text/html 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ur2g7.gunthies.com/uploads/images/DhT6bJ4tM8BunFO0nrT7tGR

Requested by

Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:11 GMT
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nY04to1yA47u%2FO3CLf1IjfW44UyPWHeM5ew55c75XC9CKiXKmLKqHN8xXY8fZlms0Mq%2F%2B1FtPGLpsjHPmMt8BkkKBP5nexN6MeGJGzXhrzsabygzPVf1FsP4zM4wdybnE%2BUTU7VnHQQ%2BGAG05rZ0yrw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 87baa4e3d9e3a5f9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6373
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 502 GJywnTSyoPOCq2Hk
ur2g7.gunthies.com/uploads/images/ 647 B
647 B 320ms
319ms Image
text/html 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ur2g7.gunthies.com/uploads/images/GJywnTSyoPOCq2Hk

Requested by

Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:11 GMT
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0ARy%2B5qJ%2BdW%2FOF8pLgcQKibeaW9ulRaAPdpDcI7DCt4KOJf7h8x1DBRpdIpGFKd%2BJr60NG32HNUxsj3mqWUm9UcAb2b3QRSsEAjdD4cPQakze4rl5pKAR1hBpfazsElBoB6l%2FhGeZo66IJ23xkh1Xfw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 87baa4e3d9e4a5f9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6373
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 502 FRkJVRIlnJftqTHk
ur2g7.gunthies.com/uploads/images/ 647 B
647 B 338ms
336ms Image
text/html 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ur2g7.gunthies.com/uploads/images/FRkJVRIlnJftqTHk

Requested by

Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:11 GMT
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HIymEooYtwcv7XolKoC2gWA3qU98%2F05HZB1sw54yKQ6eENSQ%2BcQ0TSEFOgaXRIU8bSsR%2FTKsokjcozbuITXdBPA0isYzu4yrsUVEizw%2FJTGGL70As0MDvRsBQHHCXWs6A08UlxIGNCiR93jgPzTjoiM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 87baa4e3d9e5a5f9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6373
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 5e23e62a-42cf-4f77-89b2-5dfdb7cabf73.png
ur2g7.gunthies.com/template/Brasil/a3/image/ 15 KB
15 KB 490ms
489ms Image
image/png 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ur2g7.gunthies.com/template/Brasil/a3/image/5e23e62a-42cf-4f77-89b2-5dfdb7cabf73.png
Requested by: Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:11 GMT
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 05:41:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6527871e-3bf3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R%2F1iE4pD7Vm%2F82p5wS9%2BwYqa1kRzkSGJzkXypACFXpR1xLf%2BFWKIiv%2BOCTMwC1dKBGoUNgYcfvJ49kekxClvYWkHEbBg7wI2FGysH0JlLmQBaNLGZxJ24y%2B5XwfVZteESxorU9AULitzFYFb1ycCZBw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 87baa4e3d9e6a5f9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 email-decode.min.js Show response
ur2g7.gunthies.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 9ms
9ms Script
application/javascript 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ur2g7.gunthies.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Apr 2024 20:54:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6622d9ef-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PYq6gdnmbp9vMMq6AWdVKGZ02RzKoVwhxpNmilZ8m8DQSoqKk3GpmAYu3AaZT%2BPdvqDOXH%2BL6aGVuX%2FmSjVbH7kAccVj2IdV7cSa%2FT1UoCr0RrEsuJKhksc8dFBgKFz03afgBp6lKWphT31jjNSx3oY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 87baa4a99e8aa5f9-FRA
expires: Tue, 30 Apr 2024 22:56:01 GMT

GET
H2 200 js-sdk-pro.min.js Show response
sdk.51.la/ 34 KB
13 KB 36ms
13ms Script
application/javascript 163.181.92.232
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.51.la/js-sdk-pro.min.js
Requested by: Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.232 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 05:53:19 GMT
via: cache15.l2de2[899,899,304-0,H], cache1.l2de2[902,0], ens-cache5.de5[0,0,200-0,H], ens-cache15.de5[3,0]
content-encoding: gzip
x-oss-request-id: 661F63CF68CDBA3836F78025
content-md5: JLtSDpUX8u0+2Ye0aur3Iw==
age: 1011762
x-swift-cachetime: 1296000
x-cache: HIT TCP_MEM_HIT dirn:10:639477166
x-oss-cdn-auth: success
x-swift-savetime: Wed, 17 Apr 2024 05:53:19 GMT
content-length: 12846
x-oss-object-type: Normal
last-modified: Thu, 08 Jun 2023 02:24:34 GMT
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1713333199
content-type: application/javascript
access-control-allow-origin: *
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 5143829838470429443
eagleid: a3b55ca317143449615706547e
x-oss-server-time: 3

GET
H3 200 juxtapose.min.js Show response
ur2g7.gunthies.com/template/Brasil/a3/js/ 17 KB
5 KB 338ms
338ms Script
application/javascript 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ur2g7.gunthies.com/template/Brasil/a3/js/juxtapose.min.js
Requested by: Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daf4c69e49acbeea24c42417dd9c4d6fa1d837d79470f02f3ec4f908ea676dec

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:47:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65277a52-42e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gGaX06Y5JWDqS3eBVTe7HUPYLDSH2bO9lZB7VkrhR%2F97ZREIF%2FMZKE4NiKL2Ge9BCqU2JHTDAOTGexWAzR6dRRsY35s7ZSAP2Tsvct%2BmZtY5hL2U3wGvysd6n6vetYqxhrnyN6XBA9b%2BWJX%2BKi9%2BIME%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 87baa4a9eec0a5f9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 rwd-display.js Show response
ur2g7.gunthies.com/template/Brasil/a3/js/ 1 KB
902 B 313ms
313ms Script
application/javascript 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ur2g7.gunthies.com/template/Brasil/a3/js/rwd-display.js
Requested by: Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c54dffee88bf675c0aa8628675dbd4380d737d959604d9f43faca7a965503718

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:47:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65277a58-412"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m0328b3J1BS%2B196nYgU8VuHyBE1hS1J43vEjnEReve%2FlRhxxHBoAQNB2BZAuJNWyq2IDZ3TRGs2ulNirhR6f7CXRN1X1oO3uq5VABIdnXE19PTWo3%2BNqmgzZO2CwDXPKi3axnrTSxrMMLyAuAJVEpz0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 87baa4ac0832a5f9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 rfa_print.css
ur2g7.gunthies.com/template/Brasil/a3/css/ 1006 B
943 B 350ms
349ms Stylesheet
text/css 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ur2g7.gunthies.com/template/Brasil/a3/css/rfa_print.css
Requested by: Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/?btwaf=34045980
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/?btwaf=34045980
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:11 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:37:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65277808-3ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4CwrCEbO0Vu3lvWJyEWUyPWu4KwiYkXSbfd8NOBLfWaIC3RyfLCS7I3o0iPKrGqS4NaGdYw9Yu7EjLcdiXHhKIVaCy21YRfhjItCaFYTjrmn0wqze6Y65l66mztJBkDdJ%2FrcgX5R5Yn%2FA2jU0ZRAF6I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 87baa4e3d9e7a5f9-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 utag.js
tags.benarnews.org/rfa-plone/prod/ 93 KB
30 KB 49ms
8ms Script
application/javascript 18.172.112.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.benarnews.org/rfa-plone/prod/utag.js
Requested by: Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/template/Brasil/a3/js/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-42.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: JOQazSUnbMVbWPLYQoU9RJcSZs5AkUqu
content-encoding: br
via: 1.1 9bd2938ceb90e1a35f549d1165e84676.cloudfront.net (CloudFront), 1.1 37dd0feed3e180cbd05080c74e7a5a42.cloudfront.net (CloudFront)
date: Sun, 28 Apr 2024 22:54:38 GMT
last-modified: Fri, 08 Mar 2024 16:08:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9, FRA60-P8
age: 121
x-amz-server-side-encryption: AES256
etag: W/"27334865ec501af8b61bd5a048336611"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: wQHbp0EwpMkBZ1LColKRfyms1Z1SYKdVgCJgv_Olwo3RpNEcXjYkMQ==

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
1 KB 41ms
15ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Libre+Franklin:ital,wght@0,400;0,800;1,400;1,800&family=Raleway:ital,wght@0,300;0,400;1,300;1,400&display=swap

Requested by

Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/template/Brasil/a3/css/benar.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a1121a68aa344b2860cf8c684dbb61ff0f8e5e8006bca6afcde4af7ae66e8e74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 28 Apr 2024 22:56:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 28 Apr 2024 22:56:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 28 Apr 2024 22:56:10 GMT

POST
H/1.1 200 collect
collect-v6.51.la/v6/ 0
518 B 729ms
290ms XHR
text/plain 203.107.86.226
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://collect-v6.51.la/v6/collect?dt=4
Requested by: Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://ur2g7.gunthies.com
Date: Sun, 28 Apr 2024 22:56:11 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H3 502 search-icon-white.svg
ur2g7.gunthies.com/++theme++benar/ 5 KB
5 KB 321ms
320ms Image
text/html 2606:4700:3037::6815:5fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ur2g7.gunthies.com/++theme++benar/search-icon-white.svg

Requested by

Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/template/Brasil/a3/css/benar.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:5fcb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/template/Brasil/a3/css/benar.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:11 GMT
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VSKCDG%2BnTpQ0J0mOh3yGH2DKAVFyEPCks7lGUAqfsw7AgDkaseWURgLaPyppw6yFpaB4vAxZNxmfHRNPowo9ndi0uQ5hJLA%2B7SPSSt9YKNx5X4cBvuDvdSdPIJ%2BFgrgUT0HzknPWFCPGM1nwdSeRMK0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 87baa4e3e9eba5f9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6373
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v14/ 28 KB
28 KB 42ms
15ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v14/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Franklin:ital,wght@0,400;0,800;1,400;1,800&family=Raleway:ital,wght@0,300;0,400;1,300;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://ur2g7.gunthies.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 06:19:09 GMT
x-content-type-options: nosniff
age: 491821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28224
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:23:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Apr 2025 06:19:09 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 47 KB
47 KB 45ms
18ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Franklin:ital,wght@0,400;0,800;1,400;1,800&family=Raleway:ital,wght@0,300;0,400;1,300;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://ur2g7.gunthies.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 05:16:44 GMT
x-content-type-options: nosniff
age: 149966
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48208
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Apr 2025 05:16:44 GMT

GET
H2 200 jizDREVItHgc8qDIbSTKq4XkRiUR2zcLig.woff2
fonts.gstatic.com/s/librefranklin/v14/ 20 KB
20 KB 49ms
22ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v14/jizDREVItHgc8qDIbSTKq4XkRiUR2zcLig.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Franklin:ital,wght@0,400;0,800;1,400;1,800&family=Raleway:ital,wght@0,300;0,400;1,300;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://ur2g7.gunthies.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 12:39:32 GMT
x-content-type-options: nosniff
age: 209798
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19988
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:52:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Apr 2025 12:39:32 GMT

GET
H2 200 jizDREVItHgc8qDIbSTKq4XkRiUQ2zcLig.woff2
fonts.gstatic.com/s/librefranklin/v14/ 7 KB
7 KB 46ms
20ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v14/jizDREVItHgc8qDIbSTKq4XkRiUQ2zcLig.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Franklin:ital,wght@0,400;0,800;1,400;1,800&family=Raleway:ital,wght@0,300;0,400;1,300;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://ur2g7.gunthies.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 20:55:32 GMT
x-content-type-options: nosniff
age: 180038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7272
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:23:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Apr 2025 20:55:32 GMT

GET
H2 200 1Ptug8zYS_SKggPNyCMIT5lu.woff2
fonts.gstatic.com/s/raleway/v29/ 30 KB
30 KB 35ms
9ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyCMIT5lu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Franklin:ital,wght@0,400;0,800;1,400;1,800&family=Raleway:ital,wght@0,300;0,400;1,300;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://ur2g7.gunthies.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 00:08:27 GMT
x-content-type-options: nosniff
age: 168463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30744
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:01:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Apr 2025 00:08:27 GMT

GET
H2 200 1Ptug8zYS_SKggPNyCIIT5lu.woff2
fonts.gstatic.com/s/raleway/v29/ 11 KB
11 KB 33ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyCIIT5lu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Franklin:ital,wght@0,400;0,800;1,400;1,800&family=Raleway:ital,wght@0,300;0,400;1,300;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://ur2g7.gunthies.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 16:40:44 GMT
x-content-type-options: nosniff
age: 540926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11176
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Apr 2025 16:40:44 GMT

GET
H2 200 Primary Request / Show response
www.hk88casino.com/ 8 KB
3 KB 2558ms
2027ms Document
text/html 104.221.132.71
ESITED

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hk88casino.com/

Requested by

Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.221.132.71 , United States, ASN22552 (ESITED, US),

Reverse DNS

Software

nginx /

Resource Hash

81ad11ac439bdcbb8c683f6f0c00ff626fea2175d239284197489bbdab82d904

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://ur2g7.gunthies.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: quic=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 28 Apr 2024 22:56:13 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2

200

rd
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1714344970918
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1714344970918

362 B
911 B

37ms
37ms

XHR
application/json

52.212.88.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1714344970918

Protocol

Server

52.212.88.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-88-72.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://ur2g7.gunthies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v060-025f1b86c.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Sun, 28 Apr 2024 22:56:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: acfG3gfaTFA=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://ur2g7.gunthies.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 306
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v060-055b1481a.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Sun, 28 Apr 2024 22:56:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: XVMxyi9qT6w=
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1714344970918
access-control-allow-origin: https://ur2g7.gunthies.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 utag.12.js
tags.tiqcdn.com/utag/bbg/rfa-plone/prod/ 75 KB
21 KB 429ms
395ms Script
application/javascript 2600:9000:235a:9a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rfa-plone/prod/utag.12.js?utv=ut4.46.202403081607
Requested by: Host: tags.benarnews.org
URL: https://tags.benarnews.org/rfa-plone/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:9a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Eyi6WrrI91phYnVkKNyeAQnpwsctMbvl
content-encoding: br
via: 1.1 abf16b943a9b4039b87ccdb094d9303e.cloudfront.net (CloudFront)
date: Sun, 28 Apr 2024 22:56:12 GMT
last-modified: Fri, 08 Mar 2024 16:08:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"6f1d5a6fa255760546b71d3129dd689c"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: vOqWiYWgf8BoqUD2wEn2hQ0IwGmOMXQaiXFXbmVZFGqsyl4UH4aw5w==

GET
H2 200 utag.10.js
tags.tiqcdn.com/utag/bbg/rfa-plone/prod/ 27 KB
7 KB 424ms
390ms Script
application/javascript 2600:9000:235a:9a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rfa-plone/prod/utag.10.js?utv=ut4.46.202312102359
Requested by: Host: tags.benarnews.org
URL: https://tags.benarnews.org/rfa-plone/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:9a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: vHCmvLhOVhbrlNDJK69BPPSlEYyq_Kbv
content-encoding: br
via: 1.1 abf16b943a9b4039b87ccdb094d9303e.cloudfront.net (CloudFront)
date: Sun, 28 Apr 2024 22:56:12 GMT
last-modified: Fri, 08 Mar 2024 16:08:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"de08c0452df43411d357980eeb2e2851"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: hGJ5q5nD8xlfTtT9yjS3Quo6lw1LrUUyfZnoXevEy09Xb3ohfFZPgw==

GET
H2 200 dest5.html
bbg.demdex.net/ Frame E473 0
0 87ms
29ms Document
text/html 52.212.88.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bbg.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.benarnews.org
URL: https://tags.benarnews.org/rfa-plone/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.212.88.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-88-72.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://ur2g7.gunthies.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sun, 28 Apr 2024 22:56:11 GMT
dcs: dcs-prod-irl1-1-v060-0ed0d314d.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Tue, 9 Apr 2024 11:56:23 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: kaSnGvQ4RII=

GET
H2 200 id
bbg.sc.omtrdc.net/ 2 B
269 B 65ms
23ms XHR
application/x-javascript 63.140.62.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bbg.sc.omtrdc.net/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=518ABC7455E462B97F000101%40AdobeOrg&mid=06543373292284928220450372718817467536&ts=1714344971069

Requested by

Host: tags.benarnews.org
URL: https://tags.benarnews.org/rfa-plone/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-27.data.adobedc.net

Software

jag /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://ur2g7.gunthies.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 28 Apr 2024 22:56:11 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://ur2g7.gunthies.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 2
x-xss-protection: 1; mode=block

GET
H2

200

ibs:dpid=411&dpuuid=Zi7UCwAAAMVs8gNe
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=06563311276760962050454694656039395915
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zi7UCwAAAMVs8gNe

42 B
717 B

35ms
35ms

Image
image/gif

52.212.88.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zi7UCwAAAMVs8gNe

Protocol

Server

52.212.88.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-88-72.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://ur2g7.gunthies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v060-07acbf80b.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Sun, 28 Apr 2024 22:56:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: IOyP6IHVQ18=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zi7UCwAAAMVs8gNe
Date: Sun, 28 Apr 2024 22:56:11 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 analytics.js
www.google-analytics.com/ 52 KB
21 KB 42ms
7ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tags.benarnews.org
URL: https://tags.benarnews.org/rfa-plone/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 28 Apr 2024 21:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4083
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 28 Apr 2024 23:48:08 GMT

GET
H2 200 utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 2 B
432 B 6ms
6ms Script
application/javascript 2600:9000:235a:9a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=bbg/rfa-plone/202403081607&cb=1714344971370
Requested by: Host: tags.benarnews.org
URL: https://tags.benarnews.org/rfa-plone/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:9a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Sun, 28 Apr 2024 22:49:44 GMT
via: 1.1 abf16b943a9b4039b87ccdb094d9303e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
age: 388
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: Brih8o8UjFkF1P4MjqbwRaaOGM0g3LBJuEdBrVuP_5ERo61MIdP_7w==

GET
H2 200 linkid.js
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:01:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3275
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 28 Apr 2024 23:01:36 GMT

POST
H2 200 collect
www.google-analytics.com/j/ 15 B
223 B 14ms
13ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1276606282&t=pageview&_s=1&dl=https%3A%2F%2Fur2g7.gunthies.com%2F%3Fbtwaf%3D34045980&ul=de-de&de=UTF-8&dt=nescafe%203in1(Vi%E1%BB%87t%20Nam)%20Trang%20web%20ch%C3%ADnh%20th%E1%BB%A9c%20T%E1%BA%A3i%20v%C3%A0%20c%C3%A0i%20%C4%91%E1%BA%B7t%20%E1%BB%A9ng%20d%E1%BB%A5ng%20iOS%2FAndroid%2FMobile&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAiAAjBAAAACAAI~&jid=690616768&gjid=1836246425&cid=886081610.1714344971&tid=UA-136743351-1&_gid=1572276604.1714344971&_slc=1&cd1=https%3A%2F%2Fur2g7.gunthies.com%2F&cd2=ur2g7.gunthies.com&cd3=BenarNews&cd4=BenarNews%3AENG%3AD%3Asection%3ABenarNews&cd5=section&cd6=section&cd7=Home&cd8=062f5af91d2a4b8b801d01bd046c3774&cd9=nglish&cd10=BenarNews&cd11=English&cd12=Benar%20English&cd13=Desktop&cd14=500&cd15=RFA-BN%20English%20Responsive&cd16=prod&cd17=Yes&cd18=english&z=159013506

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://ur2g7.gunthies.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Apr 2024 22:56:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ur2g7.gunthies.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
stats.g.doubleclick.net/j/ 1 B
348 B 63ms
20ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-136743351-1&cid=886081610.1714344971&jid=690616768&gjid=1836246425&_gid=1572276604.1714344971&_u=KGBAiAAjBAAAAGAAI~&z=1915748204

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://ur2g7.gunthies.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 28 Apr 2024 22:56:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ur2g7.gunthies.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js
www.googletagmanager.com/gtag/ 267 KB
92 KB 52ms
26ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-03YYQYPPKQ&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94278
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 28 Apr 2024 22:56:11 GMT

GET
H2 200 64a839b20f9156001a291819.js
buttons-config.sharethis.com/js/ 601 B
1 KB 433ms
407ms Script
text/javascript 2600:9000:206f:1c00:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/64a839b20f9156001a291819.js

Requested by

Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/template/Brasil/a3/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:1c00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:12 GMT
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 16 Aug 2023 15:47:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
etag: "370bea9f6125866f5613be2d1df7fc31"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 601
x-amz-cf-id: IS08udHx_P_wM9hN9AjBPU98j1WM_WieHmfn_v3Otal_y0XfZ5ULyg==

GET
H/1.1 204
No Content pview
l.sharethis.com/ 0
405 B 44ms
8ms XHR
text/plain 18.193.39.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=ur2g7.gunthies.com&location=%2F&product=sop&url=https%3A%2F%2Fur2g7.gunthies.com%2F%3Fbtwaf%3D34045980&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=nescafe%203in1(Vi%E1%BB%87t%20Nam)%20Trang%20web%20ch%C3%ADnh%20th%E1%BB%A9c%20T%E1%BA%A3i%20v%C3%A0%20c%C3%A0i%20%C4%91%E1%BA%B7t%20%E1%BB%A9ng%20d%E1%BB%A5ng%20iOS%2FAndroid%2FMobile&refDomain=ur2g7.gunthies.com&cms=unknown&publisher=64a839b20f9156001a291819&sop=true&version=st_sop.js&lang=en&ua=%22Google%20Chrome%22%3Bv%3D%22124%22%2C%20%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%20%22Chromium%22%3Bv%3D%22124%22&ua_mobile=false&ua_platform=Win32&ua_full_version_list=%22Chromium%22%3Bv%3D%22124.0.6367.78%22%2C%20%22Google%20Chrome%22%3Bv%3D%22124.0.6367.78%22%2C%20%22Not-A.Brand%22%3Bv%3D%2299.0.0.0%22&ua_platform_version=10.0.0&uuid=a74acd2f-3f8c-4d7a-abb9-9cce01ddb340

Requested by

Host: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/template/Brasil/a3/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.193.39.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-193-39-239.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 28 Apr 2024 22:56:11 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://ur2g7.gunthies.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 39ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-03YYQYPPKQ&gtm=45je44o0v9125773219za200&_p=1714344971426&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&ul=de-de&sr=1600x1200&cid=886081610.1714344971&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fur2g7.gunthies.com%2F%3Fbtwaf%3D34045980&dt=nescafe%203in1(Vi%E1%BB%87t%20Nam)%20Trang%20web%20ch%C3%ADnh%20th%E1%BB%A9c%20T%E1%BA%A3i%20v%C3%A0%20c%C3%A0i%20%C4%91%E1%BA%B7t%20%E1%BB%A9ng%20d%E1%BB%A5ng%20iOS%2FAndroid%2FMobile&sid=1714344971&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_1=https%3A%2F%2Fur2g7.gunthies.com%2F&ep.ua_dimension_2=ur2g7.gunthies.com&ep.ua_dimension_3=BenarNews&ep.ua_dimension_4=BenarNews%3AENG%3AD%3Asection%3ABenarNews&ep.ua_dimension_5=section&ep.ua_dimension_6=section&ep.ua_dimension_7=Home&ep.ua_dimension_8=062f5af91d2a4b8b801d01bd046c3774&ep.ua_dimension_9=nglish&ep.ua_dimension_10=BenarNews&ep.ua_dimension_11=English&ep.ua_dimension_12=Benar%20English&ep.ua_dimension_13=Desktop&ep.ua_dimension_14=500&ep.ua_dimension_15=RFA-BN%20English%20Responsive&ep.ua_dimension_16=prod&ep.ua_dimension_17=Yes&ep.ua_dimension_18=english&tfd=27758
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-03YYQYPPKQ&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 28 Apr 2024 22:56:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ur2g7.gunthies.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s54241663987633
ssc.benarnews.org/b/ss/bbgprod,bbgentityrfa/1/JS-2.23.0/ 43 B
372 B 92ms
20ms Image
image/gif 63.140.62.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssc.benarnews.org/b/ss/bbgprod,bbgentityrfa/1/JS-2.23.0/s54241663987633?AQB=1&ndh=1&pf=1&t=29%2F3%2F2024%200%3A56%3A11%201%20-120&sdid=175167AE02C228F5-754986431BF24058&mid=06543373292284928220450372718817467536&aamlh=6&ce=UTF-8&ns=bbg&cdp=2&pageName=benarnews%3Aeng%3Ad%3Asection%3Abenarnews&g=https%3A%2F%2Fur2g7.gunthies.com%2F%3Fbtwaf%3D34045980&r=https%3A%2F%2Fur2g7.gunthies.com%2F&h.&architecture=x86&bitness=64&platformVersion=10.0.0&.h&cc=USD&ch=%2F&server=ur2g7.gunthies.com&events=event1%2Cevent10&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v1=https%3A%2F%2Fur2g7.gunthies.com%2F&v4=section&v5=home&v6=benarnews&v10=01%2F27%2F2021&v11=15&v13=english&v14=062f5af91d2a4b8b801d01bd046c3774&v15=english&v16=benar%20english&v17=desktop&v20=yes&v21=nglish&v23=06543373292284928220450372718817467536&v24=018f26ec4a9d000205acef3256b10506f002a06700b08&v25=benarnews&v27=RFA-BN%20English%20Responsive&v29=ur2g7.gunthies.com%2F&v30=500&v31=https%3A%2F%2Fur2g7.gunthies.com%2F%3Fbtwaf%3D34045980&v32=benarnews%3Aeng%3Ad%3Asection%3Abenarnews&v38=section&v39=home&v50=homepage%20view&v70=2.23.0&v71=bbgdev&v72=prod&v75=main_template.pt&v82=view&v100=2024-04-29%3A00.56%3A%2B02.00&v101=europe%2Fberlin&v102=en-us%3Aen%3Ade-de&v104=iq&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=518ABC7455E462B97F000101%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ur2g7.gunthies.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 28 Apr 2024 22:56:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Mon, 29 Apr 2024 22:56:11 GMT
server: jag
etag: 3681527793311416320-4618594061585360320
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 27 Apr 2024 22:56:11 GMT

GET
H3 200 lib.css
www.hk88game.com/css/ 18 KB
5 KB 358ms
335ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hk88game.com/css/lib.css
Requested by: Host: www.hk88casino.com
URL: https://www.hk88casino.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf97424aa92758d77578a893e1d74ab666cd10e1e070a9707d121e1da5d8dd05

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.hk88casino.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 30 Jul 2022 13:36:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62e533d6-4607"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lsMOZ1fpw2ZKWD29SR5eBbr%2B%2Fo6e2oCutUA%2BWGKZcPaBfACAtiidZFYyGVSCygM0u22Dhj4acoaGWwciyCpKlQYG340OAh0lsPap%2Fq8Bp9JcH6qsAZ2vBwPIT20vfz8JDRZwcexJVdR8MuW3rni%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 87baa4f43c533659-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 29 Apr 2024 10:56:13 GMT

GET
H3 200 index.css
www.hk88game.com/css/ 3 KB
2 KB 354ms
330ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hk88game.com/css/index.css
Requested by: Host: www.hk88casino.com
URL: https://www.hk88casino.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc53efd8066fff8c40ad7ab3496715906f962680d6b1e17c1e941e8fe39824a7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.hk88casino.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 13 Jan 2024 11:46:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65a27812-dd9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ugqr5cBI7RNwrpo1po7wqQx%2FM0wZJA35pDF8QqCSqwaY1JG5H47GLalqOiamb5XsWmkSw1XNYqvy5atQUbEUWGVh%2BxTcElTJnhLDGQpFieblDJ%2Bh2HkCk7Ys4AvSjwMwAcuD8kOXhacbW8haziiM"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 87baa4f43c513659-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 29 Apr 2024 10:56:13 GMT

GET
H3 200 LOGOG.png
www.hk88game.com/img/pc/ 8 KB
8 KB 349ms
326ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hk88game.com/img/pc/LOGOG.png
Requested by: Host: www.hk88casino.com
URL: https://www.hk88casino.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2a9fd9207081d82735cd5f0ef6b5ec9ce6d314d6dae215c4fce3f5ec0e21240

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.hk88casino.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:13 GMT
cf-cache-status: MISS
last-modified: Sat, 13 Jan 2024 06:26:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65a22cfe-1fc2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o33%2F9T06QBLWqOCVTR7GMwoLzFxHDINIvzge4V3PzT67Hn902xSpT1oSAEHz0pEXxWcHaZxsIrW7Uqw%2FaV8zlHnBBcTavq2EMBV5Oo7FVf1h4PUoMSwSh%2FQkXxNbRdHSAGOqMqzgadNtxyipjvys"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
cf-ray: 87baa4f43c4f3659-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 28 May 2024 22:56:13 GMT

GET
H3 200 headBg.png
www.hk88game.com/img/pc/ 76 KB
77 KB 500ms
477ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hk88game.com/img/pc/headBg.png
Requested by: Host: www.hk88casino.com
URL: https://www.hk88casino.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28e23545e68f1abe12da87be94165b6539271cbb86837ff2636f7f253c2cfc02

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.hk88casino.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:13 GMT
cf-cache-status: MISS
last-modified: Sat, 13 Jan 2024 06:29:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65a22dd1-131f1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K%2FNih7EAc4iTuf7eVxkOInWRBMJa%2B%2B4bUIiWAIN6qvSlyNpb%2F9S9o0PPFruAaxGzu0WP4B55jOZSXZK0QydyzTzz89caeKMZLaWnUVvEbAtDbJ71O49md%2FoCWzxn1S%2BhKN8a4JNV2p0uY098m37v"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
cf-ray: 87baa4f43c4a3659-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 28 May 2024 22:56:13 GMT

GET
H3 200 down.png
www.hk88game.com/img/pc/ 22 KB
22 KB 477ms
476ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hk88game.com/img/pc/down.png
Requested by: Host: www.hk88casino.com
URL: https://www.hk88casino.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.hk88casino.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:14 GMT
cf-cache-status: MISS
last-modified: Sat, 13 Jan 2024 06:35:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65a22f48-5607"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KCSfnXvyBgxSIzVWdMCvvv4mK%2BSC%2Ba4zHWFAEAjkwwmWAXOHki8p7jksiMYFzHmamwIW0wK9OjZXrYWHPaHHAuz4qbCKOJIQLqH21ilJaPtkrxxlip2bBoMoNOsIv8qR%2BwL5es4bGFw83E6wrgjC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
cf-ray: 87baa4f64dfd3659-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 28 May 2024 22:56:14 GMT

GET
H3 200 mes.png
www.hk88game.com/img/pc/ 1 KB
2 KB 322ms
321ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hk88game.com/img/pc/mes.png
Requested by: Host: www.hk88casino.com
URL: https://www.hk88casino.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8038562412f16578eb80fdc71477f1ad0dde5675c7d1c207396111603cc4a835

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.hk88casino.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:14 GMT
cf-cache-status: MISS
last-modified: Mon, 25 Jul 2022 16:21:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62dec30c-55b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LXpESFTZFwU2hOKlvHiBlmpCdVX0qbXvnVWy5QTlpbfeDmzauOPcQJe2D%2Fu4dmKoPvgGFLyJ4VQn1ScFMilLiJc8iQD7PafFGeF5DWIfHEh9E4R5K3dYUts1lBthWFOauLtxfyACjEY568rL6NlC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
cf-ray: 87baa4f65e053659-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 28 May 2024 22:56:14 GMT

GET
H3 200 game1.png
www.hk88game.com/img/pc/ 100 KB
100 KB 16ms
14ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hk88game.com/img/pc/game1.png
Requested by: Host: www.hk88casino.com
URL: https://www.hk88casino.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c7ef08360f998dd15d954cfae5bc74e7aafbfaa9fe780172af306a6cb497f4f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.hk88casino.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:13 GMT
cf-cache-status: HIT
last-modified: Sat, 13 Jan 2024 06:43:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 139588
etag: W/"65a2312e-18e0e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s26YdTunsPIYx1QmwUfvuJctYtykpZRlrek78rztV6Zc4fVCzCavD3WXnmcwc9n15F1N%2B9o8QryvZiwZPxoVQpxuy6EC5WhEYsO5lmQN1qDMNIV0VgzLjJ0sNvlsUg6Re%2B9Uu%2Ba5woMGgWCIcCcl"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
cf-ray: 87baa4f65e063659-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 27 May 2024 08:09:45 GMT

GET game2.png
www.hk88game.com/img/pc/ 0
0

GET
H3 200 game3.png
www.hk88game.com/img/pc/ 120 KB
120 KB 44ms
42ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hk88game.com/img/pc/game3.png
Requested by: Host: www.hk88casino.com
URL: https://www.hk88casino.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4063deee521497f70d13783bf45080e02dcbb4b5082aba2c953e3ed83919e83c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.hk88casino.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:13 GMT
cf-cache-status: HIT
last-modified: Sat, 13 Jan 2024 06:53:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 139587
etag: W/"65a2337e-1df73"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IEj3AvbpH99KFv5Vs5rWh4UncK67672t%2B2FewAyMdxZ42sWpvabXr07S5Y88y4PmnI9PdttFyOnfxVVyJqEuYwf%2FOSySUnrV1h9FDbr0oVRWKNgeXYj8YtfXUECJficpLq%2Fz%2FdCs6AFyWwryNKUR"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
cf-ray: 87baa4f65e0f3659-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 27 May 2024 08:09:46 GMT

GET game4.png
www.hk88game.com/img/pc/ 0
0

GET game5.png
www.hk88game.com/img/pc/ 0
0

GET game6.png
www.hk88game.com/img/pc/ 0
0

GET resgiter.png
www.hk88game.com/img/pc/ 0
0

GET newPron.png
www.hk88game.com/img/pc/ 0
0

GET bannertitle.png
www.hk88game.com/img//pc/ 0
0

GET banner1.jpg
www.hk88game.com/img/pc/ 0
0

GET
H3 200 banner2.jpg
www.hk88game.com/img/pc/ 183 KB
183 KB 48ms
47ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hk88game.com/img/pc/banner2.jpg
Requested by: Host: www.hk88casino.com
URL: https://www.hk88casino.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b48ac686952a8b5593c873b511f1b6baffec3c4c9815e455031f5ae0d1ee8ce

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.hk88casino.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:13 GMT
cf-cache-status: HIT
last-modified: Sat, 13 Jan 2024 07:06:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 139587
etag: W/"65a23684-2da9b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ITaia8fUxeVuSxG6FZKdb65lwJcIw8jbWnIdYGkffg1hpWV%2BdixAD3BMDSrqlZ7yfLn%2B%2B%2BM4%2FV3En98LcL80KMsUIxuEdbJgppKmhA%2Fd5tQ06YpntLT2Rrh9XtiYmdi9LqzDy6ovy6xe2l3XhIpW"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
cf-ray: 87baa4f65e183659-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 27 May 2024 08:09:46 GMT

GET banner3.jpg
www.hk88game.com/img/pc/ 0
0

GET viptitle.png
www.hk88game.com/img/pc/ 0
0

GET vipcont.png
www.hk88game.com/img/pc/ 0
0

GET kefu.png
www.hk88game.com/img/pc/ 0
0

GET
H3 200 jquery.min.js Show response
www.hk88game.com/js/ 91 KB
34 KB 37ms
35ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hk88game.com/js/jquery.min.js
Requested by: Host: www.hk88casino.com
URL: https://www.hk88casino.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3227c1f0bd7127f9b7fd63630f1868bd5c865be599bf536355d63222b353c197

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.hk88casino.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 30 Jul 2022 14:01:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 372
etag: W/"62e539c4-16bb7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a8UlWhSLjX8PyU61%2F1hRZwncvAm%2FYXgadegBh4FuNLssgQ0mtC5DR3fqf6K2rZ5tfFU4U6bPa6AqiDGPJ2cEf8kJLGopCH1WubEZV%2FL8D0A7yrm4dZqAMfM0RSyrcvgZ1on7cFrPVYudZcTAaDqt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 87baa4f65e093659-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 29 Apr 2024 10:50:00 GMT

GET
H3 200 swiper-bundle.min.js Show response
www.hk88game.com/js/ 140 KB
40 KB 39ms
36ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hk88game.com/js/swiper-bundle.min.js
Requested by: Host: www.hk88casino.com
URL: https://www.hk88casino.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e4b8702d44f978f3fa8c826fe8ff3f1582c2ee3f4b533fb64bc758b2dc4a90e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.hk88casino.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 24 Jul 2022 12:03:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 372
etag: W/"62dd352e-22edd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3JDWHhFWkIPz4zqvYpqp2RMNkSimSwY2B23dCh3MqoYdiU8n%2BLZXkOrJeuVPTzUhxkd%2F0oaOUpvTgkMzZNVG1PjnGE2zGJiNup3Zhc4QikqihzMp1ssnq7Z9%2BM8ViaXaQZHpFxo%2Bz%2FKoHFqJAxXH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 87baa4f65e0b3659-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 29 Apr 2024 10:50:00 GMT

GET
H3 200 lib.js Show response
www.hk88game.com/js/ 145 KB
42 KB 43ms
41ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hk88game.com/js/lib.js
Requested by: Host: www.hk88casino.com
URL: https://www.hk88casino.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ce3231c518470f24746fa92a60681c4f157882a11b8126f9980c34cc717c0df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.hk88casino.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 30 Jul 2022 14:08:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 372
etag: W/"62e53b78-245c9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zK4PZPSkS%2B%2FOPm4JlaIeRmiB5Y0cy28%2FZpwbFHtYLwbjRIcluYIVPMxjWJUqy9FHfO7d2mQOKwPUtEqXQI0oGO8gTcBbvLEnz5DV0PkCosA8cYwBy00OyF5doYjJsV9OpNODNSLW4xwGaQZjBzlY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 87baa4f65e0c3659-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 29 Apr 2024 10:50:00 GMT

GET
H3 200 index.js Show response
www.hk88game.com/js/ 4 KB
2 KB 44ms
42ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hk88game.com/js/index.js
Requested by: Host: www.hk88casino.com
URL: https://www.hk88casino.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26c287c49a280850d30d22dcf8891a67dd12f2484309f66cd3b0c692a5f06afb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.hk88casino.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:56:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 20 Jan 2024 08:54:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 372
etag: W/"65ab8a5f-fb8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2FQEd7Wt7mcrNx625o%2FyfT0Uz7JA%2B0eYVRR%2FgAEqsipSkK6mFxt1KIhz%2FWO0FjVSEE0yccef7762ok6gsnvmvp%2F5XnIEGzHoQ62FQZ0d0VOYn%2FVdBXpmbVZh%2FE5FICrzrOlhaSsws5dmPF49MMHJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 87baa4f65e0d3659-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 29 Apr 2024 10:50:00 GMT

GET
H2 200 js-sdk-pro.min.js Show response
sdk.51.la/ 34 KB
13 KB 35ms
12ms Script
application/javascript 163.181.92.231

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.51.la/js-sdk-pro.min.js
Requested by: Host: www.hk88casino.com
URL: https://www.hk88casino.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.231 -, , ASN (),
Reverse DNS
Software: Tengine /
Resource Hash: d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.hk88casino.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 05:53:19 GMT
via: cache15.l2de2[899,899,304-0,H], cache1.l2de2[902,0], ens-cache5.de5[0,0,200-0,H], ens-cache5.de5[1,0]
content-encoding: gzip
x-oss-request-id: 661F63CF68CDBA3836F78025
content-md5: JLtSDpUX8u0+2Ye0aur3Iw==
age: 1011774
x-swift-cachetime: 1296000
x-cache: HIT TCP_MEM_HIT dirn:10:639477166
x-oss-cdn-auth: success
x-swift-savetime: Wed, 17 Apr 2024 05:53:19 GMT
content-length: 12846
x-oss-object-type: Normal
last-modified: Thu, 08 Jun 2023 02:24:34 GMT
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1713333199
content-type: application/javascript
access-control-allow-origin: *
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 5143829838470429443
eagleid: a3b55c9917143449738392139e
x-oss-server-time: 3

GET bg.jpg
www.hk88game.com/img/pc/ 0
0

POST collect
collect-v6.51.la/v6/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/uploads/images/FRkJVRuij6OhMlOOZD

Domain: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/uploads/images/IfB1VRuij6OhMlOAnGR

Domain: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/uploads/images/Gzwuh69hMlQRxpnj4ohqozpk

Domain: ur2g7.gunthies.com
URL: https://ur2g7.gunthies.com/uploads/images/FUI54ohOovO0nT-uhdScZD

Domain: www.hk88game.com
URL: https://www.hk88game.com/img/pc/game2.png

Domain: www.hk88game.com
URL: https://www.hk88game.com/img/pc/game4.png

Domain: www.hk88game.com
URL: https://www.hk88game.com/img/pc/game5.png

Domain: www.hk88game.com
URL: https://www.hk88game.com/img/pc/game6.png

Domain: www.hk88game.com
URL: https://www.hk88game.com/img/pc/resgiter.png

Domain: www.hk88game.com
URL: https://www.hk88game.com/img/pc/newPron.png

Domain: www.hk88game.com
URL: https://www.hk88game.com/img//pc/bannertitle.png

Domain: www.hk88game.com
URL: https://www.hk88game.com/img/pc/banner1.jpg

Domain: www.hk88game.com
URL: https://www.hk88game.com/img/pc/banner3.jpg

Domain: www.hk88game.com
URL: https://www.hk88game.com/img/pc/viptitle.png

Domain: www.hk88game.com
URL: https://www.hk88game.com/img/pc/vipcont.png

Domain: www.hk88game.com
URL: https://www.hk88game.com/img/pc/kefu.png

Domain: www.hk88game.com
URL: https://www.hk88game.com/img/pc/bg.jpg

Domain: collect-v6.51.la
URL: https://collect-v6.51.la/v6/collect?dt=4

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| setRem number| baseSize

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ur2g7.gunthies.com/	1969-12-31 23:59:59	Name: e2b72bb08b71c45a48a32a63e2d34b7f Value: 7ff5cd47096d134420bfdba5fccb6ea7
ur2g7.gunthies.com/	1969-12-31 23:59:59	Name: __vtins__3HxKKpJCWQpulFxW Value: %7B%22sid%22%3A%20%22b3c4ec74-109f-50e3-9537-a76c05c47850%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714346770857%2C%20%22ct%22%3A%201714344970857%7D
ur2g7.gunthies.com/	1970-01-21 05:48:24	Name: __51uvsct__3HxKKpJCWQpulFxW Value: 1
ur2g7.gunthies.com/	1970-01-21 05:48:24	Name: __51vcke__3HxKKpJCWQpulFxW Value: 63114dc7-63d5-5665-909c-34b14eaa024c
ur2g7.gunthies.com/	1970-01-21 05:48:24	Name: __51vuft__3HxKKpJCWQpulFxW Value: 1714344970859
.gunthies.com/	1970-01-21 04:58:00	Name: utag_main Value: v_id:018f26ec4a9d000205acef3256b10506f002a06700b08$_sn:1$_se:1$_ss:1$_st:1714346770910$ses_id:1714344970910%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:gunthies.com
.demdex.net/	1970-01-21 00:31:36	Name: demdex Value: 06563311276760962050454694656039395915
.gunthies.com/	1969-12-31 23:59:59	Name: AMCVS_518ABC7455E462B97F000101%40AdobeOrg Value: 1
.everesttech.net/	1970-01-21 04:58:00	Name: everest_g_v2 Value: g_surferid~Zi7UCwAAAMVs8gNe
.dpm.demdex.net/	1970-01-21 00:31:36	Name: dpm Value: 06563311276760962050454694656039395915
.gunthies.com/	1970-01-21 05:48:24	Name: AMCV_518ABC7455E462B97F000101%40AdobeOrg Value: 1176715910%7CMCIDTS%7C19842%7CMCMID%7C06543373292284928220450372718817467536%7CMCAAMLH-1714949771%7C6%7CMCAAMB-1714949771%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1714352171s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19849%7CvVersion%7C5.4.0
.gunthies.com/	1970-01-21 05:48:24	Name: _ga Value: GA1.2.886081610.1714344971
.gunthies.com/	1970-01-20 20:13:51	Name: _gid Value: GA1.2.1572276604.1714344971
.gunthies.com/	1970-01-20 20:12:25	Name: _gat_tealium_0 Value: 1
.gunthies.com/	1970-01-21 05:48:24	Name: _ga_03YYQYPPKQ Value: GS1.2.1714344971.1.0.1714344971.0.0.0
.gunthies.com/	1969-12-31 23:59:59	Name: s_cc Value: true

28 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ur2g7.gunthies.com/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://ur2g7.gunthies.com/template/Brasil/a3/css/jquery.sidr.dark.css Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://ur2g7.gunthies.com/?btwaf=34045980 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ur2g7.gunthies.com/?btwaf=34045980 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ur2g7.gunthies.com/?btwaf=34045980 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ur2g7.gunthies.com/?btwaf=34045980 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://ur2g7.gunthies.com/uploads/images/FRkJVSHlZlOIrzVk Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://ur2g7.gunthies.com/uploads/images/D2ulnKZtH3I0qT8k Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://ur2g7.gunthies.com/uploads/images/Gzwuh69hMlO0nBT7xJ5aZD Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://ur2g7.gunthies.com/uploads/images/HKKuhdZtpTIhLJk0rGR Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://ur2g7.gunthies.com/uploads/images/ITucLzS1qPOQo3Hk Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://ur2g7.gunthies.com/uploads/images/GJywnTSyoPOCq2Hk Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://ur2g7.gunthies.com/uploads/images/IUW1rrT7tJ4tqTwQgT4k Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://ur2g7.gunthies.com/uploads/images/ITIhVRuuMmbtIfB0ZD Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://ur2g7.gunthies.com/uploads/images/FRkJVR1cn2IfVRRk Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://ur2g7.gunthies.com/++theme++benar/search-icon-white.svg Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://ur2g7.gunthies.com/uploads/images/IGVmVSMc4ohUqPOBLGR Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://ur2g7.gunthies.com/uploads/images/D2uyoUAyLFQRxJShZD Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://ur2g7.gunthies.com/uploads/images/DhT6bJ4tM8BunFO0nrT7tGR Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://ur2g7.gunthies.com/uploads/images/FRkJVRIlnJftqTHk Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://ur2g7.gunthies.com/uploads/images/j5EhMlOGnTyhVSEuZD Message: Failed to load resource: the server responded with a status of 502 ()
other	warning	URL: https://ur2g7.gunthies.com/?btwaf=34045980 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ur2g7.gunthies.com/?btwaf=34045980 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ur2g7.gunthies.com/?btwaf=34045980 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ur2g7.gunthies.com/?btwaf=34045980 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ur2g7.gunthies.com/?btwaf=34045980 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ur2g7.gunthies.com/?btwaf=34045980 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ur2g7.gunthies.com/?btwaf=34045980 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bbg.demdex.net
bbg.sc.omtrdc.net
buttons-config.sharethis.com
cm.everesttech.net
collect-v6.51.la
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
l.sharethis.com
region1.google-analytics.com
sdk.51.la
ssc.benarnews.org
stats.g.doubleclick.net
tags.benarnews.org
tags.tiqcdn.com
ur2g7.gunthies.com
www.google-analytics.com
www.googletagmanager.com
www.hk88casino.com
www.hk88game.com
collect-v6.51.la
ur2g7.gunthies.com
www.hk88game.com
104.221.132.71
163.181.92.231
163.181.92.232
18.172.112.42
18.193.39.239
2001:4860:4802:34::36
203.107.86.226
2600:9000:206f:1c00:c:abe:f440:93a1
2600:9000:235a:9a00:7:2bfb:7c00:93a1
2606:4700:3037::6815:5fcb
2a00:1450:4001:803::200e
2a00:1450:4001:812::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9b
2a06:98c1:3121::3
52.16.30.197
52.212.88.72
63.140.62.17
63.140.62.27
08a346e9e53d6b54b5075053c3728817e6eff5a781c95c3ea7d64512a9d50400
0ce3231c518470f24746fa92a60681c4f157882a11b8126f9980c34cc717c0df
0ce5a9c1701c608219cee0ceb496e1311242be718d84819ab243ad85138ea581
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26c287c49a280850d30d22dcf8891a67dd12f2484309f66cd3b0c692a5f06afb
28e23545e68f1abe12da87be94165b6539271cbb86837ff2636f7f253c2cfc02
2b6b897ffcf23cc5ad4fd6f6a2b3e0075cc0fe8c3ddf1d228e6d4166698003dc
2c0c65e68f43ee3a26128e8c516a9de1bdcaa463ae97d6e3ec6f9ca7646b9aee
2cb8e7e84820ea31dd4864d4498faad211103b7042b9b6cb35281a8527cebc8a
3227c1f0bd7127f9b7fd63630f1868bd5c865be599bf536355d63222b353c197
4063deee521497f70d13783bf45080e02dcbb4b5082aba2c953e3ed83919e83c
4b48ac686952a8b5593c873b511f1b6baffec3c4c9815e455031f5ae0d1ee8ce
4c7ef08360f998dd15d954cfae5bc74e7aafbfaa9fe780172af306a6cb497f4f
5e4b8702d44f978f3fa8c826fe8ff3f1582c2ee3f4b533fb64bc758b2dc4a90e
6d5325062a4bcbc105515fc1f50831ad509422aaa9aebd0fc63154e3f1177999
7fbb7d0e3338e89ebead71b921eb04443793b56bbdd434e2e5cf58ecf5991b96
8038562412f16578eb80fdc71477f1ad0dde5675c7d1c207396111603cc4a835
81ad11ac439bdcbb8c683f6f0c00ff626fea2175d239284197489bbdab82d904
89a4a5eb4f7fedc4d946dd6fa5c1ee9be4bc396b592490385a605ecbb22ef141
8af1b42afb95212800e87123d521a7154072e6d4e2ccaced3974d325b04d46e8
992265ef5439b4925f0b0deeafb9061066e91515da7958f59bc399fc8e2f9b7a
9c52364aa5bb36383e699d5bab6646c1a6e2ff7f000bd99ff4f13184b6714a7e
a1121a68aa344b2860cf8c684dbb61ff0f8e5e8006bca6afcde4af7ae66e8e74
ab0b63987969ba7b2b8415f4c72ad9d8911ef888682a82971e1b6c3749f82e06
bfd11f3d2f5af43d38cc7d2d61e0629909f1f1638cf5fef4a84fd4413465e644
c54dffee88bf675c0aa8628675dbd4380d737d959604d9f43faca7a965503718
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
cf97424aa92758d77578a893e1d74ab666cd10e1e070a9707d121e1da5d8dd05
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
d4301ded2563a0304c0daa4858238efc1c4174095c6bf2a244168e7381c2a3b0
d6a5e1645a903494ee67716aa35ff8e2e00ba2adc530cdfca0b34dd5ce517e2d
daf4c69e49acbeea24c42417dd9c4d6fa1d837d79470f02f3ec4f908ea676dec
df083a053146d36f99daea6b5d3348ef38e9955487c5f223f09daf613b38d771
df8729ca85a298b83df80d745512a143f2460abe7848da74126b25e09d40f2d1
e2a9fd9207081d82735cd5f0ef6b5ec9ce6d314d6dae215c4fce3f5ec0e21240
ed8fb982cca8eef53eb358236213c23fbf11c5ea803d9e1ba23cc8f671b9c1ab
f0123e3039dbf234d506b0774986ef08e75fcac3fe7c965e5bd8640a14f02290
fa2fb3b23e9ecf9cbccbcf3eae8ace5ac9b339fc66c0347eb9a5f10111480ad3
fc53efd8066fff8c40ad7ab3496715906f962680d6b1e17c1e941e8fe39824a7

www.hk88casino.com Open in urlscan Pro 104.221.132.71 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

104 Requests

81 %HTTPS

50 %IPv6

15 Domains

20 Subdomains

20 IPs

5 Countries

1443 kBTransfer

3001 kBSize

16 Cookies

1 Outgoing links

Page URL History

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.hk88casino.com Open in urlscan Pro
104.221.132.71 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

81 %
HTTPS

50 %
IPv6

15
Domains

20
Subdomains

20
IPs

5
Countries

1443 kB
Transfer

3001 kB
Size

16
Cookies

104 HTTP transactions
0 data transactions