urlscan.io logo urlscan.io
SecurityTrails logo

ubi138f.xyz Open in urlscan Pro
2606:4700:3031::ac43:c86a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ubi138f.xyz/m/event.php
Effective URL: https://ubi138f.xyz/m/event.php
Submission: On October 24 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 14 domains to perform 51 HTTP transactions. The main IP is 2606:4700:3031::ac43:c86a, located in United States and belongs to CLOUDFLARENET, US. The main domain is ubi138f.xyz.
TLS certificate: Issued by E5 on August 29th 2024. Valid for: 3 months.
This is the only time ubi138f.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    2606:4700:3031::ac43:c86a (United States)

ASN13335 (CLOUDFLARENET, US)
ubi138f.xyz
1    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
18    2606:4700::6812:187a (United States)

ASN13335 (CLOUDFLARENET, US)
img.viva88athenae.com
4    2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2607:f8b0:400d:c0c::5f (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:21b8:6000:1e:e844:dd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
public.pgsoft-games.com
1    13.229.75.144 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-229-75-144.ap-southeast-1.compute.amazonaws.com
tipspragmaticplay.com
2    2606:4700:3037::ac43:9b8c (United States)

ASN13335 (CLOUDFLARENET, US)
fastspinpromotion.com
1    18.163.254.185 (Hong Kong)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-163-254-185.ap-east-1.compute.amazonaws.com
www.playstarevent.com
1    2606:4700:3035::ac43:c031 (United States)

ASN13335 (CLOUDFLARENET, US)
l22campaign.com
1    34.160.148.127 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 127.148.160.34.bc.googleusercontent.com
history.jlfafafa3.com
1    2606:4700:3032::ac43:9da9 (United States)

ASN13335 (CLOUDFLARENET, US)
spade-event.com
3    2607:f8b0:4004:c08::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
18 img.viva88athenae.com ubi138f.xyz
10 ubi138f.xyz ubi138f.xyz
6 www.facebook.com ubi138f.xyz
4 connect.facebook.net ubi138f.xyz
connect.facebook.net
3 fonts.gstatic.com fonts.googleapis.com
2 fastspinpromotion.com ubi138f.xyz
1 spade-event.com ubi138f.xyz
1 history.jlfafafa3.com ubi138f.xyz
1 l22campaign.com ubi138f.xyz
1 www.playstarevent.com ubi138f.xyz
1 tipspragmaticplay.com ubi138f.xyz
1 public.pgsoft-games.com ubi138f.xyz
1 fonts.googleapis.com ubi138f.xyz
1 code.jquery.com ubi138f.xyz
51 14

This site contains links to these domains. Also see Links.

Domain
rebrand.ly
tawk.to
Subject Issuer Validity Valid
ubi138f.xyz
E5		 2024-08-29 -
2024-11-27		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
img.viva88athenae.com
E6		 2024-10-22 -
2025-01-20		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-02 -
2024-10-31		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
pgsoft-games.com
ZeroSSL RSA Domain Secure Site CA		 2024-09-18 -
2024-12-17		 3 months crt.sh
dailydropsandwin.com
R11		 2024-09-06 -
2024-12-05		 3 months crt.sh
fastspinpromotion.com
WE1		 2024-09-16 -
2024-12-15		 3 months crt.sh
*.playstarevent.com
E5		 2024-08-13 -
2024-11-11		 3 months crt.sh
l22campaign.com
WE1		 2024-10-08 -
2025-01-06		 3 months crt.sh
*.jlfafafa3.com
Sectigo RSA Domain Validation Secure Server CA		 2024-07-20 -
2025-08-15		 a year crt.sh
spade-event.com
WE1		 2024-10-09 -
2025-01-07		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://ubi138f.xyz/m/event.php
Frame ID: B33062452E81F19E743BC92EB3062730
Requests: 43 HTTP requests in this frame

Frame: https://public.pgsoft-games.com/events/oct/pay4d/
Frame ID: 0E26417B524925165AB081850F460315
Requests: 1 HTTP requests in this frame

Frame: https://tipspragmaticplay.com/id/promotion/daily-wins-mega-gacor/
Frame ID: 0A79976E28D557DB12E420EE1CC8549F
Requests: 1 HTTP requests in this frame

Frame: https://fastspinpromotion.com/PAY4D_Lucky_Wheel_Exclusive/?lang=id-ID
Frame ID: 6234CCCA71A8FFD63CB3F03464041016
Requests: 1 HTTP requests in this frame

Frame: https://www.playstarevent.com/halloween/?lang=idn&currency=IDR
Frame ID: 73D8ABA9EF138AEF1D73CE7C10F4D7DB
Requests: 1 HTTP requests in this frame

Frame: https://l22campaign.com/cash-race-october/?lang=id
Frame ID: BF5F495DFF310FF868D3336B1BB05336
Requests: 1 HTTP requests in this frame

Frame: https://history.jlfafafa3.com/id-ID/event/20241008_Dragon_ID
Frame ID: 8137C5D22F76119211AD22F6AABD2616
Requests: 1 HTTP requests in this frame

Frame: https://fastspinpromotion.com/2024_Snowy_Showdown/?lang=id-ID
Frame ID: ECCB93781D6380A575DB4D81F66A60EB
Requests: 1 HTTP requests in this frame

Frame: https://spade-event.com/enews/event/playandwin_August/?lang=id-ID
Frame ID: C7C473C8156EFDCA368E07B603C21639
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

UBI138 - Situs Cuan Besar MaxWin Terbanyak Terbaru Anti Gagal

Page URL History Show full URLs

  1. http://ubi138f.xyz/m/event.php HTTP 307
    https://ubi138f.xyz/m/event.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

51
Requests

100 %
HTTPS

79 %
IPv6

14
Domains

14
Subdomains

14
IPs

3
Countries

1115 kB
Transfer

1971 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ubi138f.xyz/m/event.php HTTP 307
    https://ubi138f.xyz/m/event.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request event.php
ubi138f.xyz/m/
Redirect Chain
  • http://ubi138f.xyz/m/event.php
  • https://ubi138f.xyz/m/event.php
49 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ubi138f.xyz/m/event.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c86a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3195a8da02d4210642478c1e38bb21efbe4cab864828121b300e2a1de1127709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options Deny

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
8d79dce92c3342db-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 24 Oct 2024 12:10:18 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jKUFyV4x4MGEcDah1%2F1zYqYvwUwuZQtMOyrJx0BB5qFJfvKdqIeDhF1B8Fn2PSI9CuQ3rpc6yWEjb7ORhYK9CzsdHnLQzt6ysb5XAyk11Nm9Ezq5juxWVMo%2FVCyGq056Em%2BGj1ltbnRn2A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=44198&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4060&recv_bytes=4435&delivery_rate=431&cwnd=12000&unsent_bytes=0&cid=a6d1cbc92c9514bb&ts=522&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
Deny

Redirect headers

Location
https://ubi138f.xyz/m/event.php
Non-Authoritative-Reason
HttpsUpgrades
bootstrap-5.3.0.min.css
ubi138f.xyz/css/ 		227 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ubi138f.xyz/css/bootstrap-5.3.0.min.css
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c86a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16ee7f3d53462650bbd32e263c48c0ea759574fcf620c681ad719008912c461a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/m/event.php

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PeC9eGKaDhhyGcaA3ENDqxIpe5hgoQDg8LXOIDqS7o3R8K5truuGuhKua%2F311QmWa4EK4rTtG13EKqviYBNvF27Bx9GuK7BFcA1j6hjD3ztsiwhvQ8P3%2BWXRDjuh9pWvYAYpc6McbYhfbg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d79dcec9f9342db-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=54660&sent=74&recv=37&lost=0&retrans=0&sent_bytes=62855&recv_bytes=7713&delivery_rate=307888&cwnd=26400&unsent_bytes=0&cid=a6d1cbc92c9514bb&ts=945&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 24 Oct 2024 12:10:19 GMT
content-type
text/css
last-modified
Thu, 02 May 2024 01:30:50 GMT
vary
Accept-Encoding
priority
u=0,i=?0
bootstrap-icons.css
ubi138f.xyz/css/ 		93 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ubi138f.xyz/css/bootstrap-icons.css?671a392ad16cd
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c86a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc7501c076aedb827481031b0d1e75973d193ddee920c5b42516dbb3d79092b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/m/event.php

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ATie1o1VvqaapjluaYg5HiEvW8HzFHcvcIPZKFAoOCdDZ1Yh8kkPvqTCPatKsMg2cV7zOckEzk0Lbh3jG%2FKcAC2RFJPo%2BrCfRfet9J0kpKV3INfeGRvgbSsp6wd5wgr1M68F9lk2hjUWMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d79dcec9f9942db-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=52985&sent=50&recv=28&lost=0&retrans=0&sent_bytes=35657&recv_bytes=7326&delivery_rate=125587&cwnd=12000&unsent_bytes=0&cid=a6d1cbc92c9514bb&ts=886&x=1", cfExtPri, cfHdrFlush;dur=5
date
Thu, 24 Oct 2024 12:10:19 GMT
content-type
text/css
last-modified
Thu, 02 May 2024 01:50:32 GMT
vary
Accept-Encoding
priority
u=0,i=?0
PD.css
ubi138f.xyz/css/template/ 		628 B
873 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ubi138f.xyz/css/template/PD.css
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c86a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5004f05cb953afa9431a92ec8741cfa4bec9b85869f323ba8a5f60e0beb1c1e6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/m/event.php

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
age
0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BSEM5twfuY%2BDxtfVzsHg9Rybl%2FWw55ib3s3c2zvgTRTYSfQQvR5%2BLCVSOTHUPlmW8vbNtlAWdxPSp5PqqhKeP0dmGakyVTlzCyA13VdH%2Fk8I9zMZiuNgUmAFgeN1b6G%2FmavZu45szjfN1g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d79dcec9f9b42db-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=44495&sent=32&recv=23&lost=0&retrans=0&sent_bytes=16558&recv_bytes=6801&delivery_rate=264324&cwnd=12000&unsent_bytes=0&cid=a6d1cbc92c9514bb&ts=613&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 24 Oct 2024 12:10:18 GMT
content-type
text/css
last-modified
Fri, 06 Oct 2023 06:18:26 GMT
vary
Accept-Encoding
priority
u=0,i=?0
variable.css
ubi138f.xyz/css/ 		912 B
969 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ubi138f.xyz/css/variable.css
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c86a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b77d1d50fd05f47563713df4e3afed4eba65e880fc43526127878a1dd4d5fb5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/m/event.php

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
age
0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f7s5FfReh6A13bOXitjq4uWU4hrT6GO9lkuvTRp%2BAiU51tf9k8sbC9T7m3gNgOh5Fiy6zLq5yACqyUn7gqFDCwlFJU8t8NBekX0e3%2FaX4JMP7bTGWdK0gd7dLPrY0vYYKiMv3RQHtqkBSA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d79dcec9f9c42db-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=44495&sent=31&recv=23&lost=0&retrans=0&sent_bytes=15566&recv_bytes=6801&delivery_rate=264324&cwnd=12000&unsent_bytes=0&cid=a6d1cbc92c9514bb&ts=611&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 24 Oct 2024 12:10:18 GMT
content-type
text/css
last-modified
Fri, 06 Oct 2023 06:18:05 GMT
vary
Accept-Encoding
priority
u=0,i=?0
dark.css
ubi138f.xyz/css/ 		963 B
995 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ubi138f.xyz/css/dark.css
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c86a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def6cdc4916ce9b9b2c47692138560782cb330f9aee6894243988858624180db

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/m/event.php

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
age
0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YX5F5CrS%2BKx6PbiaGm%2FBMSeuntiY3YeRsFx1xgafHipJF2JXevMKqccZHqHoExlPR3Wlg1F%2FzzMU5isYYZRT6eSTFqezeq7OnoN%2BPgN0IAmGBnKeK7MlhdKZ7NNE95Vohn2z86PxTHFqBw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d79dcec9f9d42db-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=44495&sent=33&recv=23&lost=0&retrans=0&sent_bytes=17454&recv_bytes=6801&delivery_rate=264324&cwnd=12000&unsent_bytes=0&cid=a6d1cbc92c9514bb&ts=615&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 24 Oct 2024 12:10:18 GMT
content-type
text/css
last-modified
Fri, 06 Oct 2023 06:18:06 GMT
vary
Accept-Encoding
priority
u=0,i=?0
style.css
ubi138f.xyz/css/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ubi138f.xyz/css/style.css
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c86a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4023733daff6bbff4dbe6ac833e325b8e46b177030c9a4919fd87c72e6df9db9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/m/event.php

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
age
0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fs%2B5E1XmgThpFx%2BXe1LhhiYXuWhLVFbn%2B%2BhUxMJKzZMOTt53q1cpQuHX0Rpy6TxPCQmzo1TA1xqRKw7TI%2FgJoTLSIqGfYyId09goxKotXS7eqhBgzYC8sEx53R0naJEmoU8dzrmlzo2MFw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d79dcec9f9f42db-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=44495&sent=34&recv=23&lost=0&retrans=0&sent_bytes=18472&recv_bytes=6801&delivery_rate=264324&cwnd=12000&unsent_bytes=0&cid=a6d1cbc92c9514bb&ts=615&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 24 Oct 2024 12:10:18 GMT
content-type
text/css
last-modified
Tue, 20 Feb 2024 12:35:36 GMT
vary
Accept-Encoding
priority
u=0,i=?0
jquery-3.6.4.js
code.jquery.com/ 		286 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.4.js
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6bd8c1051ca05f5061e65b7c1998d70f3c8e07e6d6bdef4488eeed44e52d8ff1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ubi138f.xyz
Referer
https://ubi138f.xyz/

Response headers

content-encoding
gzip
etag
W/"28feccc0-4766a"
age
4933022
x-cache
HIT, HIT
date
Thu, 24 Oct 2024 12:10:19 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits
3175, 6811
x-served-by
cache-lga21949-LGA, cache-ewr-kewr1740074-EWR
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1729771819.107863,VS0,VE0
cross-origin-resource-policy
cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
86002
server
nginx
beranda.png
img.viva88athenae.com// 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.viva88athenae.com//beranda.png
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:187a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aa3bf8373bf81c320f612e1e4f74391c7a3ec04463447da5c1bc6eedf952d76

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
286
expires
Thu, 24 Oct 2024 16:10:19 GMT
cf-polished
origFmt=png, origSize=2053
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 12:10:19 GMT
content-type
image/webp
content-disposition
inline; filename="beranda.webp"
vary
Accept
last-modified
Tue, 18 Apr 2023 09:33:06 GMT
cache-control
public, max-age=14400
cf-ray
8d79dced49134301-EWR
accept-ranges
bytes
content-length
1030
server
cloudflare
promosi.png
img.viva88athenae.com// 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.viva88athenae.com//promosi.png
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:187a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e441a89d1edfe9310678b5200484dcec9aa8eb75113299ee4cdc87bf26dac6d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
1085
expires
Thu, 24 Oct 2024 16:10:19 GMT
cf-polished
origFmt=png, origSize=6991
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 12:10:19 GMT
content-type
image/webp
content-disposition
inline; filename="promosi.webp"
vary
Accept
last-modified
Tue, 18 Apr 2023 09:33:06 GMT
cache-control
public, max-age=14400
cf-ray
8d79dced49154301-EWR
accept-ranges
bytes
content-length
4572
server
cloudflare
events.png
img.viva88athenae.com// 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.viva88athenae.com//events.png
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:187a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
100e5efe4f8a98327c14ef5d83042b6315e3aa470be2e27ccc895ebb08eb9153

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
1085
expires
Thu, 24 Oct 2024 16:10:19 GMT
cf-polished
origFmt=png, origSize=6850
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 12:10:19 GMT
content-type
image/webp
content-disposition
inline; filename="events.webp"
vary
Accept
last-modified
Wed, 21 Jun 2023 06:13:46 GMT
cache-control
public, max-age=14400
cf-ray
8d79dceda96e4301-EWR
accept-ranges
bytes
content-length
4768
server
cloudflare
whatsapp.png
img.viva88athenae.com// 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.viva88athenae.com//whatsapp.png
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:187a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f817d7b4aadd703ea57396c3f1685191732c485c17dc8ad2ded2e3784190d56

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
7052
expires
Thu, 24 Oct 2024 16:10:19 GMT
cf-polished
origFmt=png, origSize=5411
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 12:10:19 GMT
content-type
image/webp
content-disposition
inline; filename="whatsapp.webp"
vary
Accept
last-modified
Tue, 18 Apr 2023 09:47:20 GMT
cache-control
public, max-age=14400
cf-ray
8d79dceda96f4301-EWR
accept-ranges
bytes
content-length
3480
server
cloudflare
livechat.png
img.viva88athenae.com// 		876 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.viva88athenae.com//livechat.png
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:187a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
601049c1e12ec85c8abb6ba96a51cd5795373bc61a05664bed69983f2fd7dda5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
2292
expires
Thu, 24 Oct 2024 16:10:19 GMT
cf-polished
origFmt=png, origSize=1402
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 12:10:19 GMT
content-type
image/webp
content-disposition
inline; filename="livechat.webp"
vary
Accept
last-modified
Tue, 18 Apr 2023 09:33:06 GMT
cache-control
public, max-age=14400
cf-ray
8d79dcee09ce4301-EWR
accept-ranges
bytes
content-length
876
server
cloudflare
wa.png
img.viva88athenae.com/kontak/ 		378 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.viva88athenae.com/kontak/wa.png
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:187a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a06f5509e0ed17a2901ee5d71717a549f53e66dbec7607e3944cb418c60688c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
687
expires
Thu, 24 Oct 2024 16:10:19 GMT
cf-polished
origFmt=png, origSize=1628
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 12:10:19 GMT
content-type
image/webp
content-disposition
inline; filename="wa.webp"
vary
Accept
last-modified
Mon, 09 Sep 2019 19:19:48 GMT
cache-control
public, max-age=14400
cf-ray
8d79dcef3b234301-EWR
accept-ranges
bytes
content-length
378
server
cloudflare
telegram.png
img.viva88athenae.com/kontak/ 		276 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.viva88athenae.com/kontak/telegram.png
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:187a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d45af6dd72282092f374a0f0da9fc1443188ce7e240691fd7fc1f67c240f430

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
5680
expires
Thu, 24 Oct 2024 16:10:19 GMT
cf-polished
origFmt=png, origSize=2476
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 12:10:19 GMT
content-type
image/webp
content-disposition
inline; filename="telegram.webp"
vary
Accept
last-modified
Thu, 13 Apr 2023 05:55:59 GMT
cache-control
public, max-age=14400
cf-ray
8d79dcef3b254301-EWR
accept-ranges
bytes
content-length
276
server
cloudflare
logoweb.png
ubi138f.xyz/images/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ubi138f.xyz/images/logoweb.png
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c86a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3514d1e3395984844f27bb93818db861b3934ccb7ca2844b1b82a43633d25cb5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/m/event.php

Response headers

cf-cache-status
HIT
age
0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pvj74zSYW8zMmsozMcoWg2wwlFuaJg4f5YNyi2rlLpp3bnrXr%2F1kV0%2BtCF%2BYeigGgw8ect5JCIdlbgCv3YU%2FBuloJwpHfFewf3X6Pr2gtIqhn89t4WA953fhAfg7djlzzfDowd38IAyTxw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=66723&sent=107&recv=62&lost=0&retrans=0&sent_bytes=97398&recv_bytes=9145&delivery_rate=589034&cwnd=39600&unsent_bytes=0&cid=a6d1cbc92c9514bb&ts=1046&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 24 Oct 2024 12:10:19 GMT
content-type
image/png
last-modified
Sat, 02 Mar 2024 17:10:35 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d79dcef5a3042db-EWR
accept-ranges
bytes
content-length
85217
server
cloudflare
pg-oktober-24.jpg
img.viva88athenae.com/events/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.viva88athenae.com/events/pg-oktober-24.jpg
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:187a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fd11548aac8462b85e0284dc7cdaa5b7cf1a4f0bd67cc150b192f24f1a7f509

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
368
expires
Thu, 24 Oct 2024 16:10:19 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=262260
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 12:10:19 GMT
content-type
image/webp
content-disposition
inline; filename="pg-oktober-24.webp"
vary
Accept
last-modified
Tue, 01 Oct 2024 05:33:39 GMT
cache-control
public, max-age=14400
cf-ray
8d79dcef5b3e4301-EWR
accept-ranges
bytes
content-length
61846
server
cloudflare
pp-gacor-s7.jpg
img.viva88athenae.com/events/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.viva88athenae.com/events/pp-gacor-s7.jpg
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:187a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17c43115fcfb13a6fa495d2b646f7a7ada98d63d109836d2418c969fb0cf065d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
368
expires
Thu, 24 Oct 2024 16:10:19 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=238283
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 12:10:19 GMT
content-type
image/webp
content-disposition
inline; filename="pp-gacor-s7.webp"
vary
Accept
last-modified
Thu, 10 Oct 2024 10:43:30 GMT
cache-control
public, max-age=14400
cf-ray
8d79dcef5b434301-EWR
accept-ranges
bytes
content-length
54668
server
cloudflare
fs-wicked-wheel.jpg
img.viva88athenae.com/events/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.viva88athenae.com/events/fs-wicked-wheel.jpg
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:187a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
737201c246a61da7366a637c023d04acf451f35949e250bc86d55ca386c81317

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
368
expires
Thu, 24 Oct 2024 16:10:19 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=109185
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 12:10:19 GMT
content-type
image/webp
content-disposition
inline; filename="fs-wicked-wheel.webp"
vary
Accept
last-modified
Tue, 15 Oct 2024 06:18:50 GMT
cache-control
public, max-age=14400
cf-ray
8d79dcef5b454301-EWR
accept-ranges
bytes
content-length
43584
server
cloudflare
ps-spin-or-scream.jpg
img.viva88athenae.com/events/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.viva88athenae.com/events/ps-spin-or-scream.jpg
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:187a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb17f19cc1832712257fdb2da40da710d9b439358afbf34741c4679f69d67002

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
367
expires
Thu, 24 Oct 2024 16:10:19 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=92785
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 12:10:19 GMT
content-type
image/webp
content-disposition
inline; filename="ps-spin-or-scream.webp"
vary
Accept
last-modified
Mon, 30 Sep 2024 08:38:52 GMT
cache-control
public, max-age=14400
cf-ray
8d79dcef5b484301-EWR
accept-ranges
bytes
content-length
54650
server
cloudflare
l22-cash-race-2.jpg
img.viva88athenae.com/events/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.viva88athenae.com/events/l22-cash-race-2.jpg
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:187a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ea036465204d45d54f2c0b531bb5b2bb834c2886498bd797f9a8e6f71652638

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
367
expires
Thu, 24 Oct 2024 16:10:19 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=208256
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 12:10:19 GMT
content-type
image/webp
content-disposition
inline; filename="l22-cash-race-2.webp"
vary
Accept
last-modified
Mon, 30 Sep 2024 08:26:48 GMT
cache-control
public, max-age=14400
cf-ray
8d79dcef5b494301-EWR
accept-ranges
bytes
content-length
42008
server
cloudflare
jl-indonesia-x-jili.jpg
img.viva88athenae.com/events/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.viva88athenae.com/events/jl-indonesia-x-jili.jpg
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:187a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5e675ceb9028c51471e113266009e808b544e73d41fdc619317e98629ef85ed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
367
expires
Thu, 24 Oct 2024 16:10:19 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=207691
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 12:10:19 GMT
content-type
image/webp
content-disposition
inline; filename="jl-indonesia-x-jili.webp"
vary
Accept
last-modified
Tue, 01 Oct 2024 05:54:30 GMT
cache-control
public, max-age=14400
cf-ray
8d79dcef5b4d4301-EWR
accept-ranges
bytes
content-length
42650
server
cloudflare
nlc-spin-gifts.jpg
img.viva88athenae.com/events/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.viva88athenae.com/events/nlc-spin-gifts.jpg
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:187a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91353551e36403d47f54f45e0e55f00991d744d099a215e49b85c0023af24803

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
367
expires
Thu, 24 Oct 2024 16:10:19 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=260831
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 12:10:19 GMT
content-type
image/webp
content-disposition
inline; filename="nlc-spin-gifts.webp"
vary
Accept
last-modified
Mon, 30 Sep 2024 07:16:27 GMT
cache-control
public, max-age=14400
cf-ray
8d79dcef5b4e4301-EWR
accept-ranges
bytes
content-length
58210
server
cloudflare
fs-snowy-showdown.jpg
img.viva88athenae.com/events/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.viva88athenae.com/events/fs-snowy-showdown.jpg
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:187a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e728c8e7f3207dffdf6c074ff97481d037b56a29a4515d6f00acfef437beb1e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
367
expires
Thu, 24 Oct 2024 16:10:19 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=229966
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 12:10:19 GMT
content-type
image/webp
content-disposition
inline; filename="fs-snowy-showdown.webp"
vary
Accept
last-modified
Mon, 23 Sep 2024 05:52:29 GMT
cache-control
public, max-age=14400
cf-ray
8d79dcef5b4f4301-EWR
accept-ranges
bytes
content-length
36198
server
cloudflare
evo-bet-and-win-2.jpg
img.viva88athenae.com/events/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.viva88athenae.com/events/evo-bet-and-win-2.jpg
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:187a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5735f3915034641d6b79f7d852f0399808fc0463c4e43f471176dc564768aea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
367
expires
Thu, 24 Oct 2024 16:10:19 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=244129
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 12:10:19 GMT
content-type
image/webp
content-disposition
inline; filename="evo-bet-and-win-2.webp"
vary
Accept
last-modified
Mon, 30 Sep 2024 06:40:11 GMT
cache-control
public, max-age=14400
cf-ray
8d79dcef6b504301-EWR
accept-ranges
bytes
content-length
49922
server
cloudflare
sg-playandwin-aug.jpg
img.viva88athenae.com/events/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.viva88athenae.com/events/sg-playandwin-aug.jpg
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:187a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ca1c7647127d1c703f52aca88f6abd29035463b2e4818a12df8385a2f7647ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
367
expires
Thu, 24 Oct 2024 16:10:19 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=239132
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 12:10:19 GMT
content-type
image/webp
content-disposition
inline; filename="sg-playandwin-aug.webp"
vary
Accept
last-modified
Tue, 01 Oct 2024 07:02:31 GMT
cache-control
public, max-age=14400
cf-ray
8d79dcef6b514301-EWR
accept-ranges
bytes
content-length
54034
server
cloudflare
jg-money-meteor-5.jpg
img.viva88athenae.com/events/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.viva88athenae.com/events/jg-money-meteor-5.jpg
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:187a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e89524118dc567576c1abfb386ea34d352ac0c7f633d3ee1b2effc36c67e0544

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
367
expires
Thu, 24 Oct 2024 16:10:19 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=253192
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 12:10:19 GMT
content-type
image/webp
content-disposition
inline; filename="jg-money-meteor-5.webp"
vary
Accept
last-modified
Mon, 23 Sep 2024 06:43:53 GMT
cache-control
public, max-age=14400
cf-ray
8d79dcef6b524301-EWR
accept-ranges
bytes
content-length
53810
server
cloudflare
bootstrap-5.3.0.bundle.min.js
ubi138f.xyz/js/ 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ubi138f.xyz/js/bootstrap-5.3.0.bundle.min.js
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c86a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea8fe021a4ace4f6786fecc418f70b658fc2dc02d136e8fe5c6ab6b62a46d5d0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ubi138f.xyz
Referer
https://ubi138f.xyz/m/event.php

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
age
1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hna270KeXOzzAi7s4zJWCpWDjW5Srzo30Uipsy2RpKw0hk6CmHRlkk2A2S%2FrZHm9oNaN9MhE84Aet3Tl5PNkXPUHMCTWFffmQ1GfNW79XU5jp85cR9htngIu41Akrdh1SLEa%2B60zmkjG8A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d79dcee190e42db-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=52985&sent=40&recv=28&lost=0&retrans=0&sent_bytes=23657&recv_bytes=7326&delivery_rate=125587&cwnd=12000&unsent_bytes=0&cid=a6d1cbc92c9514bb&ts=847&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 24 Oct 2024 12:10:19 GMT
content-type
application/javascript
last-modified
Thu, 02 May 2024 01:34:47 GMT
vary
Accept-Encoding
priority
u=2,i=?0
fbevents.js
connect.facebook.net/en_US/ 		228 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b3cad51ca0cfdbeac9d38f7aad54e6564408f0da56a6fd56350e0d03d4f0aef9
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 12:10:19 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=79, rtx=0, c=23, mss=1232, tbw=5678, tp=10, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
LePYq6Gm8uywvvJUrcU2qXa7u9wVHArK0+1FVxVIKBfnOJ/mQRsJHJNzS28LDPM5a/Ut+zv/aWWUXxxuj3Bwgg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59508
x-xss-protection
0
origin-agent-cluster
?1
css2
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Abel&family=Oswald&family=Ubuntu:wght@400;500;700&display=swap
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0c::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d6b3a0fdc3afadc5837d843cae84a32333edb51d64e63398d0e685872b3b76ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 12:10:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 12:10:19 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 24 Oct 2024 12:04:50 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
/
public.pgsoft-games.com/events/oct/pay4d/ Frame 0E26 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://public.pgsoft-games.com/events/oct/pay4d/
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b8:6000:1e:e844:dd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
PG-178913298 /
Resource Hash

Request headers

Referer
https://ubi138f.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
30808
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=600, s-maxage=604800
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 24 Oct 2024 03:36:51 GMT
etag
W/"6719bf91-2158"
last-modified
Thu, 24 Oct 2024 03:31:29 GMT
server
PG-178913298
vary
Accept-Encoding
via
1.1 google, 1.1 983c7b4dc16774878ead1f5daf9bb81e.cloudfront.net (CloudFront)
x-amz-cf-id
nyGWjtYuGdQgPdbAnvnvBbuSyjh2Zyu69fyrIET8tdKJlNotQqsTrQ==
x-amz-cf-pop
JFK52-P9
x-cache
Hit from cloudfront
/
tipspragmaticplay.com/id/promotion/daily-wins-mega-gacor/ Frame 0A79 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tipspragmaticplay.com/id/promotion/daily-wins-mega-gacor/
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.229.75.144 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-75-144.ap-southeast-1.compute.amazonaws.com
Software
nginx / PHP/7.4.33 PleskLin
Resource Hash

Request headers

Referer
https://ubi138f.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 24 Oct 2024 12:10:20 GMT
Link
<https://pp88.asia/wp-json/>; rel="https://api.w.org/" <https://pp88.asia/wp-json/wp/v2/promotion/15233>; rel="alternate"; title="JSON"; type="application/json" <https://pp88.asia/?p=15233>; rel=shortlink
Server
nginx
Transfer-Encoding
chunked
X-Powered-By
PHP/7.4.33 PleskLin
/
fastspinpromotion.com/PAY4D_Lucky_Wheel_Exclusive/ Frame 6234 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://fastspinpromotion.com/PAY4D_Lucky_Wheel_Exclusive/?lang=id-ID
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9b8c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ubi138f.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Auth-Token,Content-Type
access-control-allow-methods
GET,HEAD,POST,PUT,DELETE,OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d79dcf13dba421d-EWR
content-encoding
br
content-type
text/html
date
Thu, 24 Oct 2024 12:10:20 GMT
last-modified
Thu, 24 Oct 2024 09:54:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GC4P5PDfxuYvz%2BURVG07C5xdfoZBFXemqtCUL%2FWHR4b5P9FqfC22ky8dJJBvt9acVWwTdPxQ2Ss6F7wSBgc5T0jeq18rVMlGv3jO50TCe8m%2BvmqLvoPrzRMVcmoN%2F%2Bs3JwAwrr7NWgsvxIHI25mmI5QtsHk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=105581&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4186&recv_bytes=4882&delivery_rate=331&cwnd=12000&unsent_bytes=0&cid=325688165963b5e6&ts=600&x=1" cfExtPri cfHdrFlush;dur=0
/
www.playstarevent.com/halloween/ Frame 73D8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.playstarevent.com/halloween/?lang=idn&currency=IDR
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.163.254.185 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-163-254-185.ap-east-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ubi138f.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 24 Oct 2024 12:10:20 GMT
ETag
W/"66f19028-2f03"
Last-Modified
Mon, 23 Sep 2024 15:58:32 GMT
Server
nginx
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
/
l22campaign.com/cash-race-october/ Frame BF5F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://l22campaign.com/cash-race-october/?lang=id
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:c031 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ubi138f.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d79dcf13fbc436c-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 24 Oct 2024 12:10:20 GMT
link
<https://l22campaign.com/wp-json/>; rel="https://api.w.org/" <https://l22campaign.com/wp-json/wp/v2/pages/21565>; rel="alternate"; title="JSON"; type="application/json" <https://l22campaign.com/?p=21565&lang=id>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nUNsZQyxtjGqIPWRzpsHYXjfwRxlYTmIILrvSSKmukxy9wg1%2Fcz88wkvVfH5g2c1SPUVgewFAiiEuW2IG1wFG6YF6OnpwU3ht4%2FNEWqkXhK5WtbXe5UUAVFy2lXAyYzNno2aNqihgs8c5hBNj%2FQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=101645&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4178&recv_bytes=4451&delivery_rate=327&cwnd=12000&unsent_bytes=0&cid=e747468f31ef3dd4&ts=632&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding,User-Agent
x-litespeed-cache
hit
x-turbo-charged-by
LiteSpeed
20241008_Dragon_ID
history.jlfafafa3.com/id-ID/event/ Frame 8137 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://history.jlfafafa3.com/id-ID/event/20241008_Dragon_ID
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.148.127 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
127.148.160.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

Referer
https://ubi138f.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
Content-Type
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache
content-encoding
br
content-length
1742
content-type
text/html
date
Thu, 24 Oct 2024 12:10:20 GMT
expires
Fri, 24 Oct 2025 12:10:20 GMT
last-modified
Thu, 24 Oct 2024 01:36:28 GMT
server
UploadServer
vary
Accept-Encoding
via
1.1 google
x-goog-generation
1729733788179078
x-goog-hash
crc32c=RT7r6Q== md5=tIG1WJxMf4UWnz/VfyWX+g==
x-goog-meta-goog-reserved-file-mtime
1729733758
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
6450
x-guploader-uploadid
AHmUCY0ybEjbHIsetcb2XzR7ItdwzPVyGzOMpTHW1xp8FfjwvaOQVxQ-748TOylwm8NMS5xPXSU
/
fastspinpromotion.com/2024_Snowy_Showdown/ Frame ECCB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://fastspinpromotion.com/2024_Snowy_Showdown/?lang=id-ID
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9b8c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ubi138f.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Auth-Token,Content-Type
access-control-allow-methods
GET,HEAD,POST,PUT,DELETE,OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d79dcf13dbc421d-EWR
content-encoding
br
content-type
text/html
date
Thu, 24 Oct 2024 12:10:20 GMT
last-modified
Thu, 24 Oct 2024 09:54:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fD6mxVldAYSdW3HfsnS%2Fgbw75l%2FeWvhlqf%2B9oFRJ1UBA6MuJHLwSBeTs38lZA%2B2Lmrmnc1EyZZ5e6qbxIIZbW3f2cCA3Nrgo%2B2tti5Gu1Y%2Be3MUrzX5vG91kq49BbFiRgcGTGqpdM1HmGdRTRpka0d1uF%2BA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=105581&sent=16&recv=11&lost=0&retrans=0&sent_bytes=6580&recv_bytes=4882&delivery_rate=331&cwnd=12000&unsent_bytes=0&cid=325688165963b5e6&ts=603&x=1" cfExtPri cfHdrFlush;dur=0
/
spade-event.com/enews/event/playandwin_August/ Frame C7C4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spade-event.com/enews/event/playandwin_August/?lang=id-ID
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:9da9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ubi138f.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Auth-Token,Content-Type
access-control-allow-methods
GET,HEAD,POST,PUT,DELETE,OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d79dcf1482c7cf3-EWR
content-encoding
br
content-type
text/html
date
Thu, 24 Oct 2024 12:10:20 GMT
last-modified
Mon, 26 Aug 2024 01:39:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YeY4O7aPKsz9%2F1OmHIocVHoB%2F1IL%2BsUxiO%2B0af8JxdxE1MXIY0iK0buqbUVOj80X5QzA4LCNcpeqlUzO6Ic2VDJRSTTBQfmxsJpkP0fVyrg65QSfW5MTDWaFVcYhKs7YGGGD6HZXfg%2B0Bm0qJg8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=96552&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4176&recv_bytes=4463&delivery_rate=345&cwnd=12000&unsent_bytes=0&cid=027a87661bcfde62&ts=620&x=1" cfExtPri cfHdrFlush;dur=0
4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abel&family=Oswald&family=Ubuntu:wght@400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ubi138f.xyz
Referer
https://fonts.googleapis.com/

Response headers

age
502504
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 16:35:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 16:35:15 GMT
last-modified
Wed, 27 Apr 2022 17:05:11 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
29752
x-xss-protection
0
server
sffe
bootstrap-icons.woff2
ubi138f.xyz/fonts/ 		118 KB
119 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ubi138f.xyz/fonts/bootstrap-icons.woff2?24e3eb84d0bcaf83d77f904c78ac1f47
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/css/bootstrap-icons.css?671a392ad16cd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c86a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
966620f9e3bec428663687f9e8d67a6b8e35d79adebf6fb204e9b139eada7599

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ubi138f.xyz
Referer
https://ubi138f.xyz/css/bootstrap-icons.css?671a392ad16cd

Response headers

cf-cache-status
HIT
age
0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BqRDUEyz4Ila5oHJ3DMvE6vY74rH283BkA6HXnGo8DNT7StVxONL%2F0e7boMW6fyxC36SFGQaRrLUI4a6Sh4QjyF1Vrnd%2B%2FErmmiV2NphTre4%2Bov9exAy5UKsQLC6zgLWQEwztN3IzQDChg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=65060&sent=181&recv=66&lost=0&retrans=0&sent_bytes=185184&recv_bytes=9673&delivery_rate=649472&cwnd=65400&unsent_bytes=0&cid=a6d1cbc92c9514bb&ts=1108&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 24 Oct 2024 12:10:19 GMT
content-type
font/woff2
last-modified
Thu, 02 May 2024 02:20:05 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d79dcefba8c42db-EWR
accept-ranges
bytes
content-length
121296
server
cloudflare
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abel&family=Oswald&family=Ubuntu:wght@400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ubi138f.xyz
Referer
https://fonts.googleapis.com/

Response headers

age
541739
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 05:41:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 05:41:20 GMT
last-modified
Wed, 27 Apr 2022 16:31:23 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
34852
x-xss-protection
0
server
sffe
4iCv6KVjbNBYlgoCjC3jsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abel&family=Oswald&family=Ubuntu:wght@400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ubi138f.xyz
Referer
https://fonts.googleapis.com/

Response headers

age
541739
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 05:41:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 05:41:20 GMT
last-modified
Wed, 27 Apr 2022 16:04:03 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
30480
x-xss-protection
0
server
sffe
734383664787258
connect.facebook.net/signals/config/ 		76 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/734383664787258?v=2.9.173&r=stable&domain=ubi138f.xyz&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
db981adb2691017070b916e8d6e7c0b2ec477fd4c69c146bc4b7570aafea4562
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 12:10:19 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=110, rtx=0, c=74, mss=1232, tbw=68846, tp=64, tpl=0, uplat=84, ullat=0
pragma
public
x-fb-debug
Om4bFtL/uBk/wTwXK4FRytJrlYZ8VE0SWrUfXq5O4yu6oqWnc9bNykp1CfYXdbdeBQVuwaUhEPoOtZJiKAY9Tw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
230208376791319
connect.facebook.net/signals/config/ 		28 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/230208376791319?v=2.9.173&r=stable&domain=ubi138f.xyz&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C200%2C199%2C201%2C206%2C207%2C208%2C204%2C196%2C132%2C134%2C163%2C195%2C197%2C122%2C157%2C145%2C151%2C189%2C190%2C129%2C232%2C116%2C126%2C127%2C233%2C165%2C119%2C235%2C166%2C136%2C123%2C154%2C148%2C114%2C128
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2bb0f150dc0708217d581cb517d8beb1b1ee0b849f2126cab33ab52fba2a91fc
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 12:10:20 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=95, rtx=0, c=86, mss=1232, tbw=85118, tp=79, tpl=0, uplat=97, ullat=0
pragma
public
x-fb-debug
m2db7ZsMec5L3SP3FWUlmUJDK9TJPy8OtQ70XNmqkG4d6fgFV4mdCwi8Knt00h6d8N7y1aDYdndCXrT9wFjH1Q==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=734383664787258&ev=PageView&dl=https%3A%2F%2Fubi138f.xyz%2Fm%2Fevent.php&rl=&if=false&ts=1729771819999&sw=1600&sh=1200&v=2.9.173&r=stable&ec=0&o=4126&fbp=fb.1.1729771819996.716333737635149207&cs_est=true&ler=empty&cdl=API_unavailable&it=1729771819802&coo=false&rqm=GET
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=10, mss=1392, tbw=2903, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 24 Oct 2024 12:10:20 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=734383664787258&ev=PageView&dl=https%3A%2F%2Fubi138f.xyz%2Fm%2Fevent.php&rl=&if=false&ts=1729771819999&sw=1600&sh=1200&v=2.9.173&r=stable&ec=0&o=4126&fbp=fb.1.1729771819996.716333737635149207&cs_est=true&ler=empty&cdl=API_unavailable&it=1729771819802&coo=false&rqm=FGET
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7429313398137311487"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 12:10:20 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
XvKHaDsa5aJheYexI/UTOw7byD3E+cyBZkenm6PfPzfegIkObsJv2ZIyoU2YpgE0HRJE1VGFHPxmvnhkMZqoHQ==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7429313398137311487", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=10, mss=1392, tbw=3220, tp=-1, tpl=-1, uplat=103, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
711084340810578
connect.facebook.net/signals/config/ 		28 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/711084340810578?v=2.9.173&r=stable&domain=ubi138f.xyz&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C200%2C199%2C201%2C206%2C207%2C208%2C204%2C196%2C132%2C134%2C163%2C195%2C197%2C122%2C157%2C145%2C151%2C189%2C190%2C129%2C232%2C116%2C126%2C127%2C233%2C165%2C119%2C235%2C166%2C136%2C123%2C154%2C148%2C114%2C128
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6a1895f9f11f1b437e4c470932d024bf61c242da80f9c7836691cbf8bf0a3a04
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 12:10:20 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=113, rtx=0, c=86, mss=1232, tbw=88670, tp=83, tpl=0, uplat=72, ullat=0
pragma
public
x-fb-debug
XvG8fAhfM+KOlL7GvC/ltoAtfcwNYWzDPFpBN4+TZxh+krZ87gukH6+lb9fdEVwnVnHG79/ehSd8RnTm9cZBMQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=230208376791319&ev=PageView&dl=https%3A%2F%2Fubi138f.xyz%2Fm%2Fevent.php&rl=&if=false&ts=1729771820284&sw=1600&sh=1200&v=2.9.173&r=stable&ec=0&o=4126&fbp=fb.1.1729771819996.716333737635149207&cs_est=true&ler=empty&cdl=API_unavailable&it=1729771819802&coo=false&rqm=GET
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=10, mss=1392, tbw=6495, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 24 Oct 2024 12:10:20 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
851 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=230208376791319&ev=PageView&dl=https%3A%2F%2Fubi138f.xyz%2Fm%2Fevent.php&rl=&if=false&ts=1729771820284&sw=1600&sh=1200&v=2.9.173&r=stable&ec=0&o=4126&fbp=fb.1.1729771819996.716333737635149207&cs_est=true&ler=empty&cdl=API_unavailable&it=1729771819802&coo=false&rqm=FGET
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7429313397637645418"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 12:10:20 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
ycVH+Jys6oN400HB3szV0F4OJEGbETtlTVCISVoZZrGN8738ONu2jlC++Rm9Q+bb5tHXYsZ+WcZ5fMRc1PdkxA==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7429313397637645418", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=14, rtx=0, c=10, mss=1392, tbw=7957, tp=-1, tpl=-1, uplat=402, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/ 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=711084340810578&ev=PageView&dl=https%3A%2F%2Fubi138f.xyz%2Fm%2Fevent.php&rl=&if=false&ts=1729771820409&sw=1600&sh=1200&v=2.9.173&r=stable&ec=0&o=4126&fbp=fb.1.1729771819996.716333737635149207&cs_est=true&ler=empty&cdl=API_unavailable&it=1729771819802&coo=false&rqm=GET
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=10, mss=1392, tbw=6676, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 24 Oct 2024 12:10:20 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=711084340810578&ev=PageView&dl=https%3A%2F%2Fubi138f.xyz%2Fm%2Fevent.php&rl=&if=false&ts=1729771820409&sw=1600&sh=1200&v=2.9.173&r=stable&ec=0&o=4126&fbp=fb.1.1729771819996.716333737635149207&cs_est=true&ler=empty&cdl=API_unavailable&it=1729771819802&coo=false&rqm=FGET
Requested by
Host: ubi138f.xyz
URL: https://ubi138f.xyz/m/event.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ubi138f.xyz/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7429313398277404857"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 12:10:20 GMT
content-type
image/png
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7429313398277404857", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-debug
MOPXuJt4AwKnPREbLyqJrfbXWASBPsEDQCXhPXbxxfvvK3K1lYJAAliREKXdUs53erlM2vGQTPI2bCEU007KxQ==
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=12, rtx=0, c=10, mss=1392, tbw=6857, tp=-1, tpl=-1, uplat=40, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 function| fbq function| _fbq function| $ function| jQuery number| uidEvent object| bootstrap

3 Cookies

Domain/Path Name / Value
ubi138f.xyz/ Name: PHPSESSID
Value: k776v7697n42cs5i6ln8oh9hv2
.viva88athenae.com/ Name: __cf_bm
Value: rKIkFbj8.FGJMuqp1TkmfiDBnFhnEmabrlnPhGd5Oew-1729771819-1.0.1.1-ECK8CsTb2cp7XndxtedxDV0g9bnERu3H68maQpMKMab2TrfENRqUgU3nzhrehefnPudcIh1G4WnaYXSuPbb06g
.ubi138f.xyz/ Name: _fbp
Value: fb.1.1729771819996.716333737635149207

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options Deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
connect.facebook.net
fastspinpromotion.com
fonts.googleapis.com
fonts.gstatic.com
history.jlfafafa3.com
img.viva88athenae.com
l22campaign.com
public.pgsoft-games.com
spade-event.com
tipspragmaticplay.com
ubi138f.xyz
www.facebook.com
www.playstarevent.com
13.229.75.144
18.163.254.185
2600:9000:21b8:6000:1e:e844:dd80:93a1
2606:4700:3031::ac43:c86a
2606:4700:3032::ac43:9da9
2606:4700:3035::ac43:c031
2606:4700:3037::ac43:9b8c
2606:4700::6812:187a
2607:f8b0:4004:c08::5e
2607:f8b0:400d:c0c::5f
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
2a04:4e42:200::649
34.160.148.127
0b77d1d50fd05f47563713df4e3afed4eba65e880fc43526127878a1dd4d5fb5
0d45af6dd72282092f374a0f0da9fc1443188ce7e240691fd7fc1f67c240f430
0f817d7b4aadd703ea57396c3f1685191732c485c17dc8ad2ded2e3784190d56
0fd11548aac8462b85e0284dc7cdaa5b7cf1a4f0bd67cc150b192f24f1a7f509
100e5efe4f8a98327c14ef5d83042b6315e3aa470be2e27ccc895ebb08eb9153
16ee7f3d53462650bbd32e263c48c0ea759574fcf620c681ad719008912c461a
17c43115fcfb13a6fa495d2b646f7a7ada98d63d109836d2418c969fb0cf065d
2bb0f150dc0708217d581cb517d8beb1b1ee0b849f2126cab33ab52fba2a91fc
2e441a89d1edfe9310678b5200484dcec9aa8eb75113299ee4cdc87bf26dac6d
2ea036465204d45d54f2c0b531bb5b2bb834c2886498bd797f9a8e6f71652638
3195a8da02d4210642478c1e38bb21efbe4cab864828121b300e2a1de1127709
3514d1e3395984844f27bb93818db861b3934ccb7ca2844b1b82a43633d25cb5
4023733daff6bbff4dbe6ac833e325b8e46b177030c9a4919fd87c72e6df9db9
5004f05cb953afa9431a92ec8741cfa4bec9b85869f323ba8a5f60e0beb1c1e6
5ca1c7647127d1c703f52aca88f6abd29035463b2e4818a12df8385a2f7647ce
5cc7501c076aedb827481031b0d1e75973d193ddee920c5b42516dbb3d79092b
601049c1e12ec85c8abb6ba96a51cd5795373bc61a05664bed69983f2fd7dda5
6a1895f9f11f1b437e4c470932d024bf61c242da80f9c7836691cbf8bf0a3a04
6bd8c1051ca05f5061e65b7c1998d70f3c8e07e6d6bdef4488eeed44e52d8ff1
737201c246a61da7366a637c023d04acf451f35949e250bc86d55ca386c81317
7aa3bf8373bf81c320f612e1e4f74391c7a3ec04463447da5c1bc6eedf952d76
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
91353551e36403d47f54f45e0e55f00991d744d099a215e49b85c0023af24803
966620f9e3bec428663687f9e8d67a6b8e35d79adebf6fb204e9b139eada7599
a06f5509e0ed17a2901ee5d71717a549f53e66dbec7607e3944cb418c60688c5
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b3cad51ca0cfdbeac9d38f7aad54e6564408f0da56a6fd56350e0d03d4f0aef9
b5e675ceb9028c51471e113266009e808b544e73d41fdc619317e98629ef85ed
c5735f3915034641d6b79f7d852f0399808fc0463c4e43f471176dc564768aea
cb17f19cc1832712257fdb2da40da710d9b439358afbf34741c4679f69d67002
d6b3a0fdc3afadc5837d843cae84a32333edb51d64e63398d0e685872b3b76ff
db981adb2691017070b916e8d6e7c0b2ec477fd4c69c146bc4b7570aafea4562
def6cdc4916ce9b9b2c47692138560782cb330f9aee6894243988858624180db
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e728c8e7f3207dffdf6c074ff97481d037b56a29a4515d6f00acfef437beb1e5
e89524118dc567576c1abfb386ea34d352ac0c7f633d3ee1b2effc36c67e0544
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
ea8fe021a4ace4f6786fecc418f70b658fc2dc02d136e8fe5c6ab6b62a46d5d0