139.180.145.70 Open in urlscan Pro
139.180.145.70 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://139.180.145.70:4545/
Submission: On February 11 via manual (February 11th 2024, 12:43:39 pm UTC) from ID — Scanned from SG

Summary HTTP 32 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 3 domains to perform 32 HTTP transactions. The main IP is 139.180.145.70, located in Singapore, Singapore and belongs to AS-CHOOPA, US. The main domain is 139.180.145.70.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on January 13th 2024. Valid for: 3 months.

This is the only time 139.180.145.70 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	139.180.145.70 139.180.145.70	20473 (AS-CHOOPA) (AS-CHOOPA)
9	74.125.200.132 74.125.200.132	15169 (GOOGLE) (GOOGLE)
1	66.42.50.180 66.42.50.180	20473 (AS-CHOOPA) (AS-CHOOPA)
16	104.27.202.89 104.27.202.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
32	5

6 139.180.145.70 (Singapore, Singapore)

ASN20473 (AS-CHOOPA, US)
PTR: 139.180.145.70.vultrusercontent.com

139.180.145.70	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 74.125.200.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f132.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.42.50.180 (Singapore, Singapore)

ASN20473 (AS-CHOOPA, US)
PTR: 66.42.50.180.vultrusercontent.com

dikocok.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.27.202.89 (None, )

ASN13335 (CLOUDFLARENET, US)

nx-cdn.trgwl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	trgwl.com nx-cdn.trgwl.com — Cisco Umbrella Rank: 491588	687 KB
9	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 382	140 KB
1	dikocok.in dikocok.in	266 KB
32	3

	Domain	Requested by
16	nx-cdn.trgwl.com	139.180.145.70
9	cdn.ampproject.org	139.180.145.70 cdn.ampproject.org
1	dikocok.in	139.180.145.70
32	3

This site contains links to these domains. Also see Links.

Domain
16.78.16.79
linkmu.cyou

Subject Issuer	Validity	Valid
139.180.145.70 ZeroSSL RSA Domain Secure Site CA	`2024-01-13` - `2024-04-12`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
dikocok.in R3	`2023-11-26` - `2024-02-24`	3 months	crt.sh
trgwl.com GTS CA 1P5	`2023-12-16` - `2024-03-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://139.180.145.70:4545/
Frame ID: 3D8BC308957EC3BF29F5B21C23FB66F1
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NAGATOP - Link ALternatif Login Masuk Situs Resmi Nagatop

Detected technologies

Lightbox (JavaScript Libraries) Expand

Page Statistics

32
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

5
IPs

3
Countries

3500 kB
Transfer

3914 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://16.78.16.79:4545/

Search URL Search Domain Scan URL

URL: https://linkmu.cyou/newnaga

Search URL Search Domain Scan URL

URL: https://16.78.16.79:4545/promotion
Title: Promosi

Search URL Search Domain Scan URL

URL: https://linkmu.cyou/inc-livechat
Title: Live Chat

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
139.180.145.70/ 27 KB
6 KB 729ms
86ms Document
text/html 139.180.145.70
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://139.180.145.70:4545/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.180.145.70 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 139.180.145.70.vultrusercontent.com
Software: Apache /
Resource Hash: 8a769d4e6107ed7f996493c4750680b175cfc6334292048020ce3b33da41932f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 5685
content-type: text/html
date: Sun, 11 Feb 2024 12:43:32 GMT
etag: "6c55-6111a81135a9b-gzip"
last-modified: Sun, 11 Feb 2024 12:43:12 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 495ms
64ms Script
text/javascript 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: 139.180.145.70
URL: https://139.180.145.70:4545/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f132.1e100.net

Software

sffe /

Resource Hash

bd916a062712b0a3296a71e29b15d6c1a82aaaece4d130dbc3b6a23c43ae9d8b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://139.180.145.70:4545/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 11 Feb 2024 12:43:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73112
x-xss-protection: 0
server: sffe
etag: "881a9750979619b5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 11 Feb 2024 12:43:32 GMT

GET
H2 200 amp-carousel-0.1.js Show response
cdn.ampproject.org/v0/ 38 KB
11 KB 511ms
80ms Script
text/javascript 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-carousel-0.1.js

Requested by

Host: 139.180.145.70
URL: https://139.180.145.70:4545/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f132.1e100.net

Software

sffe /

Resource Hash

10ee8bf707945a6c304324cb7f9bba75f3049d41b0e22aec7ebec7ca19001d96

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://139.180.145.70:4545/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 11 Feb 2024 12:43:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11513
x-xss-protection: 0
server: sffe
etag: "9d5f3c5a19738ea2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 11 Feb 2024 12:43:32 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 497ms
88ms Script
text/javascript 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: 139.180.145.70
URL: https://139.180.145.70:4545/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f132.1e100.net

Software

sffe /

Resource Hash

4bffea2231acd3201125154f0420c29749a018c76beca5e6b1690db1792aa199

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://139.180.145.70:4545/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 11 Feb 2024 12:43:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9653
x-xss-protection: 0
server: sffe
etag: "b906a69fbe9260ba"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 11 Feb 2024 12:43:32 GMT

GET
H2 200 amp-anim-0.1.js Show response
cdn.ampproject.org/v0/ 6 KB
2 KB 489ms
81ms Script
text/javascript 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-anim-0.1.js

Requested by

Host: 139.180.145.70
URL: https://139.180.145.70:4545/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f132.1e100.net

Software

sffe /

Resource Hash

6178d64cb815653f95700fbf92db00546d1aef132d1351f9b32466adb8cbae6c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://139.180.145.70:4545/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 11 Feb 2024 12:43:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2467
x-xss-protection: 0
server: sffe
etag: "6e14f233bfdb1d4c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 11 Feb 2024 12:43:32 GMT

GET
H2 200 amp-iframe-0.1.js Show response
cdn.ampproject.org/v0/ 25 KB
9 KB 490ms
82ms Script
text/javascript 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-iframe-0.1.js

Requested by

Host: 139.180.145.70
URL: https://139.180.145.70:4545/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f132.1e100.net

Software

sffe /

Resource Hash

788ac98148a17cc85eceea073ff8f80f6178bf569e7b21c9c7ea651c01c87ec8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://139.180.145.70:4545/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 11 Feb 2024 12:43:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8918
x-xss-protection: 0
server: sffe
etag: "0935b444024c8a74"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 11 Feb 2024 12:43:32 GMT

GET
H2 200 amp-lightbox-0.1.js Show response
cdn.ampproject.org/v0/ 26 KB
8 KB 494ms
87ms Script
text/javascript 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-lightbox-0.1.js

Requested by

Host: 139.180.145.70
URL: https://139.180.145.70:4545/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f132.1e100.net

Software

sffe /

Resource Hash

81437ebbf2f5e0c3f6881d53d10bf6e3e3fe6020e860091556943c851733d74a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://139.180.145.70:4545/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 11 Feb 2024 12:43:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8548
x-xss-protection: 0
server: sffe
etag: "8bde388ae0c7af92"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 11 Feb 2024 12:43:32 GMT

GET
H2 200 89
139.180.145.70/api/v1/file-entries/ 979 KB
977 KB 638ms
536ms Image
image/png 139.180.145.70
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://139.180.145.70:3939/api/v1/file-entries/89?shareable_link=11&password=null&thumbnail=
Requested by: Host: 139.180.145.70
URL: https://139.180.145.70:4545/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.180.145.70 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 139.180.145.70.vultrusercontent.com
Software: Apache /
Resource Hash: a7ae534d1a8d0cb0d433b8fc3c4879e45cf14f831269e42da983ee409bf994d4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://139.180.145.70:4545/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 12:43:33 GMT
content-encoding: gzip
server: Apache
x-ratelimit-remaining: 999
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, private
x-ratelimit-limit: 1000
content-disposition: inline; filename=id_cbd_cfddbd89-edba-4029-8fa7-1203ac02c48f_1698822372837.png

GET
H2 200 251
dikocok.in/api/v1/file-entries/ 298 KB
266 KB 354ms
221ms Image
image/gif 66.42.50.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dikocok.in/api/v1/file-entries/251?shareable_link=162&password=null&thumbnail=
Requested by: Host: 139.180.145.70
URL: https://139.180.145.70:4545/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.42.50.180 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 66.42.50.180.vultrusercontent.com
Software: Apache /
Resource Hash: 196ff6ab700834eb21610abdfdbd6221e7a605cd0b5c9f378046601e7243117f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://139.180.145.70:4545/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 12:43:32 GMT
content-encoding: gzip
server: Apache
x-ratelimit-remaining: 999
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, private
x-ratelimit-limit: 1000
content-disposition: inline; filename=naga-top.gif

GET
H2 200 download-apk-background.png
nx-cdn.trgwl.com/Images/nexus-alpha/dark-gold/mobile/home/ 184 KB
185 KB 689ms
194ms Image
image/png 104.27.202.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-alpha/dark-gold/mobile/home/download-apk-background.png?v=20221001-1

Requested by

Host: 139.180.145.70
URL: https://139.180.145.70:4545/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.202.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c12d63e93e3898f733b5be84cdeada9580b2a568b2209c7d968be68c18aea742

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://139.180.145.70:4545/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 12:43:33 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 188842
x-xss-protection: 1; mode=block
last-modified: Fri, 07 May 2021 04:58:20 GMT
server: cloudflare
etag: "03e7d99fd42d71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m67Yh9%2B05n%2Bc3MggH3I%2B112glOXurCMN3Whu9eLQzLtYwPwd6SlZYIrfBZCNjk3ZWP3d0S7suvfWBjEfQh%2B7qHZL8IgfXclsQ8qjDcswO8SsG9WHHzQFuiAPQDxlOmRr7Nw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853cad9b79563e37-SIN

GET
H2 404 digital_sans_ef_medium.woff2
139.180.145.70/fonts/ 0
0 55ms
54ms Font
text/html 139.180.145.70
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://139.180.145.70:4545/fonts/digital_sans_ef_medium.woff2
Requested by: Host: 139.180.145.70
URL: https://139.180.145.70:4545/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.180.145.70 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 139.180.145.70.vultrusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: https://139.180.145.70:4545/
Origin: https://139.180.145.70:4545
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 12:43:32 GMT
content-encoding: gzip
last-modified: Sun, 11 Feb 2024 12:43:12 GMT
server: Apache
etag: "6c55-6111a81135a9b-gzip"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
content-length: 5685

GET
H2 404 digital_sans_ef_medium.woff
139.180.145.70/fonts/ 0
0 50ms
49ms Font
text/html 139.180.145.70
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://139.180.145.70:4545/fonts/digital_sans_ef_medium.woff
Requested by: Host: 139.180.145.70
URL: https://139.180.145.70:4545/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.180.145.70 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 139.180.145.70.vultrusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: https://139.180.145.70:4545/
Origin: https://139.180.145.70:4545
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 12:43:32 GMT
content-encoding: gzip
last-modified: Sun, 11 Feb 2024 12:43:12 GMT
server: Apache
etag: "6c55-6111a81135a9b-gzip"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
content-length: 5685

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0629a36da3c398212e310536eeae2453f0ff684457e071a27e410872a67c57a5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 597a4d8f07e81fa602193405e26c037c9dd4e605ab8f36e371ae0855362e28f2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 hot-games.svg
nx-cdn.trgwl.com/Images/nexus-alpha/dark-gold/mobile/menu/ 2 KB
2 KB 231ms
223ms Image
image/svg+xml 104.27.202.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-alpha/dark-gold/mobile/menu/hot-games.svg?v=20221001-1

Requested by

Host: 139.180.145.70
URL: https://139.180.145.70:4545/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.202.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e30173eadbde634e4efcce8f266e728637c0ac712f448696e2bc5dd07cc992b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://139.180.145.70:4545/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 12:43:33 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Tue, 01 Dec 2020 00:03:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"0c6755975c7d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yl%2BB5K7e5udsUtVdaLi6p1%2Fe3fuqjMTg6fp0SpJvxKySYFukos9924VxF0wZbRJ1Ym81U8SSRk8nywPgKzKPFklaWH21albIK8IvD8d5FIBqHJhdN0XLwpAGN9T7DTr7hp4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 853cad9be9b63e37-SIN
x-xss-protection: 1; mode=block

GET
H2 200 slots.svg
nx-cdn.trgwl.com/Images/nexus-alpha/dark-gold/mobile/menu/ 4 KB
2 KB 236ms
232ms Image
image/svg+xml 104.27.202.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-alpha/dark-gold/mobile/menu/slots.svg?v=20221001-1

Requested by

Host: 139.180.145.70
URL: https://139.180.145.70:4545/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.202.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7b14e50c3cd2de798401c5c8048d93dda0334ea36a03cd5ed2cf8af9e935889

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://139.180.145.70:4545/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 12:43:33 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Tue, 01 Dec 2020 00:03:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"0c6755975c7d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mz4hM7Av3V5e0R3Z%2FD7ybWlqKAI46PGVTjCHwhxmS45nYoeTpQWVvoZdlN8%2FCMjlgXPQJIOKrSEUoTHDiJHgUcceCUKvdbv9ncGpIkusMayyzIl2IaLcuY59xBkaP8W8YMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 853cad9be9ac3e37-SIN
x-xss-protection: 1; mode=block

GET
H2 200 casino.svg
nx-cdn.trgwl.com/Images/nexus-alpha/dark-gold/mobile/menu/ 5 KB
3 KB 233ms
229ms Image
image/svg+xml 104.27.202.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-alpha/dark-gold/mobile/menu/casino.svg?v=20221001-1

Requested by

Host: 139.180.145.70
URL: https://139.180.145.70:4545/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.202.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1602454599a1edd8febc2c838afc601293f5d4968c234bfdff37ab201bb852d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://139.180.145.70:4545/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 12:43:33 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Tue, 01 Dec 2020 00:03:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"0c6755975c7d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nT2mhzYj6c3aWdUB0xvzfDxP71DnkcXB7uB3L%2FujrDwalnhSlWUy%2Bwusads%2Ftw3A%2FVOvSnUjbs58B7E%2FeDRvfQ41IjVwGZqItTIWU0O5dQ1FGdlsQzIXFw5gwjsLCcfrxjA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 853cad9be9c23e37-SIN
x-xss-protection: 1; mode=block

GET
H2 200 sports.svg
nx-cdn.trgwl.com/Images/nexus-alpha/dark-gold/mobile/menu/ 3 KB
2 KB 228ms
224ms Image
image/svg+xml 104.27.202.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-alpha/dark-gold/mobile/menu/sports.svg?v=20221001-1

Requested by

Host: 139.180.145.70
URL: https://139.180.145.70:4545/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.202.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f4ffbbdf32e71acd2c5aad49e034e5b3f41e6382a7b0b593e99ace272b30103

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://139.180.145.70:4545/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 12:43:33 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Tue, 01 Dec 2020 00:03:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"0c6755975c7d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DF8kNjtcNpfImdU7kq0GYxDzhF9vSnD5ktVC4R7n6i5qVyXxOB8jJiClVm5ArBhlaHi%2FtyoVgkg7GYrGqdfCX%2BT48lRXwatmHQXApbbx4f4a%2FOpfkqEb4dbVmJrinL8D9Ec%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 853cad9be9b33e37-SIN
x-xss-protection: 1; mode=block

GET
H2 200 arcade.svg
nx-cdn.trgwl.com/Images/nexus-alpha/dark-gold/mobile/menu/ 1 KB
1 KB 235ms
231ms Image
image/svg+xml 104.27.202.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-alpha/dark-gold/mobile/menu/arcade.svg?v=20221001-1

Requested by

Host: 139.180.145.70
URL: https://139.180.145.70:4545/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.202.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be4774f6a2e81f3fcb24fcca8e7157469988f6ca136af838ba824077ae20b257

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://139.180.145.70:4545/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 12:43:33 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Tue, 01 Dec 2020 00:03:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"0c6755975c7d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WN6bUohh5%2FH%2BpIo71BijKN4%2F8Yk8ewrID%2BHKJ38Rbr8e3dSP8DcsRdN0p4rS8uaOdYgL9ZRvA3JUZ5SygtWQKunq5davidbXAzOe%2BEadV2MvS9vdW48GPv9CmhLG56suOuM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 853cad9be9bf3e37-SIN
x-xss-protection: 1; mode=block

GET
H2 200 poker.svg
nx-cdn.trgwl.com/Images/nexus-alpha/dark-gold/mobile/menu/ 3 KB
2 KB 230ms
227ms Image
image/svg+xml 104.27.202.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-alpha/dark-gold/mobile/menu/poker.svg?v=20221001-1

Requested by

Host: 139.180.145.70
URL: https://139.180.145.70:4545/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.202.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26d915940c6e2da81e95f7f7ed1ddfe0de7fbd6cc8c49896fdca6212add03204

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://139.180.145.70:4545/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 12:43:33 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Tue, 01 Dec 2020 00:03:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"0c6755975c7d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dqUQSA2GSbomBDwfkMWpTi7aKJRscUH9xPglqZM4qmiKK%2BFuxcfPTef3SQLAmc%2BNyBoeweLZBrOQrS9go40VcyoH3c%2FKvkaPaAP7z%2BC47ZTxaITkasNOKrUpHNQfrstYZkA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 853cad9be9ba3e37-SIN
x-xss-protection: 1; mode=block

GET
H2 200 others.svg
nx-cdn.trgwl.com/Images/nexus-alpha/dark-gold/mobile/menu/ 1 KB
1 KB 228ms
225ms Image
image/svg+xml 104.27.202.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-alpha/dark-gold/mobile/menu/others.svg?v=20221001-1

Requested by

Host: 139.180.145.70
URL: https://139.180.145.70:4545/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.202.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a59867b22a1fb1ee9b2e59487bdbab3fe853ca2ae4f3cd5cbd03491f56cd81c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://139.180.145.70:4545/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 12:43:33 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Tue, 01 Dec 2020 00:03:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"0c6755975c7d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=641%2B2caT5PHTbyS4EJk95aiRhgARfKEtk%2BgwjPf0OsfOWW2vew4IsNWmbqwM%2FInGRJPP19dHzXIM0mEbcgw6OtWO5mO2ZfQEz4SkYDl0A4i6k84CZoI6avBPGW6IH5gP3Hc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 853cad9be9bc3e37-SIN
x-xss-protection: 1; mode=block

GET
H2 200 live-tv.svg
nx-cdn.trgwl.com/Images/nexus-alpha/dark-gold/mobile/menu/ 2 KB
2 KB 233ms
230ms Image
image/svg+xml 104.27.202.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-alpha/dark-gold/mobile/menu/live-tv.svg?v=20221001-1

Requested by

Host: 139.180.145.70
URL: https://139.180.145.70:4545/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.202.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

842386e9166829483464ff8f82776bb0f17536ffac2fa871fa229d595bc4ab38

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://139.180.145.70:4545/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 12:43:33 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Wed, 25 Nov 2020 21:04:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"0f5d0896ec3d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pjez8zohFLYJ3Ie%2BYGZR4asnnwrjrZO7UR838hoQgO149tnOccUz3Bs%2BpxZ5lmBHoWz8F9wIjpl4lKNj%2BHdUy%2BF4gTDpDuNbz1qJfYk1WIWW%2BKF4gvFwa88XRm3blbOLXkU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 853cad9be9b03e37-SIN
x-xss-protection: 1; mode=block

GET
H2 200 download-apk-phone.png
nx-cdn.trgwl.com/Images/nexus-alpha/dark-gold/mobile/home/ 464 KB
465 KB 229ms
226ms Image
image/png 104.27.202.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-alpha/dark-gold/mobile/home/download-apk-phone.png?v=20221001-1

Requested by

Host: 139.180.145.70
URL: https://139.180.145.70:4545/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.202.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

384a800caa370ae090179a9ce6acd778e1f4492a955729cd369dfb5bd7864016

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://139.180.145.70:4545/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 12:43:33 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 475422
x-xss-protection: 1; mode=block
last-modified: Mon, 17 May 2021 23:29:04 GMT
server: cloudflare
etag: "0208a6c744bd71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=crjI4NHVECrOe4rcM8nU57SPql4FN0fT1UQz5Vy8nE3KZM8xHnApOz8yFMQhZ0iTH57aVjobQHnmvO9egSFl1zQLDnCxs%2B%2BTMal12fPYNNma8jYwrU5PfqNiZIW%2B%2FgQGvJM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853cad9be9b13e37-SIN

GET
H2 200 android-logo.png
nx-cdn.trgwl.com/Images/nexus-alpha/dark-gold/mobile/home/ 12 KB
13 KB 284ms
282ms Image
image/png 104.27.202.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-alpha/dark-gold/mobile/home/android-logo.png?v=20221001-1

Requested by

Host: 139.180.145.70
URL: https://139.180.145.70:4545/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.202.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78b03444c9b9c107014a6e43864e3e1a481407bd8b27f48b54bfdfe1256806da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://139.180.145.70:4545/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 12:43:33 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 12648
x-xss-protection: 1; mode=block
last-modified: Sun, 16 May 2021 19:36:06 GMT
server: cloudflare
etag: "0d796b68a4ad71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ir2iS0ffOYB5BAtEb784fbb8RH%2BS5eRWd0Z9eEgGykqhjo0dcoiAU24ClSu8R6TIViXH4P5BVehAGwF1oTk7jC%2FceLlle1juy1uCcrKANFlNupdxRYLkkZnoSYF2L6LzsA8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853cad9be9b93e37-SIN

GET
H2 200 home-active.svg
nx-cdn.trgwl.com/Images/nexus-alpha/dark-gold/mobile/layout/footer/ 2 KB
1 KB 224ms
222ms Image
image/svg+xml 104.27.202.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-alpha/dark-gold/mobile/layout/footer/home-active.svg?v=20221001-1

Requested by

Host: 139.180.145.70
URL: https://139.180.145.70:4545/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.202.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cc68b09ac3cfe87244416a8c53ffa3a32241502b0d408399d4022aa3dac878b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://139.180.145.70:4545/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 12:43:33 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Wed, 25 Nov 2020 23:46:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"04f8a3285c3d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wDoQVF8yH5X65w3AHI4mLEGi%2BCN2sMvmO3p0CcCzJq0Pg66aQl6NgSXTJ9jC3qOdSyLRyDNM0ox9pH6CXP4AqehOlWw%2B83bpahFBenZh6%2BES%2FfPBnKclhzOl2TGvDODCys%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 853cad9be9af3e37-SIN
x-xss-protection: 1; mode=block

GET
H2 200 mobile-app.svg
nx-cdn.trgwl.com/Images/nexus-alpha/dark-gold/mobile/layout/footer/ 1006 B
1 KB 228ms
226ms Image
image/svg+xml 104.27.202.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-alpha/dark-gold/mobile/layout/footer/mobile-app.svg?v=20221001-1

Requested by

Host: 139.180.145.70
URL: https://139.180.145.70:4545/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.202.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a51ea1f5515ccc373b20e0add7a8e13337494109d8751751c226bb797855cf37

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://139.180.145.70:4545/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 12:43:33 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Mon, 21 Jun 2021 11:18:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"0f4162b8f66d71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c4VpEcXdTk0voiBSrkF%2F2HIKoAbgrwVT4b7E0cAZpZz5V8%2BDwsMOrpL1gClWyuX0cLBMJYN7wxj7Z1C%2B2%2F8eaYQYTT4e3GRByW9O5gomD2AXtkauItPOAzKFH5PozL00MQM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 853cad9be9b73e37-SIN
x-xss-protection: 1; mode=block

GET
H2 200 login.svg
nx-cdn.trgwl.com/Images/nexus-alpha/dark-gold/mobile/layout/footer/ 3 KB
2 KB 230ms
228ms Image
image/svg+xml 104.27.202.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-alpha/dark-gold/mobile/layout/footer/login.svg?v=20221001-1

Requested by

Host: 139.180.145.70
URL: https://139.180.145.70:4545/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.202.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d15b7d09b21a45e2ee163d465ef0d4d66e890810394a938fd0a41fdb1cffa73f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://139.180.145.70:4545/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 12:43:33 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Mon, 21 Jun 2021 11:10:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"0103888e66d71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOHhZer1CxOE4OACK13npnhwx81b5FcE9mgxuSUB1QUewTUj62tymPPZ4UuAhCMUl3vIh0w%2Bvsb2kA2U8zGotbCPMOY3HOoLR4Rkiih9AawZ2L2gXpzJ5Lcbij4Epcp4pwE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 853cad9be9bd3e37-SIN
x-xss-protection: 1; mode=block

GET
H2 200 promotion.svg
nx-cdn.trgwl.com/Images/nexus-alpha/dark-gold/mobile/layout/footer/ 3 KB
2 KB 283ms
281ms Image
image/svg+xml 104.27.202.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-alpha/dark-gold/mobile/layout/footer/promotion.svg?v=20221001-1

Requested by

Host: 139.180.145.70
URL: https://139.180.145.70:4545/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.202.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23933c6341149c2b4ee02ec30b8609213a4d4ff5348fb3c32a6d145541decaa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://139.180.145.70:4545/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 12:43:33 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Wed, 25 Nov 2020 23:46:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"04f8a3285c3d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2FimWcvotSAktZ0c1ylFItRrIGfdgqPJl%2FixSTCPpy6xWxZe2apA1tkmgPVTwQM6J41C046dkA65SNwx9oe1DbVj8Xu3jPa3io6WCgiUd9NPr3TLmyJdECk4lhxCtTmWbF8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 853cad9be9b53e37-SIN
x-xss-protection: 1; mode=block

GET
H2 200 live-chat.svg
nx-cdn.trgwl.com/Images/nexus-alpha/dark-gold/mobile/layout/footer/ 3 KB
2 KB 230ms
229ms Image
image/svg+xml 104.27.202.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-alpha/dark-gold/mobile/layout/footer/live-chat.svg?v=20221001-1

Requested by

Host: 139.180.145.70
URL: https://139.180.145.70:4545/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.27.202.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33e35c58c19009ef7d4443224415a7cd6ead4e4bbf539e8c7ac6175d2ba4908c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://139.180.145.70:4545/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 12:43:33 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Wed, 25 Nov 2020 23:46:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"04f8a3285c3d61:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gjkWp0QmbcFFFPEuzQLTwOu6BSAwscL15a9iostsshUQgsj4OOqPvaxOgVz27GJfjic%2BFeM0%2BZbt5zWi3lRSgTXZOJzgvKF5lixddJdF8%2FaIcyZK8X0DsdCZnwOvMfrQLqA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 853cad9be9b83e37-SIN
x-xss-protection: 1; mode=block

GET
H2 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012401262004000/v0/ 8 KB
4 KB 534ms
64ms Script
text/javascript 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401262004000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f132.1e100.net

Software

sffe /

Resource Hash

a31c9caec829c74e24266c93d6703498aac2601295528239a68abafd6b1b3a01

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://139.180.145.70:4545/
Origin: https://139.180.145.70:4545
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Feb 2024 16:53:03 GMT
age: 157830
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2980
x-xss-protection: 0
server: sffe
etag: "6a9a1d0871bf36c1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Feb 2025 16:53:03 GMT

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 149 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012401262004000/v0/ 12 KB
4 KB 523ms
66ms Script
text/javascript 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401262004000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f132.1e100.net

Software

sffe /

Resource Hash

6f0846c37e8771f9fcb788ee8bbf846d090fe165967b7d02f54491d957c18792

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://139.180.145.70:4545/
Origin: https://139.180.145.70:4545
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Feb 2024 04:53:35 GMT
age: 200998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3926
x-xss-protection: 0
server: sffe
etag: "24a14f6558dda384"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Feb 2025 04:53:35 GMT

GET
H2 200 86
139.180.145.70/api/v1/file-entries/ 328 KB
328 KB 946ms
946ms Image
image/png 139.180.145.70
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://139.180.145.70:3939/api/v1/file-entries/86?shareable_link=37&password=null&thumbnail=
Requested by: Host: 139.180.145.70
URL: https://139.180.145.70:4545/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.180.145.70 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 139.180.145.70.vultrusercontent.com
Software: Apache /
Resource Hash: 733bd0b1e8439875b816ef1b539a2fb75131a397c585db3f2e0a7f0d507e5a9f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://139.180.145.70:4545/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 12:43:34 GMT
content-encoding: gzip
server: Apache
x-ratelimit-remaining: 997
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, private
x-ratelimit-limit: 1000
content-disposition: inline; filename=id_cbd_7b71713a-e0c5-47b4-b7b9-35972480bae8_1698822716637.png

GET
H2 200 87
139.180.145.70/api/v1/file-entries/ 1 MB
1 MB 836ms
836ms Image
image/png 139.180.145.70
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://139.180.145.70:3939/api/v1/file-entries/87?shareable_link=36&password=null&thumbnail=
Requested by: Host: 139.180.145.70
URL: https://139.180.145.70:4545/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.180.145.70 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 139.180.145.70.vultrusercontent.com
Software: Apache /
Resource Hash: 51a3c020afbb905a49a63cb84373350ee64b875b8525b93f34db7053228488ee

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://139.180.145.70:4545/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 12:43:33 GMT
content-encoding: gzip
server: Apache
x-ratelimit-remaining: 997
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, private
x-ratelimit-limit: 1000
content-disposition: inline; filename=id_cbd_124519fe-bfb3-4510-b03c-39cec13d1111_1698822483117.png

GET
H2 200 amp-lightbox-gallery-0.1.js Show response
cdn.ampproject.org/rtv/012401262004000/v0/ 65 KB
19 KB 71ms
71ms Script
text/javascript 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401262004000/v0/amp-lightbox-gallery-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f132.1e100.net

Software

sffe /

Resource Hash

832b64207b233fa5db1fff450c78aeaf5152e839cc2200bfe837bf636806b947

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://139.180.145.70:4545/
Origin: https://139.180.145.70:4545
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Feb 2024 15:09:16 GMT
age: 164057
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19084
x-xss-protection: 0
server: sffe
etag: "4874647564973ee5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Feb 2025 15:09:16 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://139.180.145.70:4545/fonts/digital_sans_ef_medium.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://139.180.145.70:4545/fonts/digital_sans_ef_medium.woff Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
dikocok.in
nx-cdn.trgwl.com
104.27.202.89
139.180.145.70
66.42.50.180
74.125.200.132
0629a36da3c398212e310536eeae2453f0ff684457e071a27e410872a67c57a5
10ee8bf707945a6c304324cb7f9bba75f3049d41b0e22aec7ebec7ca19001d96
1602454599a1edd8febc2c838afc601293f5d4968c234bfdff37ab201bb852d9
196ff6ab700834eb21610abdfdbd6221e7a605cd0b5c9f378046601e7243117f
1f4ffbbdf32e71acd2c5aad49e034e5b3f41e6382a7b0b593e99ace272b30103
23933c6341149c2b4ee02ec30b8609213a4d4ff5348fb3c32a6d145541decaa1
26d915940c6e2da81e95f7f7ed1ddfe0de7fbd6cc8c49896fdca6212add03204
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce
33e35c58c19009ef7d4443224415a7cd6ead4e4bbf539e8c7ac6175d2ba4908c
384a800caa370ae090179a9ce6acd778e1f4492a955729cd369dfb5bd7864016
4a59867b22a1fb1ee9b2e59487bdbab3fe853ca2ae4f3cd5cbd03491f56cd81c
4bffea2231acd3201125154f0420c29749a018c76beca5e6b1690db1792aa199
51a3c020afbb905a49a63cb84373350ee64b875b8525b93f34db7053228488ee
597a4d8f07e81fa602193405e26c037c9dd4e605ab8f36e371ae0855362e28f2
5cc68b09ac3cfe87244416a8c53ffa3a32241502b0d408399d4022aa3dac878b
6178d64cb815653f95700fbf92db00546d1aef132d1351f9b32466adb8cbae6c
6f0846c37e8771f9fcb788ee8bbf846d090fe165967b7d02f54491d957c18792
733bd0b1e8439875b816ef1b539a2fb75131a397c585db3f2e0a7f0d507e5a9f
788ac98148a17cc85eceea073ff8f80f6178bf569e7b21c9c7ea651c01c87ec8
78b03444c9b9c107014a6e43864e3e1a481407bd8b27f48b54bfdfe1256806da
81437ebbf2f5e0c3f6881d53d10bf6e3e3fe6020e860091556943c851733d74a
832b64207b233fa5db1fff450c78aeaf5152e839cc2200bfe837bf636806b947
842386e9166829483464ff8f82776bb0f17536ffac2fa871fa229d595bc4ab38
8a769d4e6107ed7f996493c4750680b175cfc6334292048020ce3b33da41932f
a31c9caec829c74e24266c93d6703498aac2601295528239a68abafd6b1b3a01
a51ea1f5515ccc373b20e0add7a8e13337494109d8751751c226bb797855cf37
a7ae534d1a8d0cb0d433b8fc3c4879e45cf14f831269e42da983ee409bf994d4
bd916a062712b0a3296a71e29b15d6c1a82aaaece4d130dbc3b6a23c43ae9d8b
be4774f6a2e81f3fcb24fcca8e7157469988f6ca136af838ba824077ae20b257
c12d63e93e3898f733b5be84cdeada9580b2a568b2209c7d968be68c18aea742
d15b7d09b21a45e2ee163d465ef0d4d66e890810394a938fd0a41fdb1cffa73f
e30173eadbde634e4efcce8f266e728637c0ac712f448696e2bc5dd07cc992b0
ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e
f7b14e50c3cd2de798401c5c8048d93dda0334ea36a03cd5ed2cf8af9e935889
fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457

139.180.145.70 Open in urlscan Pro 139.180.145.70 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

32 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

5 IPs

3 Countries

3500 kBTransfer

3914 kBSize

0 Cookies

4 Outgoing links

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

139.180.145.70 Open in urlscan Pro
139.180.145.70 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

5
IPs

3
Countries

3500 kB
Transfer

3914 kB
Size

0
Cookies

32 HTTP transactions
5 data transactions