www.g500on.cfd.unogg168.web.id Open in urlscan Pro
103.140.90.101 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.g500on.cfd.unogg168.web.id/
Effective URL:
http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Submission: On December 16 via api (December 16th 2024, 10:17:54 am UTC) from US — Scanned from DE

Summary HTTP 330 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 20 IPs in 6 countries across 22 domains to perform 330 HTTP transactions. The main IP is 103.140.90.101, located in Indonesia and belongs to IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID. The main domain is www.g500on.cfd.unogg168.web.id.

This is the only time www.g500on.cfd.unogg168.web.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
83	103.140.90.101 103.140.90.101	138876 (IDNIC-SAR...) (IDNIC-SARANAINDO-AS-ID CV. Saranaindo)
2	151.101.129.229 151.101.129.229	54113 (FASTLY) (FASTLY)
1	172.217.18.10 172.217.18.10	15169 (GOOGLE) (GOOGLE)
1	142.250.184.232 142.250.184.232	15169 (GOOGLE) (GOOGLE)
60	172.64.144.224 172.64.144.224	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	103.148.239.44 103.148.239.44	132337 (ANSPL-AS-...) (ANSPL-AS-AP Axclusive)
54	104.18.31.132 104.18.31.132	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	163.181.92.234 163.181.92.234	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
12	172.67.74.173 172.67.74.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.67.72.210 172.67.72.210	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
3	18.66.107.128 18.66.107.128	16509 (AMAZON-02) (AMAZON-02)
12 12	18.66.107.155 18.66.107.155	16509 (AMAZON-02) (AMAZON-02)
12	172.67.74.73 172.67.74.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.27.202.89 104.27.202.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.18.14 172.217.18.14	15169 (GOOGLE) (GOOGLE)
5	157.240.251.35 157.240.251.35	32934 (FACEBOOK) (FACEBOOK)
1	2.16.1.243 2.16.1.243	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2	95.101.111.159 95.101.111.159	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
330	20

83 103.140.90.101 (Indonesia)

ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID)

www.g500on.cfd.unogg168.web.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g500on.cfd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f10.1e100.net

media.tenor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 172.64.144.224 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

img.viva88athenae.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

api-egame-staging.sgplay.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
game.thbinn.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jp-api2.namesvr.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 103.148.239.44 (Singapore)

ASN132337 (ANSPL-AS-AP Axclusive, SG)

img.qiangmingbao.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 104.18.31.132 (None, )

ASN13335 (CLOUDFLARENET, US)

file.32828a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 163.181.92.234 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

dlntdk2it99.anhuidingyue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.67.74.173 (United States)

ASN13335 (CLOUDFLARENET, US)

gsmd.336699bet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.72.210 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.icon-icons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.107.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-107-128.fra56.r.cloudfront.net

d2rzzcn1jnr24x.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.66.107.155 (United States) 12 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-107-155.fra56.r.cloudfront.net

d1bnhxh1olb98c.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.67.74.73 (United States)

ASN13335 (CLOUDFLARENET, US)

nx1.cdn2go.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.27.202.89 (None, )

ASN13335 (CLOUDFLARENET, US)

nx-cdn.trgwl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 157.240.251.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.1.243 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-16-1-243.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.111.159 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a95-101-111-159.deploy.static.akamaitechnologies.com

api.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	viva88athenae.com img.viva88athenae.com — Cisco Umbrella Rank: 28344	1 MB
55	unogg168.web.id www.g500on.cfd.unogg168.web.id	747 KB
54	32828a.com file.32828a.com — Cisco Umbrella Rank: 829172	3 MB
28	g500on.cfd g500on.cfd	35 KB
15	cloudfront.net 12 redirects d2rzzcn1jnr24x.cloudfront.net d1bnhxh1olb98c.cloudfront.net	20 KB
12	cdn2go.net nx1.cdn2go.net	313 KB
12	336699bet.com gsmd.336699bet.com	740 KB
12	thbinn.online game.thbinn.online	144 KB
12	anhuidingyue.com dlntdk2it99.anhuidingyue.com — Cisco Umbrella Rank: 171573	186 KB
12	qiangmingbao.net img.qiangmingbao.net	485 KB
12	sgplay.net api-egame-staging.sgplay.net	193 KB
6	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	95 KB
5	namesvr.dev jp-api2.namesvr.dev — Cisco Umbrella Rank: 46380	1 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	615 B
3	livechatinc.com cdn.livechatinc.com — Cisco Umbrella Rank: 6260 api.livechatinc.com — Cisco Umbrella Rank: 5777	30 KB
3	icon-icons.com cdn.icon-icons.com — Cisco Umbrella Rank: 177542	242 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	24 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36
1	trgwl.com nx-cdn.trgwl.com — Cisco Umbrella Rank: 971031	6 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	103 KB
1	tenor.com media.tenor.com — Cisco Umbrella Rank: 5619	2 MB
0	ppprrp.com Failed line.ppprrp.com Failed
330	22

	Domain	Requested by
60	img.viva88athenae.com	www.g500on.cfd.unogg168.web.id
55	www.g500on.cfd.unogg168.web.id	www.g500on.cfd.unogg168.web.id
54	file.32828a.com	www.g500on.cfd.unogg168.web.id
28	g500on.cfd	www.g500on.cfd.unogg168.web.id
12	nx1.cdn2go.net	www.g500on.cfd.unogg168.web.id
12	d1bnhxh1olb98c.cloudfront.net	12 redirects
12	gsmd.336699bet.com	www.g500on.cfd.unogg168.web.id
12	game.thbinn.online	www.g500on.cfd.unogg168.web.id
12	dlntdk2it99.anhuidingyue.com	www.g500on.cfd.unogg168.web.id
12	img.qiangmingbao.net	www.g500on.cfd.unogg168.web.id
12	api-egame-staging.sgplay.net	www.g500on.cfd.unogg168.web.id
6	connect.facebook.net	www.g500on.cfd.unogg168.web.id connect.facebook.net
5	jp-api2.namesvr.dev	www.g500on.cfd.unogg168.web.id
5	www.facebook.com	www.g500on.cfd.unogg168.web.id
3	d2rzzcn1jnr24x.cloudfront.net	www.g500on.cfd.unogg168.web.id
3	cdn.icon-icons.com	www.g500on.cfd.unogg168.web.id
2	api.livechatinc.com	cdn.livechatinc.com
2	cdn.jsdelivr.net	www.g500on.cfd.unogg168.web.id
1	cdn.livechatinc.com	www.g500on.cfd.unogg168.web.id
1	www.google-analytics.com	www.googletagmanager.com
1	nx-cdn.trgwl.com	www.g500on.cfd.unogg168.web.id
1	www.googletagmanager.com	www.g500on.cfd.unogg168.web.id
1	media.tenor.com	www.g500on.cfd.unogg168.web.id
0	line.ppprrp.com Failed	www.g500on.cfd.unogg168.web.id
330	24

This site contains links to these domains. Also see Links.

Domain
api.whatsapp.com
secure.livechatinc.com
byon88.com
ambengine.com

Subject Issuer	Validity	Valid
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
c.tenor.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
img.viva88athenae.com E6	`2024-10-22` - `2025-01-20`	3 months	crt.sh
dl.changxingwnet.com R11	`2024-11-27` - `2025-02-25`	3 months	crt.sh
*.anhuidingyue.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-17` - `2025-02-05`	a year	crt.sh
game.thbinn.online WE1	`2024-12-11` - `2025-03-11`	3 months	crt.sh
336699bet.com WE1	`2024-11-14` - `2025-02-12`	3 months	crt.sh
32828a.com WE1	`2024-11-23` - `2025-02-21`	3 months	crt.sh
icon-icons.com WE1	`2024-12-12` - `2025-03-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-24` - `2024-12-23`	3 months	crt.sh
g500on.cfd.unogg168.web.id R11	`2024-12-14` - `2025-03-14`	3 months	crt.sh
namesvr.dev WE1	`2024-11-05` - `2025-02-03`	3 months	crt.sh
livechat.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-10` - `2025-07-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Frame ID: F798329C0C395A8E0F5F5EF5204BB427
Requests: 328 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

G500VIP

Page URL History Show full URLs

http://www.g500on.cfd.unogg168.web.id/ HTTP 307
https://www.g500on.cfd.unogg168.web.id/ HTTP 307
http://www.g500on.cfd.unogg168.web.id/ Page URL
http://www.g500on.cfd.unogg168.web.id/dekstop/index.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

cdn\.livechatinc\.com/.*tracking\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+?href="[^"]+sweetalert2(?:\.min)?\.css
/npm/sweetalert2@([\d.]+)

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

330
Requests

62 %
HTTPS

0 %
IPv6

22
Domains

24
Subdomains

20
IPs

6
Countries

8988 kB
Transfer

16345 kB
Size

6
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://api.whatsapp.com/send?phone=+27730986086

Search URL Search Domain Scan URL

URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=18722469

Search URL Search Domain Scan URL

URL: https://byon88.com/
Title: BYON88

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=
Title: +6287837195965

Search URL Search Domain Scan URL

URL: https://ambengine.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.g500on.cfd.unogg168.web.id/ HTTP 307
https://www.g500on.cfd.unogg168.web.id/ HTTP 307
http://www.g500on.cfd.unogg168.web.id/ Page URL
http://www.g500on.cfd.unogg168.web.id/dekstop/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.g500on.cfd.unogg168.web.id/ HTTP 307
https://www.g500on.cfd.unogg168.web.id/ HTTP 307
http://www.g500on.cfd.unogg168.web.id/

Request Chain 36

http://api-egame-staging.sgplay.net/thumbnail/S-DW01.jpg HTTP 307
https://api-egame-staging.sgplay.net/thumbnail/S-DW01.jpg

Request Chain 37

http://api-egame-staging.sgplay.net/thumbnail/S-LK03.jpg HTTP 307
https://api-egame-staging.sgplay.net/thumbnail/S-LK03.jpg

Request Chain 38

http://api-egame-staging.sgplay.net/thumbnail/S-RH02.jpg HTTP 307
https://api-egame-staging.sgplay.net/thumbnail/S-RH02.jpg

Request Chain 39

http://api-egame-staging.sgplay.net/thumbnail/S-RK02.jpg HTTP 307
https://api-egame-staging.sgplay.net/thumbnail/S-RK02.jpg

Request Chain 40

http://api-egame-staging.sgplay.net/thumbnail/S-CG02.jpg HTTP 307
https://api-egame-staging.sgplay.net/thumbnail/S-CG02.jpg

Request Chain 41

http://api-egame-staging.sgplay.net/thumbnail/S-PW03.jpg HTTP 307
https://api-egame-staging.sgplay.net/thumbnail/S-PW03.jpg

Request Chain 48

http://file.32828a.com/images/MD/MP/en-US/SMG_almightyZeusWilds.png HTTP 307
https://file.32828a.com/images/MD/MP/en-US/SMG_almightyZeusWilds.png

Request Chain 49

http://file.32828a.com/images/MD/MP/en-US/SMG_crazyRichTigers.png HTTP 307
https://file.32828a.com/images/MD/MP/en-US/SMG_crazyRichTigers.png

Request Chain 50

http://file.32828a.com/images/MD/MP/en-US/SMG_chroniclesOfOlympusIIZeus.png HTTP 307
https://file.32828a.com/images/MD/MP/en-US/SMG_chroniclesOfOlympusIIZeus.png

Request Chain 51

http://file.32828a.com/images/MD/MP/en-US/SMG_fireAndRosesJollyJoker.png HTTP 307
https://file.32828a.com/images/MD/MP/en-US/SMG_fireAndRosesJollyJoker.png

Request Chain 52

http://file.32828a.com/images/MD/MP/en-US/SMG_goldBlitzExtreme.png HTTP 307
https://file.32828a.com/images/MD/MP/en-US/SMG_goldBlitzExtreme.png

Request Chain 53

http://file.32828a.com/images/MD/MP/en-US/SMG_miningPotsOfGold.png HTTP 307
https://file.32828a.com/images/MD/MP/en-US/SMG_miningPotsOfGold.png

Request Chain 151

http://api-egame-staging.sgplay.net/thumbnail/S-DW01.jpg HTTP 307
https://api-egame-staging.sgplay.net/thumbnail/S-DW01.jpg

Request Chain 152

http://api-egame-staging.sgplay.net/thumbnail/S-LK03.jpg HTTP 307
https://api-egame-staging.sgplay.net/thumbnail/S-LK03.jpg

Request Chain 153

http://api-egame-staging.sgplay.net/thumbnail/S-RH02.jpg HTTP 307
https://api-egame-staging.sgplay.net/thumbnail/S-RH02.jpg

Request Chain 154

http://api-egame-staging.sgplay.net/thumbnail/S-RK02.jpg HTTP 307
https://api-egame-staging.sgplay.net/thumbnail/S-RK02.jpg

Request Chain 155

http://api-egame-staging.sgplay.net/thumbnail/S-CG02.jpg HTTP 307
https://api-egame-staging.sgplay.net/thumbnail/S-CG02.jpg

Request Chain 156

http://api-egame-staging.sgplay.net/thumbnail/S-PW03.jpg HTTP 307
https://api-egame-staging.sgplay.net/thumbnail/S-PW03.jpg

Request Chain 163

http://file.32828a.com/images/MD/MP/en-US/SMG_almightyZeusWilds.png HTTP 307
https://file.32828a.com/images/MD/MP/en-US/SMG_almightyZeusWilds.png

Request Chain 164

http://file.32828a.com/images/MD/MP/en-US/SMG_crazyRichTigers.png HTTP 307
https://file.32828a.com/images/MD/MP/en-US/SMG_crazyRichTigers.png

Request Chain 165

http://file.32828a.com/images/MD/MP/en-US/SMG_chroniclesOfOlympusIIZeus.png HTTP 307
https://file.32828a.com/images/MD/MP/en-US/SMG_chroniclesOfOlympusIIZeus.png

Request Chain 166

http://file.32828a.com/images/MD/MP/en-US/SMG_fireAndRosesJollyJoker.png HTTP 307
https://file.32828a.com/images/MD/MP/en-US/SMG_fireAndRosesJollyJoker.png

Request Chain 167

http://file.32828a.com/images/MD/MP/en-US/SMG_goldBlitzExtreme.png HTTP 307
https://file.32828a.com/images/MD/MP/en-US/SMG_goldBlitzExtreme.png

Request Chain 168

http://file.32828a.com/images/MD/MP/en-US/SMG_miningPotsOfGold.png HTTP 307
https://file.32828a.com/images/MD/MP/en-US/SMG_miningPotsOfGold.png

Request Chain 216

http://d1bnhxh1olb98c.cloudfront.net/Images/nexus-alpha/dark-green/desktop/layout/icon-sprite.png?v=20240326-2 HTTP 301
https://nx1.cdn2go.net/Images/nexus-alpha/dark-green/desktop/layout/icon-sprite.png

Request Chain 217

http://d1bnhxh1olb98c.cloudfront.net/Images/nexus-alpha/dark-green/desktop/home/numbers.png?v=20240326-2 HTTP 301
https://nx1.cdn2go.net/Images/nexus-alpha/dark-green/desktop/home/numbers.png

Request Chain 218

http://d1bnhxh1olb98c.cloudfront.net/Images/nexus-alpha/dark-green/desktop/jackpot/trophy.png?v=20240326-2 HTTP 301
https://nx1.cdn2go.net/Images/nexus-alpha/dark-green/desktop/jackpot/trophy.png

Request Chain 226

http://d1bnhxh1olb98c.cloudfront.net/Images/nexus-alpha/dark-green/desktop/home/singapore-pools.webp?v=20240326-2 HTTP 301
https://nx1.cdn2go.net/Images/nexus-alpha/dark-green/desktop/home/singapore-pools.webp

Request Chain 227

http://d1bnhxh1olb98c.cloudfront.net/Images/providers/PP/vs20olympx.webp?v=20240326-2 HTTP 301
https://nx1.cdn2go.net/Images/providers/PP/vs20olympx.webp

Request Chain 228

http://d1bnhxh1olb98c.cloudfront.net/Images/providers/PP/vs20bnnzdice.webp?v=20240326-2 HTTP 301
https://nx1.cdn2go.net/Images/providers/PP/vs20bnnzdice.webp

Request Chain 229

http://d1bnhxh1olb98c.cloudfront.net/Images/providers/PP/vs20starlight.webp?v=20240326-2 HTTP 301
https://nx1.cdn2go.net/Images/providers/PP/vs20starlight.webp

Request Chain 230

http://d1bnhxh1olb98c.cloudfront.net/Images/providers/PP/vs20gatotx.webp?v=20240326-2 HTTP 301
https://nx1.cdn2go.net/Images/providers/PP/vs20gatotx.webp

Request Chain 231

http://d1bnhxh1olb98c.cloudfront.net/Images/providers/PP/vs20olympgate.webp?v=20240326-2 HTTP 301
https://nx1.cdn2go.net/Images/providers/PP/vs20olympgate.webp

Request Chain 232

http://d1bnhxh1olb98c.cloudfront.net/Images/providers/PP/vs20sugarrushx.webp?v=20240326-2 HTTP 301
https://nx1.cdn2go.net/Images/providers/PP/vs20sugarrushx.webp

Request Chain 233

http://d1bnhxh1olb98c.cloudfront.net/Images/nexus-alpha/dark-green/desktop/home/arcade-link.webp?v=20240326-2 HTTP 301
https://nx1.cdn2go.net/Images/nexus-alpha/dark-green/desktop/home/arcade-link.webp

Request Chain 272

http://nx-cdn.trgwl.com/Images/nexus-alpha/red/desktop/layout/icon-sprite.png?v=20231212-1 HTTP 307
https://nx-cdn.trgwl.com/Images/nexus-alpha/red/desktop/layout/icon-sprite.png?v=20231212-1

Request Chain 286

http://d1bnhxh1olb98c.cloudfront.net/Images/nexus-alpha/dark-green/desktop/home/slots/animations/PP.webp?v=20240326-2 HTTP 301
https://nx1.cdn2go.net/Images/nexus-alpha/dark-green/desktop/home/slots/animations/PP.webp

330 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/
www.g500on.cfd.unogg168.web.id/
Redirect Chain

http://www.g500on.cfd.unogg168.web.id/
https://www.g500on.cfd.unogg168.web.id/
http://www.g500on.cfd.unogg168.web.id/

2 KB
1 KB

367ms
367ms

Document
text/html

103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.g500on.cfd.unogg168.web.id/
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 771
content-type: text/html; charset=UTF-8
date: Mon, 16 Dec 2024 10:17:32 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
vary: Accept-Encoding

Redirect headers

Location: http://www.g500on.cfd.unogg168.web.id/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK Primary Request index.php Show response
www.g500on.cfd.unogg168.web.id/dekstop/ 423 KB
34 KB 1774ms
1773ms Document
text/html 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: b8e4af26282183ff711a3df3f082b20122f55012424022a46d706e969e51e8fa

Request headers

Referer: http://www.g500on.cfd.unogg168.web.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 16 Dec 2024 10:17:34 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
transfer-encoding: chunked
vary: Accept-Encoding

GET
H/1.1 200
OK digital_sans_ef_medium.woff2
www.g500on.cfd.unogg168.web.id/dekstop/fonts/ 19 KB
19 KB 2329ms
831ms Font
font/woff2 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/fonts/digital_sans_ef_medium.woff2
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 3815eba1b61f8c9bc806b74b1c58330e07fd1e5f4c31b13785348e0a6ce4c03d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: http://www.g500on.cfd.unogg168.web.id
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: public, max-age=604800
Connection: Keep-Alive
expires: Mon, 23 Dec 2024 10:17:36 GMT
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 18996
date: Mon, 16 Dec 2024 10:17:36 GMT
content-type: font/woff2
last-modified: Thu, 10 Oct 2024 07:53:20 GMT

GET
H/1.1 200
OK advanced_dot_digital7.woff2
www.g500on.cfd.unogg168.web.id/dekstop/fonts/ 7 KB
7 KB 2934ms
1268ms Font
font/woff2 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/fonts/advanced_dot_digital7.woff2
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 6859917f17c0b4ccd4e0f7944f49bc9b2968fb61a4593428cfd176613922f81b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: http://www.g500on.cfd.unogg168.web.id
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: public, max-age=604800
Connection: Keep-Alive
expires: Mon, 23 Dec 2024 10:17:37 GMT
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 7348
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: font/woff2
last-modified: Thu, 10 Oct 2024 07:53:22 GMT

GET
H/1.1 200
OK dekstop.css
www.g500on.cfd.unogg168.web.id/dekstop/Content/ 230 KB
41 KB 1051ms
1038ms Stylesheet
text/css 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/Content/dekstop.css
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: b517a438763c94ee49f6cd2164754137b4131999a48d5ea40a28f328195d4bae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
Connection: Keep-Alive
expires: Mon, 23 Dec 2024 10:17:35 GMT
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 41422
date: Mon, 16 Dec 2024 10:17:35 GMT
content-type: text/css
last-modified: Tue, 29 Oct 2024 01:50:48 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK dekstop.css
www.g500on.cfd.unogg168.web.id/dekstop/Content/Home/ 18 KB
4 KB 1054ms
1041ms Stylesheet
text/css 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/Content/Home/dekstop.css
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: a4e9ed35971a5a6f28747146723405072f7958131afab41b8f77189879eb11a2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
Connection: Keep-Alive
expires: Mon, 23 Dec 2024 10:17:35 GMT
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 3659
date: Mon, 16 Dec 2024 10:17:35 GMT
content-type: text/css
last-modified: Tue, 29 Oct 2024 02:09:50 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK dekstop.css
www.g500on.cfd.unogg168.web.id/dekstop/Content/Theme/ 39 KB
8 KB 1678ms
1665ms Stylesheet
text/css 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/Content/Theme/dekstop.css
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 88bd896be0a8ef0dd374f874cd4b1ca7ca9fc9beee4266c050ea9389a96ff0cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
Connection: Keep-Alive
expires: Mon, 23 Dec 2024 10:17:35 GMT
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 7342
date: Mon, 16 Dec 2024 10:17:35 GMT
content-type: text/css
last-modified: Tue, 29 Oct 2024 01:47:41 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK dekstop.css
www.g500on.cfd.unogg168.web.id/dekstop/Content/Slots/ 4 KB
1 KB 1068ms
1056ms Stylesheet
text/css 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/Content/Slots/dekstop.css
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 1778a457a85c1e05e1a4906b5229bb42fb5471719652ceee81c34ff5c5010877

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
Connection: Keep-Alive
expires: Mon, 23 Dec 2024 10:17:35 GMT
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1108
date: Mon, 16 Dec 2024 10:17:35 GMT
content-type: text/css
last-modified: Tue, 29 Oct 2024 02:51:47 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK profil.css
www.g500on.cfd.unogg168.web.id/dekstop/Content/Profile/ 5 KB
1 KB 1781ms
1768ms Stylesheet
text/css 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/Content/Profile/profil.css
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: a068e514fcff1a17cffbcaf54b1fac203ba9069f85e16e62da4abefee2a74460

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
Connection: Keep-Alive
expires: Mon, 23 Dec 2024 10:17:36 GMT
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1085
date: Mon, 16 Dec 2024 10:17:36 GMT
content-type: text/css
last-modified: Thu, 10 Oct 2024 07:53:18 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK deposit.css
www.g500on.cfd.unogg168.web.id/dekstop/Content/deposit/ 13 KB
3 KB 1031ms
702ms Stylesheet
text/css 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/Content/deposit/deposit.css
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 5a4b44f8323120e842da25e1c427d854f1288e75ea376cebfb7f81972c034209

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
Connection: Keep-Alive
expires: Mon, 23 Dec 2024 10:17:35 GMT
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 2365
date: Mon, 16 Dec 2024 10:17:35 GMT
content-type: text/css
last-modified: Thu, 10 Oct 2024 07:53:14 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK withdraw.css
www.g500on.cfd.unogg168.web.id/dekstop/Content/withdraw/ 9 KB
2 KB 1947ms
914ms Stylesheet
text/css 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/Content/withdraw/withdraw.css
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 220ff94f3bd512dfe3f4bbb44f7677067083e13680812b20f565b04359968a01

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
Connection: Keep-Alive
expires: Mon, 23 Dec 2024 10:17:36 GMT
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1932
date: Mon, 16 Dec 2024 10:17:36 GMT
content-type: text/css
last-modified: Thu, 10 Oct 2024 07:53:20 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK dekstop.css
www.g500on.cfd.unogg168.web.id/dekstop/Content/Promosi/ 4 KB
1 KB 1447ms
378ms Stylesheet
text/css 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/Content/Promosi/dekstop.css
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 9f1c9ffe5cdbba38a6790ba005d9d5c44aababef888407fe45f07f331ed36d53

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
Connection: Keep-Alive
expires: Mon, 23 Dec 2024 10:17:35 GMT
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 880
date: Mon, 16 Dec 2024 10:17:35 GMT
content-type: text/css
last-modified: Thu, 10 Oct 2024 07:53:16 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK dekstop.css
www.g500on.cfd.unogg168.web.id/dekstop/Content/Refferal/ 8 KB
2 KB 1495ms
407ms Stylesheet
text/css 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/Content/Refferal/dekstop.css
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 22f50308aeab20fc9a99de9f24614a4019e2547bc0ab3835cd6de47c682e2b9d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
Connection: Keep-Alive
expires: Mon, 23 Dec 2024 10:17:36 GMT
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1527
date: Mon, 16 Dec 2024 10:17:36 GMT
content-type: text/css
last-modified: Thu, 10 Oct 2024 07:53:16 GMT
vary: Accept-Encoding

GET
H2 200 sweetalert2.min.css
cdn.jsdelivr.net/npm/sweetalert2@7.12.15/dist/ 30 KB
5 KB 645ms
92ms Stylesheet
text/css 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@7.12.15/dist/sweetalert2.min.css

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5fbdef4b06a2f251d6b53984888d52b3d0029c6d5ee2cf64939afd46fd2baea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"76d6-33G4w3Zqq+4Nu2jc7Tz4YPSbOyg"
age: 983607
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Mon, 16 Dec 2024 10:17:35 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230038-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4831
x-jsd-version: 7.12.15

GET
H/1.1 200
OK input.css
www.g500on.cfd.unogg168.web.id/dekstop/Content/ 6 KB
2 KB 2255ms
805ms Stylesheet
text/css 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/Content/input.css
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 3dd56684d034815f21c90c8839d7ad1e7c42e890ce658a2559fc32ee7e6d7094

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
Connection: Keep-Alive
expires: Mon, 23 Dec 2024 10:17:36 GMT
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1664
date: Mon, 16 Dec 2024 10:17:36 GMT
content-type: text/css
last-modified: Thu, 10 Oct 2024 07:53:10 GMT
vary: Accept-Encoding

GET
H2 200 sweetalert2@11 Show response
cdn.jsdelivr.net/npm/ 70 KB
18 KB 645ms
93ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@11

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f2195a38a669d5ae41085e14e5260444b12685eaf30f154775dc757554cab7e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"1199f-P4G4uH9foG7iI+wWJ9Q0lEsGA2I"
age: 32929
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Mon, 16 Dec 2024 10:17:35 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230038-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18689
x-jsd-version: 11.15.0

GET
H2 200 jawaraliga-jawara-liga.gif
media.tenor.com/MD0Y0ZpGkaIAAAAi/ 2 MB
2 MB 681ms
74ms Image
image/gif 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.tenor.com/MD0Y0ZpGkaIAAAAi/jawaraliga-jawara-liga.gif

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f10.1e100.net

Software

sffe /

Resource Hash

da43eb7f461c7c6a0d8cca2812388191f25c5e2a0f236274fc1bab58e69f198c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

age: 37452
report-to: {"group":"media-tenor-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-tenor-team"}]}
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 23:53:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 23:53:25 GMT
last-modified: Mon, 31 Jul 2023 11:09:58 GMT
content-type: image/gif
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-tenor-team
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="media-tenor-team"
content-length: 1845330
x-xss-protection: 0
server: sffe

GET
H/1.1 404
Not Found whatsapp.gif
www.g500on.cfd.unogg168.web.id/img/ 708 B
708 B 773ms
742ms Image
text/html 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.g500on.cfd.unogg168.web.id/img/whatsapp.gif
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=100
content-length: 708
pragma: no-cache
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: text/html
Connection: Keep-Alive

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 300 KB
103 KB 720ms
121ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DEMR8X28X3

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

14e4667fa31cc868619538a099a3d7399b9dcdbc5db99a19e5a56a38db81946c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 16 Dec 2024 10:17:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 104658
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 vs20olympgate.png
img.viva88athenae.com/pp/images/ 56 KB
56 KB 702ms
146ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/pp/images/vs20olympgate.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7ab9c9a9999d06d05341d75f6f1b8e6f5e41c0becb44957ce917ef3485622c2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decabfcfee463-OTP
expires: Mon, 16 Dec 2024 14:17:35 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=69541
alt-svc: h3=":443"; ma=86400
content-length: 57206
date: Mon, 16 Dec 2024 10:17:35 GMT
content-type: image/webp
content-disposition: inline; filename="vs20olympgate.webp"
vary: Accept
last-modified: Fri, 06 Oct 2023 04:58:39 GMT

GET
H2 200 vs20olympx.png
img.viva88athenae.com/pp/images/ 67 KB
67 KB 847ms
291ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/pp/images/vs20olympx.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acf935748f02b0d97aa902f5e319c42a7318b6aee5f6d2b3a0b91de533c76107

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decabfcfde463-OTP
expires: Mon, 16 Dec 2024 14:17:35 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=95303
alt-svc: h3=":443"; ma=86400
content-length: 68522
date: Mon, 16 Dec 2024 10:17:35 GMT
content-type: image/webp
content-disposition: inline; filename="vs20olympx.webp"
vary: Accept
last-modified: Wed, 04 Dec 2024 05:56:12 GMT

GET
H2 200 vs20sugarrush.png
img.viva88athenae.com/pp/images/ 64 KB
65 KB 114ms
113ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/pp/images/vs20sugarrush.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a190432e0e3a321ab8cf5d7f501c5b383fefe28c106635723ebf6f5fcf46b3f3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decae1ed6e463-OTP
expires: Mon, 16 Dec 2024 14:17:35 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=78806
alt-svc: h3=":443"; ma=86400
content-length: 65918
date: Mon, 16 Dec 2024 10:17:35 GMT
content-type: image/webp
content-disposition: inline; filename="vs20sugarrush.webp"
vary: Accept
last-modified: Tue, 09 Jan 2024 04:24:15 GMT

GET
H2 200 vswayslions.png
img.viva88athenae.com/pp/images/ 29 KB
29 KB 146ms
146ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/pp/images/vswayslions.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ae511e09295907e7399387c5edb476c424d3778daa280ed39e4327ef030470c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decae1ed8e463-OTP
expires: Mon, 16 Dec 2024 14:17:35 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=30538
alt-svc: h3=":443"; ma=86400
content-length: 29840
date: Mon, 16 Dec 2024 10:17:35 GMT
content-type: image/webp
content-disposition: inline; filename="vswayslions.webp"
vary: Accept
last-modified: Fri, 04 Nov 2022 13:13:44 GMT

GET
H2 200 vs20gatotx.png
img.viva88athenae.com/pp/images/ 73 KB
73 KB 195ms
195ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/pp/images/vs20gatotx.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9c7e7fec1cfea805dcd69a6f0478eab548addc1ac634f30873e07cab1d12970

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decaf0f56e463-OTP
expires: Mon, 16 Dec 2024 14:17:35 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=99251
alt-svc: h3=":443"; ma=86400
content-length: 74984
date: Mon, 16 Dec 2024 10:17:35 GMT
content-type: image/webp
content-disposition: inline; filename="vs20gatotx.webp"
vary: Accept
last-modified: Tue, 01 Oct 2024 08:21:45 GMT

GET
H2 200 vs20fruitsw.png
img.viva88athenae.com/pp/images/ 63 KB
63 KB 267ms
209ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/pp/images/vs20fruitsw.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0fd921eb9cd4824e65f7d0fd2af8ba42595223a6c874534b94440670f89dd07

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6bce3e463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=86062
alt-svc: h3=":443"; ma=86400
content-length: 64370
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="vs20fruitsw.webp"
vary: Accept
last-modified: Tue, 01 Oct 2024 08:21:43 GMT

GET
H2 200 diaochan.png
img.viva88athenae.com/pg/images/ 20 KB
20 KB 266ms
209ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/pg/images/diaochan.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66a84eebf8d1f072d566e0d4d76dab431205e5135d5d3267c6c1d90a476de1a2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6bce6e463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=23112
alt-svc: h3=":443"; ma=86400
content-length: 20420
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="diaochan.webp"
vary: Accept
last-modified: Fri, 04 Nov 2022 13:10:32 GMT

GET
H2 200 gem-saviour.png
img.viva88athenae.com/pg/images/ 19 KB
19 KB 122ms
65ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/pg/images/gem-saviour.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7523659539bc3e77c2e9c5dd33ed8f56cdbb46ba282d955dd950258d3e1db7a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 1291
expires: Mon, 16 Dec 2024 14:17:37 GMT
cf-polished: origFmt=png, origSize=21416
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="gem-saviour.webp"
vary: Accept
last-modified: Fri, 04 Nov 2022 13:10:34 GMT
cache-control: public, max-age=14400
cf-ray: 8f2decb6bce7e463-OTP
accept-ranges: bytes
content-length: 19588
server: cloudflare

GET
H2 200 fortune-gods.png
img.viva88athenae.com/pg/images/ 19 KB
19 KB 158ms
102ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/pg/images/fortune-gods.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cedc45605094170cf6f90d6227d1816216504ad1ca8b26c38376ea61cab95010

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 1643
expires: Mon, 16 Dec 2024 14:17:37 GMT
cf-polished: origFmt=png, origSize=21190
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="fortune-gods.webp"
vary: Accept
last-modified: Fri, 04 Nov 2022 13:10:33 GMT
cache-control: public, max-age=14400
cf-ray: 8f2decb6bce8e463-OTP
accept-ranges: bytes
content-length: 19646
server: cloudflare

GET
H2 200 medusa2.png
img.viva88athenae.com/pg/images/ 23 KB
23 KB 192ms
138ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/pg/images/medusa2.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55f176c0cdf59b9f9b51893350da65675cb292b72f935a2012bd2183e54ed82f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 1291
expires: Mon, 16 Dec 2024 14:17:37 GMT
cf-polished: origFmt=png, origSize=25571
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="medusa2.webp"
vary: Accept
last-modified: Fri, 04 Nov 2022 13:10:36 GMT
cache-control: public, max-age=14400
cf-ray: 8f2decb6bce9e463-OTP
accept-ranges: bytes
content-length: 23580
server: cloudflare

GET
H2 200 medusa.png
img.viva88athenae.com/pg/images/ 20 KB
20 KB 158ms
105ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/pg/images/medusa.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e43117ca573b423cc36d361a0eb652908f0af1a9532e4e2db658ee8edcbdf84

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 1291
expires: Mon, 16 Dec 2024 14:17:37 GMT
cf-polished: origFmt=png, origSize=22360
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="medusa.webp"
vary: Accept
last-modified: Fri, 04 Nov 2022 13:10:36 GMT
cache-control: public, max-age=14400
cf-ray: 8f2decb6bceae463-OTP
accept-ranges: bytes
content-length: 20244
server: cloudflare

GET
H2 200 wizdom-wonders.png
img.viva88athenae.com/pg/images/ 19 KB
19 KB 257ms
211ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/pg/images/wizdom-wonders.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a84b9ef223533928ad19cf6ed510017edfffce1cb34c65b2d0efe58624be0d79

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6bcebe463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=20898
alt-svc: h3=":443"; ma=86400
content-length: 19424
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="wizdom-wonders.webp"
vary: Accept
last-modified: Fri, 04 Nov 2022 13:10:30 GMT

GET
H2 200 SGWildFlow.png
img.viva88athenae.com/hb/images/circle/ 66 KB
66 KB 185ms
140ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/hb/images/circle/SGWildFlow.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9d9eeae9527a77a615148c782df998cca89ccd1b3a55eb758a04db4b9941fef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6bcece463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=89386
alt-svc: h3=":443"; ma=86400
content-length: 67528
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="SGWildFlow.webp"
vary: Accept
last-modified: Tue, 12 Mar 2024 05:57:13 GMT

GET
H2 200 SGVampiresFate.png
img.viva88athenae.com/hb/images/circle/ 49 KB
50 KB 219ms
173ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/hb/images/circle/SGVampiresFate.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09f77f8c57d107f06a4bc31e3e749fbe90d8ecb7c4e82b5fbd8e8fd3d3fb4fad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6bcede463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=59605
alt-svc: h3=":443"; ma=86400
content-length: 50614
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="SGVampiresFate.webp"
vary: Accept
last-modified: Fri, 01 Mar 2024 06:58:53 GMT

GET
H2 200 SGHotHotSummer.png
img.viva88athenae.com/hb/images/circle/ 61 KB
61 KB 296ms
256ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/hb/images/circle/SGHotHotSummer.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92c789ee556c6356ddbea9d45bd7e7de3526b411bd73e95570d1e16c86fc6bc5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6ecfee463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=70589
alt-svc: h3=":443"; ma=86400
content-length: 62204
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="SGHotHotSummer.webp"
vary: Accept
last-modified: Tue, 13 Feb 2024 09:02:30 GMT

GET
H2 200 SGFruityMayan.png
img.viva88athenae.com/hb/images/circle/ 65 KB
65 KB 290ms
249ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/hb/images/circle/SGFruityMayan.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5fd7715aff3d238f458bb35c6fb19cb3ebe6bf524812fbd95f8f831441f5ad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6ed00e463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=87029
alt-svc: h3=":443"; ma=86400
content-length: 66332
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="SGFruityMayan.webp"
vary: Accept
last-modified: Tue, 16 Jan 2024 04:30:21 GMT

GET
H2 200 SGFruityHalloween.png
img.viva88athenae.com/hb/images/circle/ 71 KB
72 KB 289ms
249ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/hb/images/circle/SGFruityHalloween.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89bf19455165ca0da37d00a9a7016ab19382df969f537c0267a5d83d340b032c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6ed01e463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=90116
alt-svc: h3=":443"; ma=86400
content-length: 73124
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="SGFruityHalloween.webp"
vary: Accept
last-modified: Tue, 31 Oct 2023 09:27:01 GMT

GET
H2 200 SGSlimeParty.png
img.viva88athenae.com/hb/images/circle/ 60 KB
60 KB 291ms
253ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/hb/images/circle/SGSlimeParty.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4f7270079111bfd4aad32fa4361bbdd26f315f8ee62aea8182b1b7d5fdf7221

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6ed02e463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=78986
alt-svc: h3=":443"; ma=86400
content-length: 61550
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="SGSlimeParty.webp"
vary: Accept
last-modified: Wed, 18 Oct 2023 06:09:01 GMT

GET
H2

200

S-DW01.jpg
api-egame-staging.sgplay.net/thumbnail/
Redirect Chain

http://api-egame-staging.sgplay.net/thumbnail/S-DW01.jpg
https://api-egame-staging.sgplay.net/thumbnail/S-DW01.jpg

16 KB
17 KB

776ms
210ms

Image
image/jpeg

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-egame-staging.sgplay.net/thumbnail/S-DW01.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b1040b4503c2191b346e3e9ae3a35ec8f6bdea62eb446e5f9aa5a556706e711

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-cache-status: HIT
etag: "658bdb7b-4091"
age: 58217
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BUexHyP5YzZlpCBdj%2FsjNtsoyEHFo%2FaFfbPiQlHChwqKApBCjAGce5Lw25H7ezRXR5amaWLO%2F%2BHVqrec4KIqECACvwjOZXpZwkhE9BA5O%2BGH8qzsPw6bE%2B2B5GrOxAQclrSEXKTRxS%2FoQl3aBwEr"}],"group":"cf-nel","max_age":604800}
expires: Mon, 15 Dec 2025 18:07:20 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=26163&min_rtt=26090&rtt_var=4252&sent=42&recv=10&lost=0&retrans=0&sent_bytes=40989&recv_bytes=2551&delivery_rate=152898&cwnd=253&unsent_bytes=0&cid=611cfd099e50ab8d&ts=189&x=0"
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/jpeg
last-modified: Wed, 27 Dec 2023 08:08:27 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f2decbab9fce467-OTP
accept-ranges: bytes
content-length: 16529
server: cloudflare

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://api-egame-staging.sgplay.net/thumbnail/S-DW01.jpg
Non-Authoritative-Reason: DNS

GET
H2

200

S-LK03.jpg
api-egame-staging.sgplay.net/thumbnail/
Redirect Chain

http://api-egame-staging.sgplay.net/thumbnail/S-LK03.jpg
https://api-egame-staging.sgplay.net/thumbnail/S-LK03.jpg

35 KB
35 KB

967ms
402ms

Image
image/jpeg

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-egame-staging.sgplay.net/thumbnail/S-LK03.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8cd5103b615b93e648e926dfe8d3fbc537becb73c9351ce2411498ad12db0b3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-cache-status: HIT
etag: "63181960-8a41"
age: 58229
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ol2gFVUr9ShmThYQjqdvQQohk6mrLEhye67irCdTHpE4krbbb1faaEM6SKORo05VWB6P0WPL%2F4S2a1s%2FAveDBLcGy53Fc3YCziVD%2BovouHDbK2%2BjF8cXeSpoETUFktwlRNy1GXW3K5AUy8gco0%2Fz"}],"group":"cf-nel","max_age":604800}
expires: Mon, 15 Dec 2025 18:07:08 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=26163&min_rtt=26090&rtt_var=4252&sent=48&recv=10&lost=0&retrans=0&sent_bytes=48961&recv_bytes=2551&delivery_rate=152898&cwnd=253&unsent_bytes=21568&cid=611cfd099e50ab8d&ts=190&x=0"
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/jpeg
last-modified: Wed, 07 Sep 2022 04:09:04 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f2decbab9fee467-OTP
accept-ranges: bytes
content-length: 35393
server: cloudflare

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://api-egame-staging.sgplay.net/thumbnail/S-LK03.jpg
Non-Authoritative-Reason: DNS

GET
H2

200

S-RH02.jpg
api-egame-staging.sgplay.net/thumbnail/
Redirect Chain

http://api-egame-staging.sgplay.net/thumbnail/S-RH02.jpg
https://api-egame-staging.sgplay.net/thumbnail/S-RH02.jpg

33 KB
33 KB

967ms
401ms

Image
image/jpeg

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-egame-staging.sgplay.net/thumbnail/S-RH02.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ebdf80237b424500a180e3e9545c1108c56611011ec54517bc92568eeb133c7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-cache-status: HIT
etag: "63181960-8299"
age: 58229
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6A03z3Fgigc83eSVFsW3SU0Bu%2Bm4FHv3cT44dmCs%2FRi3%2FxZCW%2FQNQM91mhESoZRzyr4VV60F0cXA5JVuZkvtK7YPmrXMni4Bi%2FEhvoqc5TeTd7n%2BFkT%2B10Xk2v3nzDNvAQX8a7R8wzpif8DWbOCa"}],"group":"cf-nel","max_age":604800}
expires: Mon, 15 Dec 2025 18:07:08 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=26163&min_rtt=26090&rtt_var=4252&sent=42&recv=10&lost=0&retrans=0&sent_bytes=40989&recv_bytes=2551&delivery_rate=152898&cwnd=253&unsent_bytes=17347&cid=611cfd099e50ab8d&ts=189&x=0"
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/jpeg
last-modified: Wed, 07 Sep 2022 04:09:04 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f2decbab9fae467-OTP
accept-ranges: bytes
content-length: 33433
server: cloudflare

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://api-egame-staging.sgplay.net/thumbnail/S-RH02.jpg
Non-Authoritative-Reason: DNS

GET
H2

200

S-RK02.jpg
api-egame-staging.sgplay.net/thumbnail/
Redirect Chain

http://api-egame-staging.sgplay.net/thumbnail/S-RK02.jpg
https://api-egame-staging.sgplay.net/thumbnail/S-RK02.jpg

34 KB
35 KB

967ms
402ms

Image
image/jpeg

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-egame-staging.sgplay.net/thumbnail/S-RK02.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec10b83050a6193164366aa440a5f8d6dac6043624f509acd528abc0d39ddae3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-cache-status: HIT
etag: "63181960-882d"
age: 58229
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PZpESLZntswl7Ux1WGtcyhtotk6JYEoDiKQCzdKwLaJoik1DIMfB9Ss3efEiuEcnmoD8hPITH9nmNlPSzDxroYW%2Fog71de55dCEVDlvPMKgPd4%2FNwScojrNJtgbmBmdvCFiP2XB1EAzztS1%2BCA9J"}],"group":"cf-nel","max_age":604800}
expires: Mon, 15 Dec 2025 18:07:08 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=26163&min_rtt=26090&rtt_var=4252&sent=48&recv=10&lost=0&retrans=0&sent_bytes=48961&recv_bytes=2551&delivery_rate=152898&cwnd=253&unsent_bytes=21568&cid=611cfd099e50ab8d&ts=190&x=0"
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/jpeg
last-modified: Wed, 07 Sep 2022 04:09:04 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f2decbaba02e467-OTP
accept-ranges: bytes
content-length: 34861
server: cloudflare

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://api-egame-staging.sgplay.net/thumbnail/S-RK02.jpg
Non-Authoritative-Reason: DNS

GET
H2

200

S-CG02.jpg
api-egame-staging.sgplay.net/thumbnail/
Redirect Chain

http://api-egame-staging.sgplay.net/thumbnail/S-CG02.jpg
https://api-egame-staging.sgplay.net/thumbnail/S-CG02.jpg

37 KB
38 KB

968ms
402ms

Image
image/jpeg

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-egame-staging.sgplay.net/thumbnail/S-CG02.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b175c69392e9610594de0ab3c4fa3a9513313942f3a95245d24ff5c6ca6ce6d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-cache-status: HIT
etag: "64d19e7f-9500"
age: 58217
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dZimkGlzopsrorRDKGjjI9%2BLqbGaJRuQ3DrLo4TBDFMWKCPVQaKf6SzaOrar8Q5OllpaRCVpr34csJj81zpzW7lkS5PWMZDeBNUYLL75fROkB%2BDB0xmmANeiT8t%2Bee7gqmHv85eFeZwP0Pjs1WFv"}],"group":"cf-nel","max_age":604800}
expires: Mon, 15 Dec 2025 18:07:20 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=26163&min_rtt=26090&rtt_var=4252&sent=48&recv=10&lost=0&retrans=0&sent_bytes=48961&recv_bytes=2551&delivery_rate=152898&cwnd=253&unsent_bytes=21568&cid=611cfd099e50ab8d&ts=189&x=0"
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/jpeg
last-modified: Tue, 08 Aug 2023 01:46:39 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f2decbaba00e467-OTP
accept-ranges: bytes
content-length: 38144
server: cloudflare

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://api-egame-staging.sgplay.net/thumbnail/S-CG02.jpg
Non-Authoritative-Reason: DNS

GET
H2

200

S-PW03.jpg
api-egame-staging.sgplay.net/thumbnail/
Redirect Chain

http://api-egame-staging.sgplay.net/thumbnail/S-PW03.jpg
https://api-egame-staging.sgplay.net/thumbnail/S-PW03.jpg

35 KB
36 KB

667ms
102ms

Image
image/jpeg

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-egame-staging.sgplay.net/thumbnail/S-PW03.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 676d120d172dd00e4694ce12ddd396ab9441b0c3d26a66e6bfb8293e91d9cf96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-cache-status: HIT
etag: "63181960-8b67"
age: 58228
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u%2BlQpf3kgcEyHWoWLBWrB9%2F7Es04QB%2BjL9MVo0AqRHyvYZv4fh6AElrKIz095dOhmnd1ER1GGjcwZ36SgWBp0hDbHUxnebMo%2FwuJzpaUvRGdMqft5WMawkSQvAOVtrGjjUhy5daAB0dbSmKQActX"}],"group":"cf-nel","max_age":604800}
expires: Mon, 15 Dec 2025 18:07:09 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=26163&min_rtt=26090&rtt_var=4252&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3936&recv_bytes=2551&delivery_rate=152898&cwnd=253&unsent_bytes=0&cid=611cfd099e50ab8d&ts=188&x=0"
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/jpeg
last-modified: Wed, 07 Sep 2022 04:09:04 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f2decbab9f9e467-OTP
accept-ranges: bytes
content-length: 35687
server: cloudflare

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://api-egame-staging.sgplay.net/thumbnail/S-PW03.jpg
Non-Authoritative-Reason: DNS

GET
H/1.1 200
OK wixa8wsu4de7c.png
img.qiangmingbao.net/gameimages/landscape/ 74 KB
75 KB 2344ms
401ms Image
image/png 103.148.239.44
ANSPL-AS-AP Axclu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.qiangmingbao.net/gameimages/landscape/wixa8wsu4de7c.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.148.239.44 , Singapore, ASN132337 (ANSPL-AS-AP Axclusive, SG),
Reverse DNS
Software: /
Resource Hash: d9af82474404ae999509960540473b4b6fe3499e715a4467b150e4f7ce008b82

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

Access-Control-Max-Age: 31536000
X-CD-Ver: 202211
ETag: "e21e7f767ae8a3c7543c1a092da1dae8"
Age: 6302950
Access-Control-Allow-Methods: GET
Expires: Sat, 04 Oct 2025 11:28:28 GMT
X-Cache: HIT
X-Amz-Cf-Id: K5buLHa5ayBvZwwWa0VvX4hQPML86eEmFHpT0EzY-eUUEBGtvULT3A==
Date: Mon, 16 Dec 2024 10:17:39 GMT
Content-Type: image/png
x-amz-meta-sha256: d9af82474404ae999509960540473b4b6fe3499e715a4467b150e4f7ce008b82
Last-Modified: Mon, 04 Mar 2024 09:03:09 GMT
Access-Control-Allow-Headers: *
Cache-Control: max-age=31536000
x-amz-meta-s3b-last-modified: 20231004T073013Z
Connection: keep-alive
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 75980
X-Amz-Cf-Pop: SIN2-P3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK f1hywikkjprr1.png
img.qiangmingbao.net/gameimages/landscape/ 83 KB
84 KB 2268ms
402ms Image
image/png 103.148.239.44
ANSPL-AS-AP Axclu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.qiangmingbao.net/gameimages/landscape/f1hywikkjprr1.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.148.239.44 , Singapore, ASN132337 (ANSPL-AS-AP Axclusive, SG),
Reverse DNS
Software: /
Resource Hash: cdedd3079cda5eb76abdb54800b29dc21a24bbf688637fc45658dac7c86757e2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

Access-Control-Max-Age: 31536000
X-CD-Ver: 202211
ETag: "5264f6bafb32ff435ad105ca504c470e"
Age: 6302950
Access-Control-Allow-Methods: GET
Expires: Sat, 04 Oct 2025 11:28:28 GMT
X-Cache: HIT
X-Amz-Cf-Id: W9KCwRXBiMSBqkvvnQIpOMUjuAVHX3ZNLTRYY0LRdwvjb9uXakV-5w==
Date: Mon, 16 Dec 2024 10:17:39 GMT
Content-Type: image/png
x-amz-meta-sha256: cdedd3079cda5eb76abdb54800b29dc21a24bbf688637fc45658dac7c86757e2
Last-Modified: Wed, 24 Jan 2024 11:37:52 GMT
Access-Control-Allow-Headers: *
Cache-Control: max-age=31536000
x-amz-meta-s3b-last-modified: 20231215T024956Z
Connection: keep-alive
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 85076
X-Amz-Cf-Pop: SIN2-P3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK ysj1ghuuqbazc.png
img.qiangmingbao.net/gameimages/landscape/ 80 KB
81 KB 2268ms
402ms Image
image/png 103.148.239.44
ANSPL-AS-AP Axclu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.qiangmingbao.net/gameimages/landscape/ysj1ghuuqbazc.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.148.239.44 , Singapore, ASN132337 (ANSPL-AS-AP Axclusive, SG),
Reverse DNS
Software: /
Resource Hash: e3eff9d210c9b8e2ab65d6d2eafab66dff7bd2c01a0c574133cea76ffb82e00d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

Access-Control-Max-Age: 31536000
X-CD-Ver: 202211
ETag: "d812bed9e0326855ad5e1cb7d6f9867b"
Age: 6302950
Access-Control-Allow-Methods: GET
Expires: Sat, 04 Oct 2025 11:28:28 GMT
X-Cache: HIT
X-Amz-Cf-Id: WWYtkFSPe2db8axGFzHUHoXaVCy7gJfig5NYHLsC9OiGhLa3rE1whQ==
Date: Mon, 16 Dec 2024 10:17:39 GMT
Content-Type: image/png
x-amz-meta-sha256: e3eff9d210c9b8e2ab65d6d2eafab66dff7bd2c01a0c574133cea76ffb82e00d
Last-Modified: Wed, 24 Jan 2024 11:37:52 GMT
Access-Control-Allow-Headers: *
Cache-Control: max-age=31536000
x-amz-meta-s3b-last-modified: 20231213T073432Z
Connection: keep-alive
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 81803
X-Amz-Cf-Pop: SIN2-P3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK jxcs1pbifei1o.png
img.qiangmingbao.net/gameimages/landscape/ 84 KB
85 KB 1516ms
401ms Image
image/png 103.148.239.44
ANSPL-AS-AP Axclu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.qiangmingbao.net/gameimages/landscape/jxcs1pbifei1o.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.148.239.44 , Singapore, ASN132337 (ANSPL-AS-AP Axclusive, SG),
Reverse DNS
Software: /
Resource Hash: 67be67cc4fd9db44372239a8ea5fc07095722bafa29e57229ab20b7eebdb9d2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

Access-Control-Max-Age: 31536000
X-CD-Ver: 202211
ETag: "422fa9305cc6d4738db2da61093786e5"
Age: 6302950
Access-Control-Allow-Methods: GET
Expires: Sat, 04 Oct 2025 11:28:28 GMT
X-Cache: HIT
X-Amz-Cf-Id: ni4M2YCqXV-dgu1J-Y_0EjSFWNoOxg9-Au8Mov02F6Ucur3C5E4d8w==
Date: Mon, 16 Dec 2024 10:17:39 GMT
Content-Type: image/png
x-amz-meta-sha256: 67be67cc4fd9db44372239a8ea5fc07095722bafa29e57229ab20b7eebdb9d2a
Last-Modified: Wed, 24 Jan 2024 11:37:52 GMT
Access-Control-Allow-Headers: *
Cache-Control: max-age=31536000
x-amz-meta-s3b-last-modified: 20231214T100351Z
Connection: keep-alive
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 85835
X-Amz-Cf-Pop: SIN2-P3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK 1abm3a9yh8uqq.png
img.qiangmingbao.net/gameimages/landscape/ 82 KB
82 KB 1494ms
402ms Image
image/png 103.148.239.44
ANSPL-AS-AP Axclu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.qiangmingbao.net/gameimages/landscape/1abm3a9yh8uqq.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.148.239.44 , Singapore, ASN132337 (ANSPL-AS-AP Axclusive, SG),
Reverse DNS
Software: /
Resource Hash: c7943f023102af18c12250036088dcefe1d5f955765972d1f2036acab523464f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

Access-Control-Max-Age: 31536000
X-CD-Ver: 202211
ETag: "bd158b12e4ad5ef53b26a53939cb5bb8"
Age: 6302950
Access-Control-Allow-Methods: GET
Expires: Sat, 04 Oct 2025 11:28:28 GMT
X-Cache: HIT
X-Amz-Cf-Id: rBv3AWP3uBVGOHgJmST-2x_36gAzQEtZ3Kc3EmouRAVnp7DHl4Jdbg==
Date: Mon, 16 Dec 2024 10:17:39 GMT
Content-Type: image/png
x-amz-meta-sha256: c7943f023102af18c12250036088dcefe1d5f955765972d1f2036acab523464f
Last-Modified: Wed, 24 Jan 2024 11:37:52 GMT
Access-Control-Allow-Headers: *
Cache-Control: max-age=31536000
x-amz-meta-s3b-last-modified: 20231215T112344Z
Connection: keep-alive
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 83622
X-Amz-Cf-Pop: SIN2-P3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK ynknc6m6x7684.png
img.qiangmingbao.net/gameimages/landscape/ 78 KB
79 KB 1301ms
401ms Image
image/png 103.148.239.44
ANSPL-AS-AP Axclu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.qiangmingbao.net/gameimages/landscape/ynknc6m6x7684.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.148.239.44 , Singapore, ASN132337 (ANSPL-AS-AP Axclusive, SG),
Reverse DNS
Software: /
Resource Hash: fbef64d2867f18e33b9430b813ae93961ecf565dd5da9dfe7228907db9e63009

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

Access-Control-Max-Age: 31536000
X-CD-Ver: 202211
ETag: "aa976cc192d3e6bcb4d778a9294150a6"
Age: 6302935
Access-Control-Allow-Methods: GET
Expires: Sat, 04 Oct 2025 11:28:43 GMT
X-Cache: HIT
X-Amz-Cf-Id: sl8x8AUivqMoJp8GinPhg0S2a78Eshh3XOegehCUw_AWzx3-PQR96g==
Date: Mon, 16 Dec 2024 10:17:39 GMT
Content-Type: image/png
x-amz-meta-sha256: fbef64d2867f18e33b9430b813ae93961ecf565dd5da9dfe7228907db9e63009
Last-Modified: Thu, 16 Nov 2023 13:05:14 GMT
Access-Control-Allow-Headers: *
Cache-Control: max-age=31536000
x-amz-meta-s3b-last-modified: 20231011T032744Z
Connection: keep-alive
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 79912
X-Amz-Cf-Pop: SIN2-P3
x-amz-server-side-encryption: AES256

GET
H2

200

SMG_almightyZeusWilds.png
file.32828a.com/images/MD/MP/en-US/
Redirect Chain

http://file.32828a.com/images/MD/MP/en-US/SMG_almightyZeusWilds.png
https://file.32828a.com/images/MD/MP/en-US/SMG_almightyZeusWilds.png

91 KB
91 KB

1272ms
687ms

Image
image/png

104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/MP/en-US/SMG_almightyZeusWilds.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f933f79a85c898d47d4679dbe3ca4cc8008c67c58731f91550b239c8c1781331

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: REVALIDATED
etag: "412e68929860da1:0"
cf-ray: 8f2decc1288cc9cf-OTP
expires: Mon, 16 Dec 2024 14:17:39 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 92851
date: Mon, 16 Dec 2024 10:17:39 GMT
content-type: image/png
last-modified: Fri, 16 Feb 2024 05:25:36 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://file.32828a.com/images/MD/MP/en-US/SMG_almightyZeusWilds.png
Non-Authoritative-Reason: DNS

GET
H2

200

SMG_crazyRichTigers.png
file.32828a.com/images/MD/MP/en-US/
Redirect Chain

http://file.32828a.com/images/MD/MP/en-US/SMG_crazyRichTigers.png
https://file.32828a.com/images/MD/MP/en-US/SMG_crazyRichTigers.png

97 KB
97 KB

1326ms
741ms

Image
image/png

104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/MP/en-US/SMG_crazyRichTigers.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0268b8e9d84e82e5e12508d8ee42bf87987cdbd4005286cd799fb6a72092c95c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: REVALIDATED
etag: "f16e682b9960da1:0"
cf-ray: 8f2decc1288dc9cf-OTP
expires: Mon, 16 Dec 2024 14:17:39 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 99201
date: Mon, 16 Dec 2024 10:17:39 GMT
content-type: image/png
last-modified: Fri, 16 Feb 2024 05:29:53 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://file.32828a.com/images/MD/MP/en-US/SMG_crazyRichTigers.png
Non-Authoritative-Reason: DNS

GET
H2

200

SMG_chroniclesOfOlympusIIZeus.png
file.32828a.com/images/MD/MP/en-US/
Redirect Chain

http://file.32828a.com/images/MD/MP/en-US/SMG_chroniclesOfOlympusIIZeus.png
https://file.32828a.com/images/MD/MP/en-US/SMG_chroniclesOfOlympusIIZeus.png

94 KB
95 KB

1442ms
857ms

Image
image/png

104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/MP/en-US/SMG_chroniclesOfOlympusIIZeus.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2da03dc2c83144a601ae50987e8e09e016a4a921167b755586ed421f767bf6fa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: REVALIDATED
etag: "5431e5d2a943da1:0"
cf-ray: 8f2decc1288ac9cf-OTP
expires: Mon, 16 Dec 2024 14:17:39 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96624
date: Mon, 16 Dec 2024 10:17:39 GMT
content-type: image/png
last-modified: Wed, 10 Jan 2024 09:46:02 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://file.32828a.com/images/MD/MP/en-US/SMG_chroniclesOfOlympusIIZeus.png
Non-Authoritative-Reason: DNS

GET
H2

200

SMG_fireAndRosesJollyJoker.png
file.32828a.com/images/MD/MP/en-US/
Redirect Chain

http://file.32828a.com/images/MD/MP/en-US/SMG_fireAndRosesJollyJoker.png
https://file.32828a.com/images/MD/MP/en-US/SMG_fireAndRosesJollyJoker.png

95 KB
95 KB

1326ms
741ms

Image
image/png

104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/MP/en-US/SMG_fireAndRosesJollyJoker.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e1d6dc1fb1dce28020a92d2f89f93eaf0da3684614b1dc424a5771557e4f19e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: REVALIDATED
etag: "cb433a3daa43da1:0"
cf-ray: 8f2decc1288bc9cf-OTP
expires: Mon, 16 Dec 2024 14:17:39 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 97162
date: Mon, 16 Dec 2024 10:17:39 GMT
content-type: image/png
last-modified: Wed, 10 Jan 2024 09:49:01 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://file.32828a.com/images/MD/MP/en-US/SMG_fireAndRosesJollyJoker.png
Non-Authoritative-Reason: DNS

GET
H2

200

SMG_goldBlitzExtreme.png
file.32828a.com/images/MD/MP/en-US/
Redirect Chain

http://file.32828a.com/images/MD/MP/en-US/SMG_goldBlitzExtreme.png
https://file.32828a.com/images/MD/MP/en-US/SMG_goldBlitzExtreme.png

105 KB
105 KB

616ms
607ms

Image
image/png

104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/MP/en-US/SMG_goldBlitzExtreme.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: beb2de5e526219d206a738f00445c1ebbe673ec646453d4334bf7c8ef40cd34d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: REVALIDATED
etag: "e83f6745ac43da1:0"
cf-ray: 8f2decc6e9bec9cf-OTP
expires: Mon, 16 Dec 2024 14:17:40 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 107417
date: Mon, 16 Dec 2024 10:17:40 GMT
content-type: image/png
last-modified: Wed, 10 Jan 2024 10:03:33 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://file.32828a.com/images/MD/MP/en-US/SMG_goldBlitzExtreme.png
Non-Authoritative-Reason: DNS

GET
H2

200

SMG_miningPotsOfGold.png
file.32828a.com/images/MD/MP/en-US/
Redirect Chain

http://file.32828a.com/images/MD/MP/en-US/SMG_miningPotsOfGold.png
https://file.32828a.com/images/MD/MP/en-US/SMG_miningPotsOfGold.png

98 KB
98 KB

664ms
658ms

Image
image/png

104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/MP/en-US/SMG_miningPotsOfGold.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1381de4140f90dcd7c7e839383719ece1a256ae6d12e6c6e9da7fea650264847

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: REVALIDATED
etag: "35e0a6d69960da1:0"
cf-ray: 8f2decc6e9bfc9cf-OTP
expires: Mon, 16 Dec 2024 14:17:40 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 99944
date: Mon, 16 Dec 2024 10:17:40 GMT
content-type: image/png
last-modified: Fri, 16 Feb 2024 05:34:40 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://file.32828a.com/images/MD/MP/en-US/SMG_miningPotsOfGold.png
Non-Authoritative-Reason: DNS

GET
H2 200 2.png
img.viva88athenae.com/jl/images/ 22 KB
22 KB 285ms
215ms Image
image/png 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/jl/images/2.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea37bf3e3d469a369e4a565577126849801d213e39e3640369f27c98bd7b8f2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6ed03e463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origSize=25719, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 22125
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/png
last-modified: Mon, 11 Nov 2024 07:31:30 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 4.png
img.viva88athenae.com/jl/images/ 22 KB
23 KB 314ms
244ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/jl/images/4.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24ed87f4cbd36757e004a68209778835cdac1212ff483130797e6989e5fe0393

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6ed04e463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=25840
alt-svc: h3=":443"; ma=86400
content-length: 22908
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="4.webp"
vary: Accept
last-modified: Mon, 11 Nov 2024 07:31:41 GMT

GET
H2 200 5.png
img.viva88athenae.com/jl/images/ 20 KB
20 KB 246ms
176ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/jl/images/5.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bd28c513ad9c9826fcd23d2a06281ade00d9fbb55e939a902c9782101970097

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6ed05e463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=23249
alt-svc: h3=":443"; ma=86400
content-length: 20684
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="5.webp"
vary: Accept
last-modified: Mon, 11 Nov 2024 07:31:45 GMT

GET
H2 200 6.png
img.viva88athenae.com/jl/images/ 25 KB
25 KB 247ms
178ms Image
image/png 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/jl/images/6.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a894ca4eb98b94dd64c4932a00556251a255d1eb577880df7cd2a98e2cb1b72

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6ed06e463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origSize=28181, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 25773
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/png
last-modified: Mon, 11 Nov 2024 07:31:45 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 9.png
img.viva88athenae.com/jl/images/ 25 KB
25 KB 284ms
214ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/jl/images/9.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 528f7fa864a82947b89c2af67290bdc7b54457a83ef89b5dea4e887820cb6b22

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6ed07e463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=28570
alt-svc: h3=":443"; ma=86400
content-length: 25904
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="9.webp"
vary: Accept
last-modified: Mon, 11 Nov 2024 07:31:49 GMT

GET
H2 200 10.png
img.viva88athenae.com/jl/images/ 18 KB
18 KB 284ms
215ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/jl/images/10.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a148a6403cfac93daca5103a58584b7373e4e532deec70f7d2a5fa8e7a068216

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6ed09e463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=21217
alt-svc: h3=":443"; ma=86400
content-length: 18326
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="10.webp"
vary: Accept
last-modified: Mon, 11 Nov 2024 07:30:59 GMT

GET
H2 200 14091_en.png
dlntdk2it99.anhuidingyue.com/jdb-assetsv3/games/14091/ 29 KB
29 KB 7395ms
264ms Image
image/png 163.181.92.234
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dlntdk2it99.anhuidingyue.com/jdb-assetsv3/games/14091/14091_en.png

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

163.181.92.234 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

7c677bb947094453f01adc8c07141268f0118aeb353aea712372d885705a5183

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

etag: "66ea2630-748c"
age: 7440928
access-control-allow-methods: GET, POST, OPTIONS
x-cache: HIT TCP_HIT dirn:12:866871710
date: Sat, 21 Sep 2024 07:22:18 GMT
content-type: image/png
last-modified: Wed, 18 Sep 2024 01:00:32 GMT
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,BB,BB-Forwarded,UB,Authorization,Edge-Cache-Tag
strict-transport-security: max-age=5184000; includeSubDomains
x-swift-cachetime: 9886403
timing-allow-origin: *
via: ens-cache8.l2de3[0,0,200-0,H], ens-cache17.l2de3[2,0], ens-cache4.de5[0,0,200-0,H], ens-cache6.de5[11,0]
ali-swift-global-savetime: 1726903338
x-swift-savetime: Mon, 25 Nov 2024 21:08:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9a17343442668386205e
content-length: 29836
server: Tengine

GET
H2 200 14090_en.png
dlntdk2it99.anhuidingyue.com/jdb-assetsv3/games/14090/ 34 KB
34 KB 7427ms
299ms Image
image/png 163.181.92.234
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dlntdk2it99.anhuidingyue.com/jdb-assetsv3/games/14090/14090_en.png

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

163.181.92.234 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

872509d28d0e980320423b89fb35ecacff81bb9be80889f2e0b280d51c82a604

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

etag: "6716f932-86e3"
age: 4783817
access-control-allow-methods: GET, POST, OPTIONS
x-cache: HIT TCP_HIT dirn:9:1145776565
date: Tue, 22 Oct 2024 01:27:29 GMT
content-type: image/png
last-modified: Tue, 22 Oct 2024 01:00:34 GMT
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,BB,BB-Forwarded,UB,Authorization,Edge-Cache-Tag
strict-transport-security: max-age=5184000; includeSubDomains
x-swift-cachetime: 11597642
timing-allow-origin: *
via: cache18.l2fr1[0,0,200-0,H], cache5.l2fr1[1,0], ens-cache6.de5[0,8,200-0,H], ens-cache6.de5[14,0]
ali-swift-global-savetime: 1729560449
x-swift-savetime: Fri, 06 Dec 2024 19:53:27 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9a17343442668386182e
content-length: 34531
server: Tengine

GET
H2 200 14089_en.png
dlntdk2it99.anhuidingyue.com/jdb-assetsv3/games/14089/ 33 KB
34 KB 7423ms
300ms Image
image/png 163.181.92.234
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dlntdk2it99.anhuidingyue.com/jdb-assetsv3/games/14089/14089_en.png

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

163.181.92.234 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

74a8b1968bf8bca40ecfbf6549c6c399e3143e14d0024bffd51f4a4b04c5119d

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

etag: "6716f932-853c"
age: 4781334
access-control-allow-methods: GET, POST, OPTIONS
x-cache: HIT TCP_HIT dirn:11:594026784
date: Tue, 22 Oct 2024 02:08:52 GMT
content-type: image/png
last-modified: Tue, 22 Oct 2024 01:00:34 GMT
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,BB,BB-Forwarded,UB,Authorization,Edge-Cache-Tag
strict-transport-security: max-age=5184000; includeSubDomains
x-swift-cachetime: 10791141
timing-allow-origin: *
via: ens-cache2.l2de3[0,0,200-0,H], ens-cache15.l2de3[1,0], ens-cache12.de5[0,7,200-0,H], ens-cache6.de5[29,0]
ali-swift-global-savetime: 1729562932
x-swift-savetime: Mon, 16 Dec 2024 04:36:31 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9a17343442668386187e
content-length: 34108
server: Tengine

GET
H2 200 14086_en.png
dlntdk2it99.anhuidingyue.com/jdb-assetsv3/games/14086/ 36 KB
36 KB 7342ms
226ms Image
image/png 163.181.92.234
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dlntdk2it99.anhuidingyue.com/jdb-assetsv3/games/14086/14086_en.png

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

163.181.92.234 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

6e08483bc3be8ea7f9f047a74339d2ce41e15406b046a8aae565574de8e56313

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

etag: "6716f932-8e67"
age: 4783817
access-control-allow-methods: GET, POST, OPTIONS
x-cache: HIT TCP_HIT dirn:11:674779186
date: Tue, 22 Oct 2024 01:27:29 GMT
content-type: image/png
last-modified: Tue, 22 Oct 2024 01:00:34 GMT
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,BB,BB-Forwarded,UB,Authorization,Edge-Cache-Tag
strict-transport-security: max-age=5184000; includeSubDomains
x-swift-cachetime: 12130239
timing-allow-origin: *
via: cache13.l2fr1[0,0,200-0,H], cache38.l2fr1[1,0], ens-cache5.de5[0,0,200-0,H], ens-cache6.de5[11,0]
ali-swift-global-savetime: 1729560449
x-swift-savetime: Sat, 30 Nov 2024 15:56:50 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9a17343442668386212e
content-length: 36455
server: Tengine

GET
H2 200 14087_en.png
dlntdk2it99.anhuidingyue.com/jdb-assetsv3/games/14087/ 25 KB
25 KB 7373ms
262ms Image
image/png 163.181.92.234
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dlntdk2it99.anhuidingyue.com/jdb-assetsv3/games/14087/14087_en.png

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

163.181.92.234 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

7a10c5720d463fab133069ca3b9cca667989feb341c55f901c7a67ba59f96372

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

etag: "6716f932-6482"
age: 4781334
access-control-allow-methods: GET, POST, OPTIONS
x-cache: HIT TCP_HIT dirn:12:38420525
date: Tue, 22 Oct 2024 02:08:52 GMT
content-type: image/png
last-modified: Tue, 22 Oct 2024 01:00:34 GMT
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,BB,BB-Forwarded,UB,Authorization,Edge-Cache-Tag
strict-transport-security: max-age=5184000; includeSubDomains
x-swift-cachetime: 14395793
timing-allow-origin: *
via: ens-cache9.l2de3[0,0,200-0,H], ens-cache2.l2de3[2,0], ens-cache10.de5[0,0,200-0,H], ens-cache6.de5[11,0]
ali-swift-global-savetime: 1729562932
x-swift-savetime: Mon, 04 Nov 2024 11:18:59 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9a17343442668386200e
content-length: 25730
server: Tengine

GET
H2 200 14085_en.png
dlntdk2it99.anhuidingyue.com/jdb-assetsv3/games/14085/ 26 KB
27 KB 7297ms
189ms Image
image/png 163.181.92.234
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dlntdk2it99.anhuidingyue.com/jdb-assetsv3/games/14085/14085_en.png

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

163.181.92.234 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

def4ce81ae76f3d11f3a12a52bf0f4c4536b37614bab2edce5d3eadc00c4a711

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

etag: "6716f932-687e"
age: 4783818
access-control-allow-methods: GET, POST, OPTIONS
x-cache: HIT TCP_HIT dirn:12:64344076
date: Tue, 22 Oct 2024 01:27:28 GMT
content-type: image/png
last-modified: Tue, 22 Oct 2024 01:00:34 GMT
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,BB,BB-Forwarded,UB,Authorization,Edge-Cache-Tag
strict-transport-security: max-age=5184000; includeSubDomains
x-swift-cachetime: 12889057
timing-allow-origin: *
via: cache23.l2fr1[0,0,200-0,H], cache24.l2fr1[1,0], ens-cache4.de5[0,0,200-0,H], ens-cache6.de5[9,0]
ali-swift-global-savetime: 1729560448
x-swift-savetime: Thu, 21 Nov 2024 21:09:51 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9a17343442668386192e
content-length: 26750
server: Tengine

GET
H2 200 icon_10001_200x200_bkg_EN.jpg
game.thbinn.online/icon/10001/200x200/ 22 KB
22 KB 1885ms
1248ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://game.thbinn.online/icon/10001/200x200/icon_10001_200x200_bkg_EN.jpg?1713448404
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e35251d6654086ffa067cde149a004bec4da189a792d43fa6b86569f032a5fb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-bgj: imgq:85,h2pri
etag: "643cd8be-1a67a"
cf-cache-status: HIT
expires: Wed, 18 Dec 2024 10:17:41 GMT
cf-polished: degrade=85, origSize=108154
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 10:17:41 GMT
content-type: image/jpeg
last-modified: Mon, 17 Apr 2023 05:27:26 GMT
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 8f2deccaff7e0538-OTP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22228
server: cloudflare

GET
H2 200 icon_10002_200x200_bkg_EN.jpg
game.thbinn.online/icon/10002/200x200/ 19 KB
20 KB 1737ms
1179ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://game.thbinn.online/icon/10002/200x200/icon_10002_200x200_bkg_EN.jpg?1713448404
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 554a55ee4610693a930ca8af518ed0cf4281d8a458390f1e3f57c2e3472d154a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-bgj: imgq:85,h2pri
etag: "643ca91a-78de"
cf-cache-status: HIT
expires: Wed, 18 Dec 2024 10:17:41 GMT
cf-polished: degrade=85, origSize=30942
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 10:17:41 GMT
content-type: image/jpeg
last-modified: Mon, 17 Apr 2023 02:04:10 GMT
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 8f2deccaff7f0538-OTP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19849
server: cloudflare

GET
H2 200 icon_19001_200x200_bkg_EN.jpg
game.thbinn.online/icon/19001/200x200/ 24 KB
24 KB 1085ms
1084ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://game.thbinn.online/icon/19001/200x200/icon_19001_200x200_bkg_EN.jpg?1713448404
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89ced59147d0e22f6e9c7d443b74087181faa8d7309fccab4875fdbc66fbfd7f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-bgj: imgq:85,h2pri
etag: "643ca911-93a4"
cf-cache-status: HIT
expires: Wed, 18 Dec 2024 10:17:41 GMT
cf-polished: degrade=85, origSize=37796
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 10:17:41 GMT
content-type: image/jpeg
last-modified: Mon, 17 Apr 2023 02:04:01 GMT
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 8f2deccb2f950538-OTP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24070
server: cloudflare

GET
H2 200 icon_19002_200x200_bkg_EN.jpg
game.thbinn.online/icon/19002/200x200/ 25 KB
25 KB 1260ms
1259ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://game.thbinn.online/icon/19002/200x200/icon_19002_200x200_bkg_EN.jpg?1713448404
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2c5d04eb7e176102414247143e08fe742d63ad2b1f83b7a3fd5f510825707d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-bgj: imgq:85,h2pri
etag: "643ca90f-9fbc"
cf-cache-status: HIT
expires: Wed, 18 Dec 2024 10:17:41 GMT
cf-polished: degrade=85, origSize=40892
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 10:17:41 GMT
content-type: image/jpeg
last-modified: Mon, 17 Apr 2023 02:03:59 GMT
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 8f2deccb2f970538-OTP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25897
server: cloudflare

GET
H2 200 icon_10005_200x200_bkg_EN.jpg
game.thbinn.online/icon/10005/200x200/ 25 KB
26 KB 1191ms
1190ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://game.thbinn.online/icon/10005/200x200/icon_10005_200x200_bkg_EN.jpg?1713448404
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3aa56fd6df7716aaf86dadb3bd94dad64f39f6eadc1df87edfcbe3b35ff2af2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-bgj: imgq:85,h2pri
etag: "643ca91e-9af4"
cf-cache-status: HIT
expires: Wed, 18 Dec 2024 10:17:41 GMT
cf-polished: degrade=85, origSize=39668
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 10:17:41 GMT
content-type: image/jpeg
last-modified: Mon, 17 Apr 2023 02:04:14 GMT
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 8f2deccb2f980538-OTP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25971
server: cloudflare

GET
H2 200 icon_19003_200x200_bkg_EN.jpg
game.thbinn.online/icon/19003/200x200/ 27 KB
27 KB 1230ms
1229ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://game.thbinn.online/icon/19003/200x200/icon_19003_200x200_bkg_EN.jpg?1713448404
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 644da6a85bc4de667c5243374ccfd1730df89f1865dd5bf80ee53b884f69593d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-bgj: imgq:85,h2pri
etag: "643ca912-a93c"
cf-cache-status: HIT
expires: Wed, 18 Dec 2024 10:17:41 GMT
cf-polished: degrade=85, origSize=43324
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 10:17:41 GMT
content-type: image/jpeg
last-modified: Mon, 17 Apr 2023 02:04:02 GMT
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 8f2deccb2f990538-OTP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27848
server: cloudflare

GET
H2 200 Age%20of%20the%20Gods%20God%20of%20Storms%20III.jpg
gsmd.336699bet.com/lobby/gamelist/image/px/en-us/ 119 KB
120 KB 1714ms
1111ms Image
image/jpeg 172.67.74.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gsmd.336699bet.com/lobby/gamelist/image/px/en-us/Age%20of%20the%20Gods%20God%20of%20Storms%20III.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3c534f17f7f6514855e3b8091e82f321c0cafd1a6ae77dc6ba8b39d80405a8db

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "286fa45283ddda1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FguaCZLZ5giwt2OCdT%2FfUXfPbPdSHauZHaMOYBUBpHvUidhGwfWZZ50ZyvsB5WsE8BTqrzDfQmRgA1IbupRAUM57CrUiN4GYDNjXni0Ds%2BJfyA241nh23FFZFSKZREmKJAHQrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f2decceee44e4b9-OTP
accept-ranges: bytes
server-timing: cfL4;desc="?proto=TCP&rtt=27394&min_rtt=26521&rtt_var=4783&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3993&recv_bytes=2813&delivery_rate=144681&cwnd=253&unsent_bytes=0&cid=34c8ac69e026825e&ts=1217&x=0"
content-length: 121735
date: Mon, 16 Dec 2024 10:17:41 GMT
content-type: image/jpeg
last-modified: Wed, 24 Jul 2024 04:38:25 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 Divine%209.jpg
gsmd.336699bet.com/lobby/gamelist/image/px/en-us/ 86 KB
87 KB 1854ms
1252ms Image
image/jpeg 172.67.74.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gsmd.336699bet.com/lobby/gamelist/image/px/en-us/Divine%209.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c2f0664f5df5358ec469df522b81e6098582c650361755985c0bf140e7ef8d4b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "2480db5283ddda1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bd75Cc%2FARhwSxlkLidOnOCCP7JSDZMvCJ6JtbG5bpzvFVABK%2BzwxZ2osGLwZJasWZHAHHrBzX29thmYGh%2BV6%2FpUv8OZZ7ap088wi45qcp0WyrBPa0MUH%2BaPOi4IW2FVTPzxQNA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f2decceee42e4b9-OTP
accept-ranges: bytes
server-timing: cfL4;desc="?proto=TCP&rtt=27394&min_rtt=26521&rtt_var=4783&sent=48&recv=11&lost=0&retrans=0&sent_bytes=49049&recv_bytes=2813&delivery_rate=144681&cwnd=253&unsent_bytes=3609&cid=34c8ac69e026825e&ts=1219&x=0"
content-length: 88540
date: Mon, 16 Dec 2024 10:17:41 GMT
content-type: image/jpeg
last-modified: Wed, 24 Jul 2024 04:38:26 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 Lock%20&%20Hit%20Red%20Knight.jpg
gsmd.336699bet.com/lobby/gamelist/image/px/en-us/ 110 KB
111 KB 1115ms
1113ms Image
image/jpeg 172.67.74.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gsmd.336699bet.com/lobby/gamelist/image/px/en-us/Lock%20&%20Hit%20Red%20Knight.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 332a837ede916219ee9bf2d600c6577f5f0f1db95dd8f9f53e762252f982c3b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "abe9335383ddda1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YTMoH0UsA7Q1lP9D6Hn%2Bl79mA%2Blzz%2F0kuryrCH6OtW%2FRsb1CWZy9WGherThvM7AP9%2Baada6ME0u2N3oXsnY8ZCHwSB0tZhzqeV%2Bc2LRdrMJwu%2BM1Va6Xs4mGha2RNjQfQGsgbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f2decd29c79e4b9-OTP
accept-ranges: bytes
server-timing: cfL4;desc="?proto=TCP&rtt=26207&min_rtt=25985&rtt_var=92&sent=216&recv=62&lost=0&retrans=0&sent_bytes=265199&recv_bytes=2813&delivery_rate=4171509&cwnd=285&unsent_bytes=0&cid=34c8ac69e026825e&ts=1810&x=0"
content-length: 112976
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/jpeg
last-modified: Wed, 24 Jul 2024 04:38:26 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 Hit%20Bar%20Gold.jpg
gsmd.336699bet.com/lobby/gamelist/image/px/en-us/ 159 KB
159 KB 1114ms
1112ms Image
image/jpeg 172.67.74.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gsmd.336699bet.com/lobby/gamelist/image/px/en-us/Hit%20Bar%20Gold.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9c2e164067aa0ae27eda68953a52b02f17869b82a5235c4843be53055948c902

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "af6f65383ddda1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vi%2B1HhpkZFqBdKhsAUQwpXQor7ro3dVcndMrCU9Fbvg2LLtERdQfSNuUrz8nyWX8m3T87ttD30vorn1%2Bc5888PAYKc7LM1CbuRxHtjpYa5pyxWYgAeNu%2FcJ2fooTsLr4ssQfcg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f2decd29c7ae4b9-OTP
accept-ranges: bytes
server-timing: cfL4;desc="?proto=TCP&rtt=26207&min_rtt=25985&rtt_var=92&sent=178&recv=62&lost=0&retrans=0&sent_bytes=217435&recv_bytes=2813&delivery_rate=4171509&cwnd=285&unsent_bytes=0&cid=34c8ac69e026825e&ts=1808&x=0"
content-length: 162439
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/jpeg
last-modified: Wed, 24 Jul 2024 04:38:26 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 Ready%20to%20Blow%20Thundershots.jpg
gsmd.336699bet.com/lobby/gamelist/image/px/en-us/ 116 KB
117 KB 1149ms
1147ms Image
image/jpeg 172.67.74.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gsmd.336699bet.com/lobby/gamelist/image/px/en-us/Ready%20to%20Blow%20Thundershots.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 474ac05ab8926870ec4fe034227e2e85fa05144f5e2393be074b3ccf663fb565

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "f4d555383ddda1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OaDW7dsML%2Fz35dE2ff5QieGfChGTu2C7bZM4xtIS0IcXaiAYF6Tux4TXKQ4QR8ri%2BXDaGhabzlAaBWK3tDIA0RZxLeqkcADaC%2B0l2lEEDS3c1ouh%2BfKi4c%2B4LJDvaeS8SoErdg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f2decd29c7be4b9-OTP
accept-ranges: bytes
server-timing: cfL4;desc="?proto=TCP&rtt=26207&min_rtt=25985&rtt_var=92&sent=279&recv=62&lost=0&retrans=0&sent_bytes=344259&recv_bytes=2813&delivery_rate=4171509&cwnd=285&unsent_bytes=0&cid=34c8ac69e026825e&ts=1817&x=0"
content-length: 118633
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/jpeg
last-modified: Wed, 24 Jul 2024 04:38:26 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 Buffalo%20Blitz%20Mega%20Merge.jpg
gsmd.336699bet.com/lobby/gamelist/image/px/en-us/ 146 KB
146 KB 1146ms
1144ms Image
image/jpeg 172.67.74.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gsmd.336699bet.com/lobby/gamelist/image/px/en-us/Buffalo%20Blitz%20Mega%20Merge.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e2fad1f507ab29cbc17faa1416ed58ffb2a7d3a09efb9fbde5266789ddb30dff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "e960cf5283ddda1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YdnmZOI6Fulf6thT8bZY29ckccQkslmeX0hhdFgTgp%2FzHvl8Q50VE8DHCwtBRZ8b%2FRz0HXWAIr8qhaa5lYs3IQIrgSDQFvl8kdgbaXbK0x4GrCv1oAD6b5L81x8UM34SfTePqw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f2decd29c7de4b9-OTP
accept-ranges: bytes
server-timing: cfL4;desc="?proto=TCP&rtt=26207&min_rtt=25985&rtt_var=92&sent=254&recv=62&lost=0&retrans=0&sent_bytes=312946&recv_bytes=2813&delivery_rate=4171509&cwnd=285&unsent_bytes=0&cid=34c8ac69e026825e&ts=1814&x=0"
content-length: 149307
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/jpeg
last-modified: Wed, 24 Jul 2024 04:38:26 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 404
Not Found 5006.jpg
www.g500on.cfd.unogg168.web.id/dekstop/ 708 B
708 B 462ms
461ms Image
text/html 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/5006.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=100
content-length: 708
pragma: no-cache
date: Mon, 16 Dec 2024 10:17:41 GMT
content-type: text/html
Connection: Keep-Alive

GET
H/1.1 404
Not Found 5008.jpg
www.g500on.cfd.unogg168.web.id/dekstop/ 708 B
708 B 847ms
847ms Image
text/html 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/5008.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=100
content-length: 708
pragma: no-cache
date: Mon, 16 Dec 2024 10:17:41 GMT
content-type: text/html
Connection: Keep-Alive

GET
H/1.1 404
Not Found 5009.jpg
www.g500on.cfd.unogg168.web.id/dekstop/ 708 B
708 B 366ms
366ms Image
text/html 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/5009.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=100
content-length: 708
pragma: no-cache
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: text/html
Connection: Keep-Alive

GET
H/1.1 404
Not Found 5013.jpg
www.g500on.cfd.unogg168.web.id/dekstop/ 708 B
708 B 520ms
518ms Image
text/html 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/5013.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=100
content-length: 708
pragma: no-cache
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: text/html
Connection: Keep-Alive

GET
H/1.1 404
Not Found 5014.jpg
www.g500on.cfd.unogg168.web.id/dekstop/ 708 B
708 B 521ms
520ms Image
text/html 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/5014.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=100
content-length: 708
pragma: no-cache
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: text/html
Connection: Keep-Alive

GET
H/1.1 404
Not Found 5027.jpg
www.g500on.cfd.unogg168.web.id/dekstop/ 708 B
708 B 522ms
520ms Image
text/html 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/5027.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=100
content-length: 708
pragma: no-cache
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: text/html
Connection: Keep-Alive

GET
H2 200 monkeyscrolls.png
file.32828a.com/images/MD/PN/en-US/ 111 KB
111 KB 119ms
115ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/PN/en-US/monkeyscrolls.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1d9fbdfbb4d4b561511f16aa2b67a3b4ca2beb0d55daa958e29c4800faed1c37

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "0d9c5b8921bda1:0"
cf-ray: 8f2decd7d851c9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 113362
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Mon, 20 Nov 2023 09:19:54 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 legacyofdynasties.png
file.32828a.com/images/MD/PN/en-US/ 106 KB
106 KB 369ms
366ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/PN/en-US/legacyofdynasties.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6e9105ca0c7775fcfd53e25f729cfd79f2f1b408bdf95ede483ee19a07d466f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "0762ff3921bda1:0"
cf-ray: 8f2decd7d852c9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 108318
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Mon, 20 Nov 2023 09:21:32 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 sherwoodgold.png
file.32828a.com/images/MD/PN/en-US/ 106 KB
106 KB 368ms
364ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/PN/en-US/sherwoodgold.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6c8daef8e2635af89aa5651dfc84b1a2e2fd99455390da3850a32e0883d19e13

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "0a61ce0921bda1:0"
cf-ray: 8f2decd7d853c9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 108602
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Mon, 20 Nov 2023 09:21:00 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 laschristmas.png
file.32828a.com/images/MD/PN/en-US/ 119 KB
119 KB 333ms
330ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/PN/en-US/laschristmas.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8005b566a540489858728150e487632846c78102509d4ee7c43e89db4b830b8f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "073737931bda1:0"
cf-ray: 8f2decd7d854c9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 121948
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Mon, 20 Nov 2023 09:22:06 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 gargantoonz.png
file.32828a.com/images/MD/PN/en-US/ 115 KB
116 KB 368ms
365ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/PN/en-US/gargantoonz.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7e6fb78523303040ab8969ff1ceb9fc7deb74782eb7f456462b54b3d82d0d47c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "0629014931bda1:0"
cf-ray: 8f2decd7d855c9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 118131
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Mon, 20 Nov 2023 09:22:28 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 piggyblitz.png
file.32828a.com/images/MD/PN/en-US/ 91 KB
91 KB 363ms
360ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/PN/en-US/piggyblitz.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4412698ddcc3c92787402e53649adc75e93bc40c9d3a18cacaa3449c5b03c237

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "262eb88b90dcd91:0"
cf-ray: 8f2decd7d856c9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 92702
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Fri, 01 Sep 2023 04:55:36 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 880003.png
file.32828a.com/images/MD/YD/en-US/ 127 KB
127 KB 334ms
330ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/YD/en-US/880003.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 36a7fee233fdff4eb0e17782b44e69f31bc054cc75ce22a7e70c5fec3fe57898

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "a2f2e2786ab0d71:0"
cf-ray: 8f2decd7d858c9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 129934
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Thu, 23 Sep 2021 11:02:17 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 880009.png
file.32828a.com/images/MD/YD/en-US/ 111 KB
111 KB 335ms
332ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/YD/en-US/880009.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 09f43420ad7491870dc980c2ab7b56bb3c110f1e67c2da25f902130cc3446b37

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "46c192786ab0d71:0"
cf-ray: 8f2decd7d859c9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 113799
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Thu, 23 Sep 2021 11:02:16 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 880010.png
file.32828a.com/images/MD/YD/en-US/ 107 KB
107 KB 294ms
291ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/YD/en-US/880010.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 42f0b965c267c0c7f1c85f2d2933b3503d3fbd2941af0df89381b9d4bc8f370c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "af309c786ab0d71:0"
cf-ray: 8f2decd7d85bc9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 109412
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Thu, 23 Sep 2021 11:02:16 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 880011.png
file.32828a.com/images/MD/YD/en-US/ 99 KB
99 KB 255ms
252ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/YD/en-US/880011.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 23944860300a6ddadf40365229ed9c8cdcef46e00118ea2f39e0ab8ca3ea4d4f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "861aa4786ab0d71:0"
cf-ray: 8f2decd7d85cc9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 101192
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Thu, 23 Sep 2021 11:02:16 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 880013.png
file.32828a.com/images/MD/YD/en-US/ 94 KB
95 KB 334ms
331ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/YD/en-US/880013.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 518876ee0bc7b4faff39a791f8002d590de00f36c1bc51448fbe76f89234bbfe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "03cad786ab0d71:0"
cf-ray: 8f2decd7e865c9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96699
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Thu, 23 Sep 2021 11:02:16 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 880014.png
file.32828a.com/images/MD/YD/en-US/ 117 KB
117 KB 369ms
366ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/YD/en-US/880014.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bd6176ed45d40b4a3014fda5fbb1ef2a5664e916f5708caf89878cd3ea863353

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "c7ccb1786ab0d71:0"
cf-ray: 8f2decd7e866c9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 119837
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Thu, 23 Sep 2021 11:02:16 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 Egypt_Gods.png
file.32828a.com/images/MD/EP/en-US/ 212 KB
212 KB 622ms
619ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/EP/en-US/Egypt_Gods.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 57f11ab0d9eff8be0726b35a3caf2682444d644529c20eb385f9f637b229949c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: REVALIDATED
etag: "75b92a69b690d61:0"
cf-ray: 8f2decd7e867c9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 216649
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Tue, 22 Sep 2020 08:00:17 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 Basketball.png
file.32828a.com/images/MD/EP/en-US/ 41 KB
41 KB 628ms
626ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/EP/en-US/Basketball.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3df9a31c64c787f9855f955ed75d6a1001dbf90ec66e6694a7678147f2bf5ede

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: REVALIDATED
etag: "5ece6269b690d61:0"
cf-ray: 8f2decd7e868c9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 41665
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Tue, 22 Sep 2020 08:00:18 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 Talismans_of_Fortune.png
file.32828a.com/images/MD/EP/en-US/ 39 KB
39 KB 372ms
369ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/EP/en-US/Talismans_of_Fortune.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0463efa6e6724ba9625efcfb1277cfde110e6be801211653c2afce0fb99b3344

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "985269b690d61:0"
cf-ray: 8f2decd7e869c9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 40046
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Tue, 22 Sep 2020 08:00:17 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 The_Great_Wall_Treasure.png
file.32828a.com/images/MD/EP/en-US/ 51 KB
51 KB 369ms
366ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/EP/en-US/The_Great_Wall_Treasure.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1a6b7c818e3421152237a822ce764553b21b8fcb8acf08d5caa4af6775bd2bb4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "eab75569b690d61:0"
cf-ray: 8f2decd7e86ac9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 51997
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Tue, 22 Sep 2020 08:00:17 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 Robin_Hood.png
file.32828a.com/images/MD/EP/en-US/ 45 KB
45 KB 330ms
328ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/EP/en-US/Robin_Hood.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e0b33e2e32774c3daa96575b4d0b38fd679b17a1290cb046bc4a6ac107e26872

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "ebc44969b690d61:0"
cf-ray: 8f2decd7e86bc9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 45819
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Tue, 22 Sep 2020 08:00:17 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 Chinese_New_Year.png
file.32828a.com/images/MD/EP/en-US/ 57 KB
57 KB 609ms
607ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/EP/en-US/Chinese_New_Year.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 01afeb56aa9c9c193074fc792eece2e01c5220a6b38faedb91b9f92f5563efcf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: REVALIDATED
etag: "bbda2569b690d61:0"
cf-ray: 8f2decd7e86cc9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 58490
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Tue, 22 Sep 2020 08:00:17 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 1.png
img.viva88athenae.com/cq9/images/ 20 KB
20 KB 309ms
247ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/cq9/images/1.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2f72bf3463ea18fde96f022d0035462d75535d2cf61e2379ef50b284e72d11f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6ed0be463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=21339
alt-svc: h3=":443"; ma=86400
content-length: 20304
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="1.webp"
vary: Accept
last-modified: Fri, 04 Nov 2022 11:03:28 GMT

GET
H2 200 10.png
img.viva88athenae.com/cq9/images/ 26 KB
26 KB 277ms
215ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/cq9/images/10.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 807e231346e1868c244d20ec3ea698d7e2bb74bb83452822bd4cda6221ce80df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6ed0de463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=27052
alt-svc: h3=":443"; ma=86400
content-length: 26790
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="10.webp"
vary: Accept
last-modified: Fri, 04 Nov 2022 11:02:55 GMT

GET
H2 200 111.png
img.viva88athenae.com/cq9/images/ 18 KB
19 KB 277ms
216ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/cq9/images/111.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b809d4ccaa869b336febfb09e60b7a4b1620a02b9f8846825aa1ad17e1c2550b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6ed0ee463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=19906
alt-svc: h3=":443"; ma=86400
content-length: 18922
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="111.webp"
vary: Accept
last-modified: Fri, 04 Nov 2022 11:03:04 GMT

GET
H2 200 113.png
img.viva88athenae.com/cq9/images/ 23 KB
23 KB 275ms
213ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/cq9/images/113.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9438b3dd72954d1290759ed443bb4776bb3bec14316ab91a3b8b271e5c8a7b69

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6ed10e463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=23946
alt-svc: h3=":443"; ma=86400
content-length: 23290
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="113.webp"
vary: Accept
last-modified: Fri, 04 Nov 2022 11:03:04 GMT

GET
H2 200 115.png
img.viva88athenae.com/cq9/images/ 22 KB
22 KB 278ms
217ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/cq9/images/115.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a52b02930abaec0471b8acf8833346c52d48c20666d8ed0c38d6178dcf58224

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6ed12e463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=23974
alt-svc: h3=":443"; ma=86400
content-length: 22876
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="115.webp"
vary: Accept
last-modified: Fri, 04 Nov 2022 11:03:04 GMT

GET
H2 200 117.png
img.viva88athenae.com/cq9/images/ 24 KB
25 KB 276ms
216ms Image
image/png 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/cq9/images/117.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffc3fccce1f26593d0d4cdb27d1038ad09f4ea2c98a42ceab81e78fca8082f60

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6ed13e463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origSize=25880, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 24940
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/png
last-modified: Fri, 04 Nov 2022 11:03:04 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 PSS-ON-00155.png
file.32828a.com/images/MD/PS/en-US/ 94 KB
94 KB 366ms
364ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/PS/en-US/PSS-ON-00155.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5b8a16e418af08fe9fe916515e4a57c68413d3d3bf00b5db781bf00953f8c3b3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "5f3c9143a676da1:0"
cf-ray: 8f2decd7e86dc9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96289
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Fri, 15 Mar 2024 06:59:03 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 PSS-ON-00146.png
file.32828a.com/images/MD/PS/en-US/ 31 KB
31 KB 365ms
363ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/PS/en-US/PSS-ON-00146.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ea31676bac344318cee7d79160af2ff5d4e856c413fe63269b4234319149105e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "822cae774aada1:0"
cf-ray: 8f2decd7e86ec9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31260
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Mon, 20 May 2024 05:16:44 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 PSS-ON-00141.png
file.32828a.com/images/MD/PS/en-US/ 82 KB
82 KB 367ms
365ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/PS/en-US/PSS-ON-00141.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 53ffd11d1e84e9d56b32c247aaa74ed0182a63e8a388b20d371ab5d106c9582a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "90d6c8a29c93d91:0"
cf-ray: 8f2decd7e870c9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 84026
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Wed, 31 May 2023 08:48:13 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 PSS-ON-00025.png
file.32828a.com/images/MD/PS/en-US/ 122 KB
123 KB 368ms
366ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/PS/en-US/PSS-ON-00025.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 027846113da10b1e0d593d8b0b43e63ff1ada1f037b6179aee49ccd252fc53db

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "67f5efa29c93d91:0"
cf-ray: 8f2decd7e871c9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 125290
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Wed, 31 May 2023 08:48:14 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 PSS-ON-00147.png
file.32828a.com/images/MD/PS/en-US/ 30 KB
30 KB 369ms
367ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/PS/en-US/PSS-ON-00147.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 811073ac2db66bc94a606c0ea6f888a735674e97f4d3579cbfd22b1b683c6f9c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "ce59c9e774aada1:0"
cf-ray: 8f2decd7e872c9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30800
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Mon, 20 May 2024 05:16:44 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 PSS-ON-00148.png
file.32828a.com/images/MD/PS/en-US/ 24 KB
24 KB 366ms
364ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/PS/en-US/PSS-ON-00148.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cdc8fae8291d737d559b642cd5c2db9f7cb6f16bde53fe7f33f7a64cfccd2f64

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "a7ed2da75ef7d91:0"
cf-ray: 8f2decd7e874c9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24482
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Thu, 05 Oct 2023 07:36:28 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 404
Not Found royalbaccarat.png
www.g500on.cfd.unogg168.web.id/dekstop/ 708 B
708 B 439ms
439ms Image
text/html 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/royalbaccarat.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=100
content-length: 708
pragma: no-cache
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: text/html
Connection: Keep-Alive

GET
H/1.1 404
Not Found royalroulette.png
www.g500on.cfd.unogg168.web.id/dekstop/ 708 B
708 B 375ms
374ms Image
text/html 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/royalroulette.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=100
content-length: 708
pragma: no-cache
date: Mon, 16 Dec 2024 10:17:43 GMT
content-type: text/html
Connection: Keep-Alive

GET
H/1.1 404
Not Found royalsicbo.png
www.g500on.cfd.unogg168.web.id/dekstop/ 708 B
708 B 433ms
433ms Image
text/html 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/royalsicbo.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=100
content-length: 708
pragma: no-cache
date: Mon, 16 Dec 2024 10:17:43 GMT
content-type: text/html
Connection: Keep-Alive

GET
H/1.1 404
Not Found royalblackjack.png
www.g500on.cfd.unogg168.web.id/dekstop/ 708 B
708 B 434ms
434ms Image
text/html 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/royalblackjack.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=100
content-length: 708
pragma: no-cache
date: Mon, 16 Dec 2024 10:17:43 GMT
content-type: text/html
Connection: Keep-Alive

GET
H/1.1 404
Not Found royal5boxbj.png
www.g500on.cfd.unogg168.web.id/dekstop/ 708 B
708 B 426ms
426ms Image
text/html 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/royal5boxbj.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=100
content-length: 708
pragma: no-cache
date: Mon, 16 Dec 2024 10:17:43 GMT
content-type: text/html
Connection: Keep-Alive

GET
H/1.1 404
Not Found dragonbonus.png
www.g500on.cfd.unogg168.web.id/dekstop/ 708 B
708 B 633ms
632ms Image
text/html 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/dragonbonus.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=100
content-length: 708
pragma: no-cache
date: Mon, 16 Dec 2024 10:17:43 GMT
content-type: text/html
Connection: Keep-Alive

GET 2019102922541993154.png
line.ppprrp.com/global/files/images/ 0
0

GET 2019102922495611028.png
line.ppprrp.com/global/files/images/ 0
0

GET 2019102922452490974.png
line.ppprrp.com/global/files/images/ 0
0

GET 2023032406002771377.png
line.ppprrp.com/global/files/images/ 0
0

GET 2023032406015231827.png
line.ppprrp.com/global/files/images/ 0
0

GET 2019091023314111296.png
line.ppprrp.com/global/files/images/ 0
0

GET
H2 200 _facebook_icon-icons.com_65786.png
cdn.icon-icons.com/icons2/800/PNG/512/ 35 KB
35 KB 925ms
311ms Image
image/png 172.67.72.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.icon-icons.com/icons2/800/PNG/512/_facebook_icon-icons.com_65786.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.210 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a4df6008aa45a797a041fff9daaede51e234b8460a7ef0607a962a6a9b2a3ca4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-cache-status: MISS
etag: "5771749b-8bab"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bs25FPgjClZKYLaJnP8vezpBdiF9OT%2F2dq9c%2Bqnxekibff5Q9YEBSMPo%2BB416t96sTTOETpsoY0B5naqA63zPMDpopgpMm52k5%2FFEZzXKrpBCKUzfMm4zQXT2TTNWlZMv7FZrA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 15 Jan 2025 10:17:44 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=26521&min_rtt=26029&rtt_var=4938&sent=34&recv=11&lost=0&retrans=0&sent_bytes=30989&recv_bytes=2468&delivery_rate=141063&cwnd=254&unsent_bytes=0&cid=9425cb069b698338&ts=318&x=0"
date: Mon, 16 Dec 2024 10:17:44 GMT
content-type: image/png
last-modified: Mon, 27 Jun 2016 18:46:51 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f2dece25e5ee4af-OTP
accept-ranges: bytes
content-length: 35755
x-powered-by: PleskLin
server: cloudflare

GET
H2 200 instagram_like_heart_love_icon_181629.png
cdn.icon-icons.com/icons2/2857/PNG/512/ 180 KB
181 KB 998ms
384ms Image
image/png 172.67.72.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.icon-icons.com/icons2/2857/PNG/512/instagram_like_heart_love_icon_181629.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.210 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ec5e050cb8eafb6cac369481c6dc533083385616ce0d41656f4ad9034a4b4274

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-cache-status: MISS
etag: "602ec7d3-2cf78"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pRI4924LXyEHEWkn0GTuyTGOlFkzuXEa%2B38BDFA5CPfTEsvgSZ%2FurqoUmimpvcp7OyorQ9qQIatX2DpDbmC2LfzhkeRw9LTA3IoutwAbUu9mH5rsWTvgNSFgMVfBJjC5gKW9wQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 15 Jan 2025 10:17:44 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=26383&min_rtt=26029&rtt_var=206&sent=65&recv=24&lost=0&retrans=0&sent_bytes=64420&recv_bytes=2468&delivery_rate=1300530&cwnd=257&unsent_bytes=3340&cid=9425cb069b698338&ts=343&x=0"
date: Mon, 16 Dec 2024 10:17:44 GMT
content-type: image/png
last-modified: Thu, 18 Feb 2021 20:02:27 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f2dece25e5de4af-OTP
accept-ranges: bytes
content-length: 184184
x-powered-by: PleskLin
server: cloudflare

GET
H2 200 socialmedia_network_twitter_user_interface_icon_195641.png
cdn.icon-icons.com/icons2/3203/PNG/512/ 25 KB
26 KB 817ms
203ms Image
image/png 172.67.72.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.icon-icons.com/icons2/3203/PNG/512/socialmedia_network_twitter_user_interface_icon_195641.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.210 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0f88784b349e4f6d9bf7a9c340582e80f3682f19f85a27d16687c4ff48e573c8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-cache-status: MISS
etag: "617c1286-64b8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y0WXCrwRI3o%2Bn5SQ%2B7LjTLQ3F%2F8uY9%2B2yVDw99cv5VWYStMR7fkAZvYaB93OVAPXUYBEh%2Fz2F2FIvmQZMNkzzOdUwSQvaYexZYZEc6h%2BL4MW8gS0Xbk3NhJu3dfh3CR2qgceVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 15 Jan 2025 10:17:44 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=26521&min_rtt=26029&rtt_var=4938&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4007&recv_bytes=2468&delivery_rate=141063&cwnd=254&unsent_bytes=0&cid=9425cb069b698338&ts=314&x=0"
date: Mon, 16 Dec 2024 10:17:44 GMT
content-type: image/png
last-modified: Fri, 29 Oct 2021 15:25:58 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f2dece25e5be4af-OTP
accept-ranges: bytes
content-length: 25784
x-powered-by: PleskLin
server: cloudflare

GET
H/1.1 200
OK dekstop.js Show response
www.g500on.cfd.unogg168.web.id/dekstop/bundles/ 916 KB
178 KB 954ms
950ms Script
text/javascript 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/bundles/dekstop.js
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 418030ca862fa0e3341895241c578389ee9d74517a3615cf618d93381618f0f0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

content-encoding: gzip
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 182150
date: Mon, 16 Dec 2024 10:17:44 GMT
content-type: text/javascript
last-modified: Thu, 10 Oct 2024 07:53:24 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK dekstop.js Show response
www.g500on.cfd.unogg168.web.id/dekstop/bundles/Home/ 55 KB
11 KB 1016ms
1015ms Script
text/javascript 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/bundles/Home/dekstop.js
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 71dda9bc7e88b5dceef9edc6b222974508ab9b969995d8a1abdde6bf3aa110a1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

content-encoding: gzip
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 11067
date: Mon, 16 Dec 2024 10:17:45 GMT
content-type: text/javascript
last-modified: Thu, 10 Oct 2024 07:54:58 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK dekstop.js Show response
www.g500on.cfd.unogg168.web.id/dekstop/Content/Slots/ 95 KB
24 KB 865ms
865ms Script
text/javascript 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/Content/Slots/dekstop.js
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: ed9904faa4096611159e2580d887f5d9c85f65cb82d0328ef6236c9076ef58d7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

content-encoding: gzip
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 24715
date: Mon, 16 Dec 2024 10:17:44 GMT
content-type: text/javascript
last-modified: Thu, 10 Oct 2024 07:53:14 GMT
vary: Accept-Encoding

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
63 KB 591ms
72ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

240355f4e85792fb5c1e46a942e6d797a078d39f8717dfbab666e4e80cb4dd8d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-eiKxDT5C' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 10:17:45 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-eiKxDT5C' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=12, mss=1348, tbw=2955, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: tdJBNZDK9os7pnneZLo4Qpx2x/a1138x6Lne6kidt2MVfkhqxu+FTV96s7iEyiXXVd365dxT+IfHceeuBJcP3A==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62283
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 vs20olympgate.png
img.viva88athenae.com/pp/images/ 56 KB
0 36ms
36ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/pp/images/vs20olympgate.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7ab9c9a9999d06d05341d75f6f1b8e6f5e41c0becb44957ce917ef3485622c2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decabfcfee463-OTP
expires: Mon, 16 Dec 2024 14:17:35 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=69541
alt-svc: h3=":443"; ma=86400
content-length: 57206
date: Mon, 16 Dec 2024 10:17:35 GMT
content-type: image/webp
content-disposition: inline; filename="vs20olympgate.webp"
vary: Accept
last-modified: Fri, 06 Oct 2023 04:58:39 GMT

GET
H2 200 vs20olympx.png
img.viva88athenae.com/pp/images/ 67 KB
0 37ms
37ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/pp/images/vs20olympx.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acf935748f02b0d97aa902f5e319c42a7318b6aee5f6d2b3a0b91de533c76107

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decabfcfde463-OTP
expires: Mon, 16 Dec 2024 14:17:35 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=95303
alt-svc: h3=":443"; ma=86400
content-length: 68522
date: Mon, 16 Dec 2024 10:17:35 GMT
content-type: image/webp
content-disposition: inline; filename="vs20olympx.webp"
vary: Accept
last-modified: Wed, 04 Dec 2024 05:56:12 GMT

GET
H2 200 vs20sugarrush.png
img.viva88athenae.com/pp/images/ 64 KB
0 38ms
38ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/pp/images/vs20sugarrush.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a190432e0e3a321ab8cf5d7f501c5b383fefe28c106635723ebf6f5fcf46b3f3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decae1ed6e463-OTP
expires: Mon, 16 Dec 2024 14:17:35 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=78806
alt-svc: h3=":443"; ma=86400
content-length: 65918
date: Mon, 16 Dec 2024 10:17:35 GMT
content-type: image/webp
content-disposition: inline; filename="vs20sugarrush.webp"
vary: Accept
last-modified: Tue, 09 Jan 2024 04:24:15 GMT

GET
H2 200 vswayslions.png
img.viva88athenae.com/pp/images/ 29 KB
0 52ms
52ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/pp/images/vswayslions.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ae511e09295907e7399387c5edb476c424d3778daa280ed39e4327ef030470c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decae1ed8e463-OTP
expires: Mon, 16 Dec 2024 14:17:35 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=30538
alt-svc: h3=":443"; ma=86400
content-length: 29840
date: Mon, 16 Dec 2024 10:17:35 GMT
content-type: image/webp
content-disposition: inline; filename="vswayslions.webp"
vary: Accept
last-modified: Fri, 04 Nov 2022 13:13:44 GMT

GET
H2 200 vs20gatotx.png
img.viva88athenae.com/pp/images/ 73 KB
0 53ms
53ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/pp/images/vs20gatotx.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9c7e7fec1cfea805dcd69a6f0478eab548addc1ac634f30873e07cab1d12970

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decaf0f56e463-OTP
expires: Mon, 16 Dec 2024 14:17:35 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=99251
alt-svc: h3=":443"; ma=86400
content-length: 74984
date: Mon, 16 Dec 2024 10:17:35 GMT
content-type: image/webp
content-disposition: inline; filename="vs20gatotx.webp"
vary: Accept
last-modified: Tue, 01 Oct 2024 08:21:45 GMT

GET
H2 200 vs20fruitsw.png
img.viva88athenae.com/pp/images/ 63 KB
0 232ms
232ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/pp/images/vs20fruitsw.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0fd921eb9cd4824e65f7d0fd2af8ba42595223a6c874534b94440670f89dd07

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6bce3e463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=86062
alt-svc: h3=":443"; ma=86400
content-length: 64370
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="vs20fruitsw.webp"
vary: Accept
last-modified: Tue, 01 Oct 2024 08:21:43 GMT

GET
H2 200 diaochan.png
img.viva88athenae.com/pg/images/ 20 KB
0 231ms
231ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/pg/images/diaochan.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66a84eebf8d1f072d566e0d4d76dab431205e5135d5d3267c6c1d90a476de1a2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6bce6e463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=23112
alt-svc: h3=":443"; ma=86400
content-length: 20420
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="diaochan.webp"
vary: Accept
last-modified: Fri, 04 Nov 2022 13:10:32 GMT

GET
H2 200 gem-saviour.png
img.viva88athenae.com/pg/images/ 19 KB
0 85ms
85ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/pg/images/gem-saviour.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7523659539bc3e77c2e9c5dd33ed8f56cdbb46ba282d955dd950258d3e1db7a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 1291
expires: Mon, 16 Dec 2024 14:17:37 GMT
cf-polished: origFmt=png, origSize=21416
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="gem-saviour.webp"
vary: Accept
last-modified: Fri, 04 Nov 2022 13:10:34 GMT
cache-control: public, max-age=14400
cf-ray: 8f2decb6bce7e463-OTP
accept-ranges: bytes
content-length: 19588
server: cloudflare

GET
H2 200 fortune-gods.png
img.viva88athenae.com/pg/images/ 19 KB
0 122ms
122ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/pg/images/fortune-gods.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cedc45605094170cf6f90d6227d1816216504ad1ca8b26c38376ea61cab95010

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 1643
expires: Mon, 16 Dec 2024 14:17:37 GMT
cf-polished: origFmt=png, origSize=21190
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="fortune-gods.webp"
vary: Accept
last-modified: Fri, 04 Nov 2022 13:10:33 GMT
cache-control: public, max-age=14400
cf-ray: 8f2decb6bce8e463-OTP
accept-ranges: bytes
content-length: 19646
server: cloudflare

GET
H2 200 medusa2.png
img.viva88athenae.com/pg/images/ 23 KB
0 158ms
158ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/pg/images/medusa2.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55f176c0cdf59b9f9b51893350da65675cb292b72f935a2012bd2183e54ed82f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 1291
expires: Mon, 16 Dec 2024 14:17:37 GMT
cf-polished: origFmt=png, origSize=25571
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="medusa2.webp"
vary: Accept
last-modified: Fri, 04 Nov 2022 13:10:36 GMT
cache-control: public, max-age=14400
cf-ray: 8f2decb6bce9e463-OTP
accept-ranges: bytes
content-length: 23580
server: cloudflare

GET
H2 200 medusa.png
img.viva88athenae.com/pg/images/ 20 KB
0 125ms
125ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/pg/images/medusa.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e43117ca573b423cc36d361a0eb652908f0af1a9532e4e2db658ee8edcbdf84

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 1291
expires: Mon, 16 Dec 2024 14:17:37 GMT
cf-polished: origFmt=png, origSize=22360
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="medusa.webp"
vary: Accept
last-modified: Fri, 04 Nov 2022 13:10:36 GMT
cache-control: public, max-age=14400
cf-ray: 8f2decb6bceae463-OTP
accept-ranges: bytes
content-length: 20244
server: cloudflare

GET
H2 200 wizdom-wonders.png
img.viva88athenae.com/pg/images/ 19 KB
0 231ms
231ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/pg/images/wizdom-wonders.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a84b9ef223533928ad19cf6ed510017edfffce1cb34c65b2d0efe58624be0d79

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6bcebe463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=20898
alt-svc: h3=":443"; ma=86400
content-length: 19424
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="wizdom-wonders.webp"
vary: Accept
last-modified: Fri, 04 Nov 2022 13:10:30 GMT

GET
H2 200 SGWildFlow.png
img.viva88athenae.com/hb/images/circle/ 66 KB
0 159ms
159ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/hb/images/circle/SGWildFlow.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9d9eeae9527a77a615148c782df998cca89ccd1b3a55eb758a04db4b9941fef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6bcece463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=89386
alt-svc: h3=":443"; ma=86400
content-length: 67528
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="SGWildFlow.webp"
vary: Accept
last-modified: Tue, 12 Mar 2024 05:57:13 GMT

GET
H2 200 SGVampiresFate.png
img.viva88athenae.com/hb/images/circle/ 49 KB
0 193ms
193ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/hb/images/circle/SGVampiresFate.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09f77f8c57d107f06a4bc31e3e749fbe90d8ecb7c4e82b5fbd8e8fd3d3fb4fad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6bcede463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=59605
alt-svc: h3=":443"; ma=86400
content-length: 50614
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="SGVampiresFate.webp"
vary: Accept
last-modified: Fri, 01 Mar 2024 06:58:53 GMT

GET
H2 200 SGHotHotSummer.png
img.viva88athenae.com/hb/images/circle/ 61 KB
0 275ms
275ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/hb/images/circle/SGHotHotSummer.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92c789ee556c6356ddbea9d45bd7e7de3526b411bd73e95570d1e16c86fc6bc5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6ecfee463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=70589
alt-svc: h3=":443"; ma=86400
content-length: 62204
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="SGHotHotSummer.webp"
vary: Accept
last-modified: Tue, 13 Feb 2024 09:02:30 GMT

GET
H2 200 SGFruityMayan.png
img.viva88athenae.com/hb/images/circle/ 65 KB
0 270ms
270ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/hb/images/circle/SGFruityMayan.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5fd7715aff3d238f458bb35c6fb19cb3ebe6bf524812fbd95f8f831441f5ad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6ed00e463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=87029
alt-svc: h3=":443"; ma=86400
content-length: 66332
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="SGFruityMayan.webp"
vary: Accept
last-modified: Tue, 16 Jan 2024 04:30:21 GMT

GET
H2 200 SGFruityHalloween.png
img.viva88athenae.com/hb/images/circle/ 71 KB
0 270ms
270ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/hb/images/circle/SGFruityHalloween.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89bf19455165ca0da37d00a9a7016ab19382df969f537c0267a5d83d340b032c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6ed01e463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=90116
alt-svc: h3=":443"; ma=86400
content-length: 73124
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="SGFruityHalloween.webp"
vary: Accept
last-modified: Tue, 31 Oct 2023 09:27:01 GMT

GET
H2 200 SGSlimeParty.png
img.viva88athenae.com/hb/images/circle/ 60 KB
0 273ms
273ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/hb/images/circle/SGSlimeParty.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4f7270079111bfd4aad32fa4361bbdd26f315f8ee62aea8182b1b7d5fdf7221

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6ed02e463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=78986
alt-svc: h3=":443"; ma=86400
content-length: 61550
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="SGSlimeParty.webp"
vary: Accept
last-modified: Wed, 18 Oct 2023 06:09:01 GMT

GET
H2

200

S-DW01.jpg
api-egame-staging.sgplay.net/thumbnail/
Redirect Chain

http://api-egame-staging.sgplay.net/thumbnail/S-DW01.jpg
https://api-egame-staging.sgplay.net/thumbnail/S-DW01.jpg

16 KB
0

0ms
0ms

Image
image/jpeg

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-egame-staging.sgplay.net/thumbnail/S-DW01.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b1040b4503c2191b346e3e9ae3a35ec8f6bdea62eb446e5f9aa5a556706e711

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-cache-status: HIT
etag: "658bdb7b-4091"
age: 58217
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BUexHyP5YzZlpCBdj%2FsjNtsoyEHFo%2FaFfbPiQlHChwqKApBCjAGce5Lw25H7ezRXR5amaWLO%2F%2BHVqrec4KIqECACvwjOZXpZwkhE9BA5O%2BGH8qzsPw6bE%2B2B5GrOxAQclrSEXKTRxS%2FoQl3aBwEr"}],"group":"cf-nel","max_age":604800}
expires: Mon, 15 Dec 2025 18:07:20 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=26163&min_rtt=26090&rtt_var=4252&sent=42&recv=10&lost=0&retrans=0&sent_bytes=40989&recv_bytes=2551&delivery_rate=152898&cwnd=253&unsent_bytes=0&cid=611cfd099e50ab8d&ts=189&x=0"
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/jpeg
last-modified: Wed, 27 Dec 2023 08:08:27 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f2decbab9fce467-OTP
accept-ranges: bytes
content-length: 16529
server: cloudflare

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://api-egame-staging.sgplay.net/thumbnail/S-DW01.jpg
Non-Authoritative-Reason: DNS

GET
H2

200

S-LK03.jpg
api-egame-staging.sgplay.net/thumbnail/
Redirect Chain

http://api-egame-staging.sgplay.net/thumbnail/S-LK03.jpg
https://api-egame-staging.sgplay.net/thumbnail/S-LK03.jpg

35 KB
0

0ms
0ms

Image
image/jpeg

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-egame-staging.sgplay.net/thumbnail/S-LK03.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8cd5103b615b93e648e926dfe8d3fbc537becb73c9351ce2411498ad12db0b3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-cache-status: HIT
etag: "63181960-8a41"
age: 58229
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ol2gFVUr9ShmThYQjqdvQQohk6mrLEhye67irCdTHpE4krbbb1faaEM6SKORo05VWB6P0WPL%2F4S2a1s%2FAveDBLcGy53Fc3YCziVD%2BovouHDbK2%2BjF8cXeSpoETUFktwlRNy1GXW3K5AUy8gco0%2Fz"}],"group":"cf-nel","max_age":604800}
expires: Mon, 15 Dec 2025 18:07:08 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=26163&min_rtt=26090&rtt_var=4252&sent=48&recv=10&lost=0&retrans=0&sent_bytes=48961&recv_bytes=2551&delivery_rate=152898&cwnd=253&unsent_bytes=21568&cid=611cfd099e50ab8d&ts=190&x=0"
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/jpeg
last-modified: Wed, 07 Sep 2022 04:09:04 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f2decbab9fee467-OTP
accept-ranges: bytes
content-length: 35393
server: cloudflare

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://api-egame-staging.sgplay.net/thumbnail/S-LK03.jpg
Non-Authoritative-Reason: DNS

GET
H2

200

S-RH02.jpg
api-egame-staging.sgplay.net/thumbnail/
Redirect Chain

http://api-egame-staging.sgplay.net/thumbnail/S-RH02.jpg
https://api-egame-staging.sgplay.net/thumbnail/S-RH02.jpg

33 KB
0

0ms
0ms

Image
image/jpeg

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-egame-staging.sgplay.net/thumbnail/S-RH02.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ebdf80237b424500a180e3e9545c1108c56611011ec54517bc92568eeb133c7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-cache-status: HIT
etag: "63181960-8299"
age: 58229
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6A03z3Fgigc83eSVFsW3SU0Bu%2Bm4FHv3cT44dmCs%2FRi3%2FxZCW%2FQNQM91mhESoZRzyr4VV60F0cXA5JVuZkvtK7YPmrXMni4Bi%2FEhvoqc5TeTd7n%2BFkT%2B10Xk2v3nzDNvAQX8a7R8wzpif8DWbOCa"}],"group":"cf-nel","max_age":604800}
expires: Mon, 15 Dec 2025 18:07:08 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=26163&min_rtt=26090&rtt_var=4252&sent=42&recv=10&lost=0&retrans=0&sent_bytes=40989&recv_bytes=2551&delivery_rate=152898&cwnd=253&unsent_bytes=17347&cid=611cfd099e50ab8d&ts=189&x=0"
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/jpeg
last-modified: Wed, 07 Sep 2022 04:09:04 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f2decbab9fae467-OTP
accept-ranges: bytes
content-length: 33433
server: cloudflare

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://api-egame-staging.sgplay.net/thumbnail/S-RH02.jpg
Non-Authoritative-Reason: DNS

GET
H2

200

S-RK02.jpg
api-egame-staging.sgplay.net/thumbnail/
Redirect Chain

http://api-egame-staging.sgplay.net/thumbnail/S-RK02.jpg
https://api-egame-staging.sgplay.net/thumbnail/S-RK02.jpg

34 KB
0

0ms
0ms

Image
image/jpeg

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-egame-staging.sgplay.net/thumbnail/S-RK02.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec10b83050a6193164366aa440a5f8d6dac6043624f509acd528abc0d39ddae3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-cache-status: HIT
etag: "63181960-882d"
age: 58229
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PZpESLZntswl7Ux1WGtcyhtotk6JYEoDiKQCzdKwLaJoik1DIMfB9Ss3efEiuEcnmoD8hPITH9nmNlPSzDxroYW%2Fog71de55dCEVDlvPMKgPd4%2FNwScojrNJtgbmBmdvCFiP2XB1EAzztS1%2BCA9J"}],"group":"cf-nel","max_age":604800}
expires: Mon, 15 Dec 2025 18:07:08 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=26163&min_rtt=26090&rtt_var=4252&sent=48&recv=10&lost=0&retrans=0&sent_bytes=48961&recv_bytes=2551&delivery_rate=152898&cwnd=253&unsent_bytes=21568&cid=611cfd099e50ab8d&ts=190&x=0"
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/jpeg
last-modified: Wed, 07 Sep 2022 04:09:04 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f2decbaba02e467-OTP
accept-ranges: bytes
content-length: 34861
server: cloudflare

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://api-egame-staging.sgplay.net/thumbnail/S-RK02.jpg
Non-Authoritative-Reason: DNS

GET
H2

200

S-CG02.jpg
api-egame-staging.sgplay.net/thumbnail/
Redirect Chain

http://api-egame-staging.sgplay.net/thumbnail/S-CG02.jpg
https://api-egame-staging.sgplay.net/thumbnail/S-CG02.jpg

37 KB
0

0ms
0ms

Image
image/jpeg

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-egame-staging.sgplay.net/thumbnail/S-CG02.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b175c69392e9610594de0ab3c4fa3a9513313942f3a95245d24ff5c6ca6ce6d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-cache-status: HIT
etag: "64d19e7f-9500"
age: 58217
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dZimkGlzopsrorRDKGjjI9%2BLqbGaJRuQ3DrLo4TBDFMWKCPVQaKf6SzaOrar8Q5OllpaRCVpr34csJj81zpzW7lkS5PWMZDeBNUYLL75fROkB%2BDB0xmmANeiT8t%2Bee7gqmHv85eFeZwP0Pjs1WFv"}],"group":"cf-nel","max_age":604800}
expires: Mon, 15 Dec 2025 18:07:20 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=26163&min_rtt=26090&rtt_var=4252&sent=48&recv=10&lost=0&retrans=0&sent_bytes=48961&recv_bytes=2551&delivery_rate=152898&cwnd=253&unsent_bytes=21568&cid=611cfd099e50ab8d&ts=189&x=0"
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/jpeg
last-modified: Tue, 08 Aug 2023 01:46:39 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f2decbaba00e467-OTP
accept-ranges: bytes
content-length: 38144
server: cloudflare

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://api-egame-staging.sgplay.net/thumbnail/S-CG02.jpg
Non-Authoritative-Reason: DNS

GET
H2

200

S-PW03.jpg
api-egame-staging.sgplay.net/thumbnail/
Redirect Chain

http://api-egame-staging.sgplay.net/thumbnail/S-PW03.jpg
https://api-egame-staging.sgplay.net/thumbnail/S-PW03.jpg

35 KB
0

0ms
0ms

Image
image/jpeg

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-egame-staging.sgplay.net/thumbnail/S-PW03.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 676d120d172dd00e4694ce12ddd396ab9441b0c3d26a66e6bfb8293e91d9cf96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-cache-status: HIT
etag: "63181960-8b67"
age: 58228
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u%2BlQpf3kgcEyHWoWLBWrB9%2F7Es04QB%2BjL9MVo0AqRHyvYZv4fh6AElrKIz095dOhmnd1ER1GGjcwZ36SgWBp0hDbHUxnebMo%2FwuJzpaUvRGdMqft5WMawkSQvAOVtrGjjUhy5daAB0dbSmKQActX"}],"group":"cf-nel","max_age":604800}
expires: Mon, 15 Dec 2025 18:07:09 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=26163&min_rtt=26090&rtt_var=4252&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3936&recv_bytes=2551&delivery_rate=152898&cwnd=253&unsent_bytes=0&cid=611cfd099e50ab8d&ts=188&x=0"
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/jpeg
last-modified: Wed, 07 Sep 2022 04:09:04 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f2decbab9f9e467-OTP
accept-ranges: bytes
content-length: 35687
server: cloudflare

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://api-egame-staging.sgplay.net/thumbnail/S-PW03.jpg
Non-Authoritative-Reason: DNS

GET
H/1.1 200
OK wixa8wsu4de7c.png
img.qiangmingbao.net/gameimages/landscape/ 74 KB
0 0ms
0ms Image
image/png 103.148.239.44
ANSPL-AS-AP Axclu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.qiangmingbao.net/gameimages/landscape/wixa8wsu4de7c.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.148.239.44 , Singapore, ASN132337 (ANSPL-AS-AP Axclusive, SG),
Reverse DNS
Software: /
Resource Hash: d9af82474404ae999509960540473b4b6fe3499e715a4467b150e4f7ce008b82

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

Access-Control-Max-Age: 31536000
X-CD-Ver: 202211
ETag: "e21e7f767ae8a3c7543c1a092da1dae8"
Age: 6302950
Access-Control-Allow-Methods: GET
Expires: Sat, 04 Oct 2025 11:28:28 GMT
X-Cache: HIT
X-Amz-Cf-Id: K5buLHa5ayBvZwwWa0VvX4hQPML86eEmFHpT0EzY-eUUEBGtvULT3A==
Date: Mon, 16 Dec 2024 10:17:39 GMT
Content-Type: image/png
Last-Modified: Mon, 04 Mar 2024 09:03:09 GMT
x-amz-meta-sha256: d9af82474404ae999509960540473b4b6fe3499e715a4467b150e4f7ce008b82
Access-Control-Allow-Headers: *
Cache-Control: max-age=31536000
x-amz-meta-s3b-last-modified: 20231004T073013Z
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 75980
X-Amz-Cf-Pop: SIN2-P3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK f1hywikkjprr1.png
img.qiangmingbao.net/gameimages/landscape/ 83 KB
0 0ms
0ms Image
image/png 103.148.239.44
ANSPL-AS-AP Axclu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.qiangmingbao.net/gameimages/landscape/f1hywikkjprr1.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.148.239.44 , Singapore, ASN132337 (ANSPL-AS-AP Axclusive, SG),
Reverse DNS
Software: /
Resource Hash: cdedd3079cda5eb76abdb54800b29dc21a24bbf688637fc45658dac7c86757e2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

Access-Control-Max-Age: 31536000
X-CD-Ver: 202211
ETag: "5264f6bafb32ff435ad105ca504c470e"
Age: 6302950
Access-Control-Allow-Methods: GET
Expires: Sat, 04 Oct 2025 11:28:28 GMT
X-Cache: HIT
X-Amz-Cf-Id: W9KCwRXBiMSBqkvvnQIpOMUjuAVHX3ZNLTRYY0LRdwvjb9uXakV-5w==
Date: Mon, 16 Dec 2024 10:17:39 GMT
Content-Type: image/png
Last-Modified: Wed, 24 Jan 2024 11:37:52 GMT
x-amz-meta-sha256: cdedd3079cda5eb76abdb54800b29dc21a24bbf688637fc45658dac7c86757e2
Access-Control-Allow-Headers: *
Cache-Control: max-age=31536000
x-amz-meta-s3b-last-modified: 20231215T024956Z
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 85076
X-Amz-Cf-Pop: SIN2-P3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK ysj1ghuuqbazc.png
img.qiangmingbao.net/gameimages/landscape/ 80 KB
0 0ms
0ms Image
image/png 103.148.239.44
ANSPL-AS-AP Axclu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.qiangmingbao.net/gameimages/landscape/ysj1ghuuqbazc.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.148.239.44 , Singapore, ASN132337 (ANSPL-AS-AP Axclusive, SG),
Reverse DNS
Software: /
Resource Hash: e3eff9d210c9b8e2ab65d6d2eafab66dff7bd2c01a0c574133cea76ffb82e00d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

Access-Control-Max-Age: 31536000
X-CD-Ver: 202211
ETag: "d812bed9e0326855ad5e1cb7d6f9867b"
Age: 6302950
Access-Control-Allow-Methods: GET
Expires: Sat, 04 Oct 2025 11:28:28 GMT
X-Cache: HIT
X-Amz-Cf-Id: WWYtkFSPe2db8axGFzHUHoXaVCy7gJfig5NYHLsC9OiGhLa3rE1whQ==
Date: Mon, 16 Dec 2024 10:17:39 GMT
Content-Type: image/png
Last-Modified: Wed, 24 Jan 2024 11:37:52 GMT
x-amz-meta-sha256: e3eff9d210c9b8e2ab65d6d2eafab66dff7bd2c01a0c574133cea76ffb82e00d
Access-Control-Allow-Headers: *
Cache-Control: max-age=31536000
x-amz-meta-s3b-last-modified: 20231213T073432Z
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 81803
X-Amz-Cf-Pop: SIN2-P3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK jxcs1pbifei1o.png
img.qiangmingbao.net/gameimages/landscape/ 84 KB
0 0ms
0ms Image
image/png 103.148.239.44
ANSPL-AS-AP Axclu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.qiangmingbao.net/gameimages/landscape/jxcs1pbifei1o.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.148.239.44 , Singapore, ASN132337 (ANSPL-AS-AP Axclusive, SG),
Reverse DNS
Software: /
Resource Hash: 67be67cc4fd9db44372239a8ea5fc07095722bafa29e57229ab20b7eebdb9d2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

Access-Control-Max-Age: 31536000
X-CD-Ver: 202211
ETag: "422fa9305cc6d4738db2da61093786e5"
Age: 6302950
Access-Control-Allow-Methods: GET
Expires: Sat, 04 Oct 2025 11:28:28 GMT
X-Cache: HIT
X-Amz-Cf-Id: ni4M2YCqXV-dgu1J-Y_0EjSFWNoOxg9-Au8Mov02F6Ucur3C5E4d8w==
Date: Mon, 16 Dec 2024 10:17:39 GMT
Content-Type: image/png
Last-Modified: Wed, 24 Jan 2024 11:37:52 GMT
x-amz-meta-sha256: 67be67cc4fd9db44372239a8ea5fc07095722bafa29e57229ab20b7eebdb9d2a
Access-Control-Allow-Headers: *
Cache-Control: max-age=31536000
x-amz-meta-s3b-last-modified: 20231214T100351Z
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 85835
X-Amz-Cf-Pop: SIN2-P3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK 1abm3a9yh8uqq.png
img.qiangmingbao.net/gameimages/landscape/ 82 KB
0 0ms
0ms Image
image/png 103.148.239.44
ANSPL-AS-AP Axclu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.qiangmingbao.net/gameimages/landscape/1abm3a9yh8uqq.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.148.239.44 , Singapore, ASN132337 (ANSPL-AS-AP Axclusive, SG),
Reverse DNS
Software: /
Resource Hash: c7943f023102af18c12250036088dcefe1d5f955765972d1f2036acab523464f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

Access-Control-Max-Age: 31536000
X-CD-Ver: 202211
ETag: "bd158b12e4ad5ef53b26a53939cb5bb8"
Age: 6302950
Access-Control-Allow-Methods: GET
Expires: Sat, 04 Oct 2025 11:28:28 GMT
X-Cache: HIT
X-Amz-Cf-Id: rBv3AWP3uBVGOHgJmST-2x_36gAzQEtZ3Kc3EmouRAVnp7DHl4Jdbg==
Date: Mon, 16 Dec 2024 10:17:39 GMT
Content-Type: image/png
Last-Modified: Wed, 24 Jan 2024 11:37:52 GMT
x-amz-meta-sha256: c7943f023102af18c12250036088dcefe1d5f955765972d1f2036acab523464f
Access-Control-Allow-Headers: *
Cache-Control: max-age=31536000
x-amz-meta-s3b-last-modified: 20231215T112344Z
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 83622
X-Amz-Cf-Pop: SIN2-P3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK ynknc6m6x7684.png
img.qiangmingbao.net/gameimages/landscape/ 78 KB
0 0ms
0ms Image
image/png 103.148.239.44
ANSPL-AS-AP Axclu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.qiangmingbao.net/gameimages/landscape/ynknc6m6x7684.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.148.239.44 , Singapore, ASN132337 (ANSPL-AS-AP Axclusive, SG),
Reverse DNS
Software: /
Resource Hash: fbef64d2867f18e33b9430b813ae93961ecf565dd5da9dfe7228907db9e63009

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

Access-Control-Max-Age: 31536000
X-CD-Ver: 202211
ETag: "aa976cc192d3e6bcb4d778a9294150a6"
Age: 6302935
Access-Control-Allow-Methods: GET
Expires: Sat, 04 Oct 2025 11:28:43 GMT
X-Cache: HIT
X-Amz-Cf-Id: sl8x8AUivqMoJp8GinPhg0S2a78Eshh3XOegehCUw_AWzx3-PQR96g==
Date: Mon, 16 Dec 2024 10:17:39 GMT
Content-Type: image/png
Last-Modified: Thu, 16 Nov 2023 13:05:14 GMT
x-amz-meta-sha256: fbef64d2867f18e33b9430b813ae93961ecf565dd5da9dfe7228907db9e63009
Access-Control-Allow-Headers: *
Cache-Control: max-age=31536000
x-amz-meta-s3b-last-modified: 20231011T032744Z
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 79912
X-Amz-Cf-Pop: SIN2-P3
x-amz-server-side-encryption: AES256

GET
H2

200

SMG_almightyZeusWilds.png
file.32828a.com/images/MD/MP/en-US/
Redirect Chain

http://file.32828a.com/images/MD/MP/en-US/SMG_almightyZeusWilds.png
https://file.32828a.com/images/MD/MP/en-US/SMG_almightyZeusWilds.png

91 KB
0

0ms
0ms

Image
image/png

104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/MP/en-US/SMG_almightyZeusWilds.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f933f79a85c898d47d4679dbe3ca4cc8008c67c58731f91550b239c8c1781331

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: REVALIDATED
etag: "412e68929860da1:0"
cf-ray: 8f2decc1288cc9cf-OTP
expires: Mon, 16 Dec 2024 14:17:39 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 92851
date: Mon, 16 Dec 2024 10:17:39 GMT
content-type: image/png
last-modified: Fri, 16 Feb 2024 05:25:36 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://file.32828a.com/images/MD/MP/en-US/SMG_almightyZeusWilds.png
Non-Authoritative-Reason: DNS

GET
H2

200

SMG_crazyRichTigers.png
file.32828a.com/images/MD/MP/en-US/
Redirect Chain

http://file.32828a.com/images/MD/MP/en-US/SMG_crazyRichTigers.png
https://file.32828a.com/images/MD/MP/en-US/SMG_crazyRichTigers.png

97 KB
0

1ms
1ms

Image
image/png

104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/MP/en-US/SMG_crazyRichTigers.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0268b8e9d84e82e5e12508d8ee42bf87987cdbd4005286cd799fb6a72092c95c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: REVALIDATED
etag: "f16e682b9960da1:0"
cf-ray: 8f2decc1288dc9cf-OTP
expires: Mon, 16 Dec 2024 14:17:39 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 99201
date: Mon, 16 Dec 2024 10:17:39 GMT
content-type: image/png
last-modified: Fri, 16 Feb 2024 05:29:53 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://file.32828a.com/images/MD/MP/en-US/SMG_crazyRichTigers.png
Non-Authoritative-Reason: DNS

GET
H2

200

SMG_chroniclesOfOlympusIIZeus.png
file.32828a.com/images/MD/MP/en-US/
Redirect Chain

http://file.32828a.com/images/MD/MP/en-US/SMG_chroniclesOfOlympusIIZeus.png
https://file.32828a.com/images/MD/MP/en-US/SMG_chroniclesOfOlympusIIZeus.png

94 KB
0

1ms
1ms

Image
image/png

104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/MP/en-US/SMG_chroniclesOfOlympusIIZeus.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2da03dc2c83144a601ae50987e8e09e016a4a921167b755586ed421f767bf6fa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: REVALIDATED
etag: "5431e5d2a943da1:0"
cf-ray: 8f2decc1288ac9cf-OTP
expires: Mon, 16 Dec 2024 14:17:39 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96624
date: Mon, 16 Dec 2024 10:17:39 GMT
content-type: image/png
last-modified: Wed, 10 Jan 2024 09:46:02 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://file.32828a.com/images/MD/MP/en-US/SMG_chroniclesOfOlympusIIZeus.png
Non-Authoritative-Reason: DNS

GET
H2

200

SMG_fireAndRosesJollyJoker.png
file.32828a.com/images/MD/MP/en-US/
Redirect Chain

http://file.32828a.com/images/MD/MP/en-US/SMG_fireAndRosesJollyJoker.png
https://file.32828a.com/images/MD/MP/en-US/SMG_fireAndRosesJollyJoker.png

95 KB
0

0ms
0ms

Image
image/png

104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/MP/en-US/SMG_fireAndRosesJollyJoker.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e1d6dc1fb1dce28020a92d2f89f93eaf0da3684614b1dc424a5771557e4f19e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: REVALIDATED
etag: "cb433a3daa43da1:0"
cf-ray: 8f2decc1288bc9cf-OTP
expires: Mon, 16 Dec 2024 14:17:39 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 97162
date: Mon, 16 Dec 2024 10:17:39 GMT
content-type: image/png
last-modified: Wed, 10 Jan 2024 09:49:01 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://file.32828a.com/images/MD/MP/en-US/SMG_fireAndRosesJollyJoker.png
Non-Authoritative-Reason: DNS

GET
H2

200

SMG_goldBlitzExtreme.png
file.32828a.com/images/MD/MP/en-US/
Redirect Chain

http://file.32828a.com/images/MD/MP/en-US/SMG_goldBlitzExtreme.png
https://file.32828a.com/images/MD/MP/en-US/SMG_goldBlitzExtreme.png

105 KB
0

0ms
0ms

Image
image/png

104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/MP/en-US/SMG_goldBlitzExtreme.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: beb2de5e526219d206a738f00445c1ebbe673ec646453d4334bf7c8ef40cd34d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: REVALIDATED
etag: "e83f6745ac43da1:0"
cf-ray: 8f2decc6e9bec9cf-OTP
expires: Mon, 16 Dec 2024 14:17:40 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 107417
date: Mon, 16 Dec 2024 10:17:40 GMT
content-type: image/png
last-modified: Wed, 10 Jan 2024 10:03:33 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://file.32828a.com/images/MD/MP/en-US/SMG_goldBlitzExtreme.png
Non-Authoritative-Reason: DNS

GET
H2

200

SMG_miningPotsOfGold.png
file.32828a.com/images/MD/MP/en-US/
Redirect Chain

http://file.32828a.com/images/MD/MP/en-US/SMG_miningPotsOfGold.png
https://file.32828a.com/images/MD/MP/en-US/SMG_miningPotsOfGold.png

98 KB
0

0ms
0ms

Image
image/png

104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/MP/en-US/SMG_miningPotsOfGold.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1381de4140f90dcd7c7e839383719ece1a256ae6d12e6c6e9da7fea650264847

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: REVALIDATED
etag: "35e0a6d69960da1:0"
cf-ray: 8f2decc6e9bfc9cf-OTP
expires: Mon, 16 Dec 2024 14:17:40 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 99944
date: Mon, 16 Dec 2024 10:17:40 GMT
content-type: image/png
last-modified: Fri, 16 Feb 2024 05:34:40 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://file.32828a.com/images/MD/MP/en-US/SMG_miningPotsOfGold.png
Non-Authoritative-Reason: DNS

GET
H2 200 2.png
img.viva88athenae.com/jl/images/ 22 KB
0 268ms
268ms Image
image/png 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/jl/images/2.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea37bf3e3d469a369e4a565577126849801d213e39e3640369f27c98bd7b8f2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6ed03e463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origSize=25719, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 22125
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/png
last-modified: Mon, 11 Nov 2024 07:31:30 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 4.png
img.viva88athenae.com/jl/images/ 22 KB
0 296ms
296ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/jl/images/4.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24ed87f4cbd36757e004a68209778835cdac1212ff483130797e6989e5fe0393

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6ed04e463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=25840
alt-svc: h3=":443"; ma=86400
content-length: 22908
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="4.webp"
vary: Accept
last-modified: Mon, 11 Nov 2024 07:31:41 GMT

GET
H2 200 5.png
img.viva88athenae.com/jl/images/ 20 KB
0 229ms
229ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/jl/images/5.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bd28c513ad9c9826fcd23d2a06281ade00d9fbb55e939a902c9782101970097

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6ed05e463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=23249
alt-svc: h3=":443"; ma=86400
content-length: 20684
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="5.webp"
vary: Accept
last-modified: Mon, 11 Nov 2024 07:31:45 GMT

GET
H2 200 6.png
img.viva88athenae.com/jl/images/ 25 KB
0 229ms
229ms Image
image/png 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/jl/images/6.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a894ca4eb98b94dd64c4932a00556251a255d1eb577880df7cd2a98e2cb1b72

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6ed06e463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origSize=28181, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 25773
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/png
last-modified: Mon, 11 Nov 2024 07:31:45 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 9.png
img.viva88athenae.com/jl/images/ 25 KB
0 267ms
267ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/jl/images/9.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 528f7fa864a82947b89c2af67290bdc7b54457a83ef89b5dea4e887820cb6b22

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6ed07e463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=28570
alt-svc: h3=":443"; ma=86400
content-length: 25904
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="9.webp"
vary: Accept
last-modified: Mon, 11 Nov 2024 07:31:49 GMT

GET
H2 200 10.png
img.viva88athenae.com/jl/images/ 18 KB
0 269ms
269ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/jl/images/10.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a148a6403cfac93daca5103a58584b7373e4e532deec70f7d2a5fa8e7a068216

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6ed09e463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=21217
alt-svc: h3=":443"; ma=86400
content-length: 18326
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="10.webp"
vary: Accept
last-modified: Mon, 11 Nov 2024 07:30:59 GMT

GET
H2 200 14091_en.png
dlntdk2it99.anhuidingyue.com/jdb-assetsv3/games/14091/ 29 KB
318 B 319ms
77ms Image
image/png 163.181.92.234
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dlntdk2it99.anhuidingyue.com/jdb-assetsv3/games/14091/14091_en.png

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

163.181.92.234 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

7c677bb947094453f01adc8c07141268f0118aeb353aea712372d885705a5183

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

etag: "66ea2630-748c"
age: 7440929
access-control-allow-methods: GET, POST, OPTIONS
x-cache: HIT TCP_IMS_HIT dirn:-2:-2
date: Sat, 21 Sep 2024 07:22:18 GMT
last-modified: Wed, 18 Sep 2024 01:00:32 GMT
content-type: image/png
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,BB,BB-Forwarded,UB,Authorization,Edge-Cache-Tag
strict-transport-security: max-age=5184000; includeSubDomains
x-swift-cachetime: 9886403
timing-allow-origin: *
via: ens-cache8.l2de3[0,0,200-0,H], ens-cache17.l2de3[2,0], ens-cache4.de5[0,0,304-0,H], ens-cache6.de5[5,0]
ali-swift-global-savetime: 1726903338
x-swift-savetime: Mon, 25 Nov 2024 21:08:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9a17343442670777490e
content-length: 29836
server: Tengine

GET
H2 200 14090_en.png
dlntdk2it99.anhuidingyue.com/jdb-assetsv3/games/14090/ 34 KB
188 B 353ms
76ms Image
image/png 163.181.92.234
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dlntdk2it99.anhuidingyue.com/jdb-assetsv3/games/14090/14090_en.png

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

163.181.92.234 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

872509d28d0e980320423b89fb35ecacff81bb9be80889f2e0b280d51c82a604

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

etag: "6716f932-86e3"
age: 4783818
access-control-allow-methods: GET, POST, OPTIONS
x-cache: HIT TCP_IMS_HIT dirn:-2:-2
date: Tue, 22 Oct 2024 01:27:29 GMT
last-modified: Tue, 22 Oct 2024 01:00:34 GMT
content-type: image/png
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,BB,BB-Forwarded,UB,Authorization,Edge-Cache-Tag
strict-transport-security: max-age=5184000; includeSubDomains
x-swift-cachetime: 11597642
timing-allow-origin: *
via: cache18.l2fr1[0,0,200-0,H], cache5.l2fr1[1,0], ens-cache6.de5[0,0,304-0,H], ens-cache6.de5[6,0]
ali-swift-global-savetime: 1729560449
x-swift-savetime: Fri, 06 Dec 2024 19:53:27 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9a17343442671107690e
content-length: 34531
server: Tengine

GET
H2 200 14089_en.png
dlntdk2it99.anhuidingyue.com/jdb-assetsv3/games/14089/ 33 KB
154 B 354ms
76ms Image
image/png 163.181.92.234
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dlntdk2it99.anhuidingyue.com/jdb-assetsv3/games/14089/14089_en.png

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

163.181.92.234 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

74a8b1968bf8bca40ecfbf6549c6c399e3143e14d0024bffd51f4a4b04c5119d

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

etag: "6716f932-853c"
age: 4781335
access-control-allow-methods: GET, POST, OPTIONS
x-cache: HIT TCP_IMS_HIT dirn:-2:-2
date: Tue, 22 Oct 2024 02:08:52 GMT
last-modified: Tue, 22 Oct 2024 01:00:34 GMT
content-type: image/png
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,BB,BB-Forwarded,UB,Authorization,Edge-Cache-Tag
strict-transport-security: max-age=5184000; includeSubDomains
x-swift-cachetime: 10791141
timing-allow-origin: *
via: ens-cache2.l2de3[0,0,200-0,H], ens-cache15.l2de3[1,0], ens-cache12.de5[0,0,304-0,H], ens-cache6.de5[7,0]
ali-swift-global-savetime: 1729562932
x-swift-savetime: Mon, 16 Dec 2024 04:36:31 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9a17343442671107695e
content-length: 34108
server: Tengine

GET
H2 200 14086_en.png
dlntdk2it99.anhuidingyue.com/jdb-assetsv3/games/14086/ 36 KB
148 B 310ms
108ms Image
image/png 163.181.92.234
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dlntdk2it99.anhuidingyue.com/jdb-assetsv3/games/14086/14086_en.png

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

163.181.92.234 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

6e08483bc3be8ea7f9f047a74339d2ce41e15406b046a8aae565574de8e56313

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

etag: "6716f932-8e67"
age: 4783818
access-control-allow-methods: GET, POST, OPTIONS
x-cache: HIT TCP_IMS_HIT dirn:-2:-2
date: Tue, 22 Oct 2024 01:27:29 GMT
last-modified: Tue, 22 Oct 2024 01:00:34 GMT
content-type: image/png
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,BB,BB-Forwarded,UB,Authorization,Edge-Cache-Tag
strict-transport-security: max-age=5184000; includeSubDomains
x-swift-cachetime: 12130239
timing-allow-origin: *
via: cache13.l2fr1[0,0,200-0,H], cache38.l2fr1[1,0], ens-cache5.de5[0,0,304-0,H], ens-cache6.de5[3,0]
ali-swift-global-savetime: 1729560449
x-swift-savetime: Sat, 30 Nov 2024 15:56:50 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9a17343442670377239e
content-length: 36455
server: Tengine

GET
H2 200 14087_en.png
dlntdk2it99.anhuidingyue.com/jdb-assetsv3/games/14087/ 25 KB
185 B 313ms
74ms Image
image/png 163.181.92.234
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dlntdk2it99.anhuidingyue.com/jdb-assetsv3/games/14087/14087_en.png

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

163.181.92.234 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

7a10c5720d463fab133069ca3b9cca667989feb341c55f901c7a67ba59f96372

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

etag: "6716f932-6482"
age: 4781335
access-control-allow-methods: GET, POST, OPTIONS
x-cache: HIT TCP_IMS_HIT dirn:-2:-2
date: Tue, 22 Oct 2024 02:08:52 GMT
last-modified: Tue, 22 Oct 2024 01:00:34 GMT
content-type: image/png
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,BB,BB-Forwarded,UB,Authorization,Edge-Cache-Tag
strict-transport-security: max-age=5184000; includeSubDomains
x-swift-cachetime: 14395793
timing-allow-origin: *
via: ens-cache9.l2de3[0,0,200-0,H], ens-cache2.l2de3[2,0], ens-cache10.de5[0,0,304-0,H], ens-cache6.de5[4,0]
ali-swift-global-savetime: 1729562932
x-swift-savetime: Mon, 04 Nov 2024 11:18:59 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9a17343442670737458e
content-length: 25730
server: Tengine

GET
H2 200 14085_en.png
dlntdk2it99.anhuidingyue.com/jdb-assetsv3/games/14085/ 26 KB
172 B 309ms
143ms Image
image/png 163.181.92.234
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dlntdk2it99.anhuidingyue.com/jdb-assetsv3/games/14085/14085_en.png

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

163.181.92.234 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

def4ce81ae76f3d11f3a12a52bf0f4c4536b37614bab2edce5d3eadc00c4a711

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

etag: "6716f932-687e"
age: 4783819
access-control-allow-methods: GET, POST, OPTIONS
x-cache: HIT TCP_IMS_HIT dirn:-2:-2
date: Tue, 22 Oct 2024 01:27:28 GMT
last-modified: Tue, 22 Oct 2024 01:00:34 GMT
content-type: image/png
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,BB,BB-Forwarded,UB,Authorization,Edge-Cache-Tag
strict-transport-security: max-age=5184000; includeSubDomains
x-swift-cachetime: 12889057
timing-allow-origin: *
via: cache23.l2fr1[0,0,200-0,H], cache24.l2fr1[1,0], ens-cache4.de5[0,0,304-0,H], ens-cache6.de5[10,0]
ali-swift-global-savetime: 1729560448
x-swift-savetime: Thu, 21 Nov 2024 21:09:51 GMT
accept-ranges: bytes
access-control-allow-origin: *
eagleid: a3b55c9a17343442670017059e
content-length: 26750
server: Tengine

GET
H2 200 icon_10001_200x200_bkg_EN.jpg
game.thbinn.online/icon/10001/200x200/ 22 KB
0 1ms
1ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://game.thbinn.online/icon/10001/200x200/icon_10001_200x200_bkg_EN.jpg?1713448404
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e35251d6654086ffa067cde149a004bec4da189a792d43fa6b86569f032a5fb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-bgj: imgq:85,h2pri
etag: "643cd8be-1a67a"
cf-cache-status: HIT
expires: Wed, 18 Dec 2024 10:17:41 GMT
cf-polished: degrade=85, origSize=108154
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 10:17:41 GMT
content-type: image/jpeg
last-modified: Mon, 17 Apr 2023 05:27:26 GMT
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 8f2deccaff7e0538-OTP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22228
server: cloudflare

GET
H2 200 icon_10002_200x200_bkg_EN.jpg
game.thbinn.online/icon/10002/200x200/ 19 KB
0 1ms
1ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://game.thbinn.online/icon/10002/200x200/icon_10002_200x200_bkg_EN.jpg?1713448404
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 554a55ee4610693a930ca8af518ed0cf4281d8a458390f1e3f57c2e3472d154a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-bgj: imgq:85,h2pri
etag: "643ca91a-78de"
cf-cache-status: HIT
expires: Wed, 18 Dec 2024 10:17:41 GMT
cf-polished: degrade=85, origSize=30942
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 10:17:41 GMT
content-type: image/jpeg
last-modified: Mon, 17 Apr 2023 02:04:10 GMT
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 8f2deccaff7f0538-OTP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19849
server: cloudflare

GET
H2 200 icon_19001_200x200_bkg_EN.jpg
game.thbinn.online/icon/19001/200x200/ 24 KB
0 1ms
1ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://game.thbinn.online/icon/19001/200x200/icon_19001_200x200_bkg_EN.jpg?1713448404
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89ced59147d0e22f6e9c7d443b74087181faa8d7309fccab4875fdbc66fbfd7f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-bgj: imgq:85,h2pri
etag: "643ca911-93a4"
cf-cache-status: HIT
expires: Wed, 18 Dec 2024 10:17:41 GMT
cf-polished: degrade=85, origSize=37796
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 10:17:41 GMT
content-type: image/jpeg
last-modified: Mon, 17 Apr 2023 02:04:01 GMT
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 8f2deccb2f950538-OTP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24070
server: cloudflare

GET
H2 200 icon_19002_200x200_bkg_EN.jpg
game.thbinn.online/icon/19002/200x200/ 25 KB
0 2ms
2ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://game.thbinn.online/icon/19002/200x200/icon_19002_200x200_bkg_EN.jpg?1713448404
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2c5d04eb7e176102414247143e08fe742d63ad2b1f83b7a3fd5f510825707d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-bgj: imgq:85,h2pri
etag: "643ca90f-9fbc"
cf-cache-status: HIT
expires: Wed, 18 Dec 2024 10:17:41 GMT
cf-polished: degrade=85, origSize=40892
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 10:17:41 GMT
content-type: image/jpeg
last-modified: Mon, 17 Apr 2023 02:03:59 GMT
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 8f2deccb2f970538-OTP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25897
server: cloudflare

GET
H2 200 icon_10005_200x200_bkg_EN.jpg
game.thbinn.online/icon/10005/200x200/ 25 KB
0 2ms
2ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://game.thbinn.online/icon/10005/200x200/icon_10005_200x200_bkg_EN.jpg?1713448404
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3aa56fd6df7716aaf86dadb3bd94dad64f39f6eadc1df87edfcbe3b35ff2af2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-bgj: imgq:85,h2pri
etag: "643ca91e-9af4"
cf-cache-status: HIT
expires: Wed, 18 Dec 2024 10:17:41 GMT
cf-polished: degrade=85, origSize=39668
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 10:17:41 GMT
content-type: image/jpeg
last-modified: Mon, 17 Apr 2023 02:04:14 GMT
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 8f2deccb2f980538-OTP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25971
server: cloudflare

GET
H2 200 icon_19003_200x200_bkg_EN.jpg
game.thbinn.online/icon/19003/200x200/ 27 KB
0 3ms
2ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://game.thbinn.online/icon/19003/200x200/icon_19003_200x200_bkg_EN.jpg?1713448404
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 644da6a85bc4de667c5243374ccfd1730df89f1865dd5bf80ee53b884f69593d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-bgj: imgq:85,h2pri
etag: "643ca912-a93c"
cf-cache-status: HIT
expires: Wed, 18 Dec 2024 10:17:41 GMT
cf-polished: degrade=85, origSize=43324
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 10:17:41 GMT
content-type: image/jpeg
last-modified: Mon, 17 Apr 2023 02:04:02 GMT
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 8f2deccb2f990538-OTP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27848
server: cloudflare

GET
H2 200 Age%20of%20the%20Gods%20God%20of%20Storms%20III.jpg
gsmd.336699bet.com/lobby/gamelist/image/px/en-us/ 119 KB
0 14ms
13ms Image
image/jpeg 172.67.74.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gsmd.336699bet.com/lobby/gamelist/image/px/en-us/Age%20of%20the%20Gods%20God%20of%20Storms%20III.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3c534f17f7f6514855e3b8091e82f321c0cafd1a6ae77dc6ba8b39d80405a8db

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "286fa45283ddda1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FguaCZLZ5giwt2OCdT%2FfUXfPbPdSHauZHaMOYBUBpHvUidhGwfWZZ50ZyvsB5WsE8BTqrzDfQmRgA1IbupRAUM57CrUiN4GYDNjXni0Ds%2BJfyA241nh23FFZFSKZREmKJAHQrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f2decceee44e4b9-OTP
accept-ranges: bytes
server-timing: cfL4;desc="?proto=TCP&rtt=27394&min_rtt=26521&rtt_var=4783&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3993&recv_bytes=2813&delivery_rate=144681&cwnd=253&unsent_bytes=0&cid=34c8ac69e026825e&ts=1217&x=0"
content-length: 121735
date: Mon, 16 Dec 2024 10:17:41 GMT
content-type: image/jpeg
last-modified: Wed, 24 Jul 2024 04:38:25 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 Divine%209.jpg
gsmd.336699bet.com/lobby/gamelist/image/px/en-us/ 86 KB
0 14ms
14ms Image
image/jpeg 172.67.74.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gsmd.336699bet.com/lobby/gamelist/image/px/en-us/Divine%209.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c2f0664f5df5358ec469df522b81e6098582c650361755985c0bf140e7ef8d4b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "2480db5283ddda1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bd75Cc%2FARhwSxlkLidOnOCCP7JSDZMvCJ6JtbG5bpzvFVABK%2BzwxZ2osGLwZJasWZHAHHrBzX29thmYGh%2BV6%2FpUv8OZZ7ap088wi45qcp0WyrBPa0MUH%2BaPOi4IW2FVTPzxQNA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f2decceee42e4b9-OTP
accept-ranges: bytes
server-timing: cfL4;desc="?proto=TCP&rtt=27394&min_rtt=26521&rtt_var=4783&sent=48&recv=11&lost=0&retrans=0&sent_bytes=49049&recv_bytes=2813&delivery_rate=144681&cwnd=253&unsent_bytes=3609&cid=34c8ac69e026825e&ts=1219&x=0"
content-length: 88540
date: Mon, 16 Dec 2024 10:17:41 GMT
content-type: image/jpeg
last-modified: Wed, 24 Jul 2024 04:38:26 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 Lock%20&%20Hit%20Red%20Knight.jpg
gsmd.336699bet.com/lobby/gamelist/image/px/en-us/ 110 KB
0 14ms
14ms Image
image/jpeg 172.67.74.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gsmd.336699bet.com/lobby/gamelist/image/px/en-us/Lock%20&%20Hit%20Red%20Knight.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 332a837ede916219ee9bf2d600c6577f5f0f1db95dd8f9f53e762252f982c3b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "abe9335383ddda1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YTMoH0UsA7Q1lP9D6Hn%2Bl79mA%2Blzz%2F0kuryrCH6OtW%2FRsb1CWZy9WGherThvM7AP9%2Baada6ME0u2N3oXsnY8ZCHwSB0tZhzqeV%2Bc2LRdrMJwu%2BM1Va6Xs4mGha2RNjQfQGsgbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f2decd29c79e4b9-OTP
accept-ranges: bytes
server-timing: cfL4;desc="?proto=TCP&rtt=26207&min_rtt=25985&rtt_var=92&sent=216&recv=62&lost=0&retrans=0&sent_bytes=265199&recv_bytes=2813&delivery_rate=4171509&cwnd=285&unsent_bytes=0&cid=34c8ac69e026825e&ts=1810&x=0"
content-length: 112976
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/jpeg
last-modified: Wed, 24 Jul 2024 04:38:26 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 Hit%20Bar%20Gold.jpg
gsmd.336699bet.com/lobby/gamelist/image/px/en-us/ 159 KB
0 14ms
14ms Image
image/jpeg 172.67.74.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gsmd.336699bet.com/lobby/gamelist/image/px/en-us/Hit%20Bar%20Gold.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9c2e164067aa0ae27eda68953a52b02f17869b82a5235c4843be53055948c902

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "af6f65383ddda1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vi%2B1HhpkZFqBdKhsAUQwpXQor7ro3dVcndMrCU9Fbvg2LLtERdQfSNuUrz8nyWX8m3T87ttD30vorn1%2Bc5888PAYKc7LM1CbuRxHtjpYa5pyxWYgAeNu%2FcJ2fooTsLr4ssQfcg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f2decd29c7ae4b9-OTP
accept-ranges: bytes
server-timing: cfL4;desc="?proto=TCP&rtt=26207&min_rtt=25985&rtt_var=92&sent=178&recv=62&lost=0&retrans=0&sent_bytes=217435&recv_bytes=2813&delivery_rate=4171509&cwnd=285&unsent_bytes=0&cid=34c8ac69e026825e&ts=1808&x=0"
content-length: 162439
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/jpeg
last-modified: Wed, 24 Jul 2024 04:38:26 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 Ready%20to%20Blow%20Thundershots.jpg
gsmd.336699bet.com/lobby/gamelist/image/px/en-us/ 116 KB
0 15ms
15ms Image
image/jpeg 172.67.74.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gsmd.336699bet.com/lobby/gamelist/image/px/en-us/Ready%20to%20Blow%20Thundershots.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 474ac05ab8926870ec4fe034227e2e85fa05144f5e2393be074b3ccf663fb565

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "f4d555383ddda1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OaDW7dsML%2Fz35dE2ff5QieGfChGTu2C7bZM4xtIS0IcXaiAYF6Tux4TXKQ4QR8ri%2BXDaGhabzlAaBWK3tDIA0RZxLeqkcADaC%2B0l2lEEDS3c1ouh%2BfKi4c%2B4LJDvaeS8SoErdg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f2decd29c7be4b9-OTP
accept-ranges: bytes
server-timing: cfL4;desc="?proto=TCP&rtt=26207&min_rtt=25985&rtt_var=92&sent=279&recv=62&lost=0&retrans=0&sent_bytes=344259&recv_bytes=2813&delivery_rate=4171509&cwnd=285&unsent_bytes=0&cid=34c8ac69e026825e&ts=1817&x=0"
content-length: 118633
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/jpeg
last-modified: Wed, 24 Jul 2024 04:38:26 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 Buffalo%20Blitz%20Mega%20Merge.jpg
gsmd.336699bet.com/lobby/gamelist/image/px/en-us/ 146 KB
0 15ms
15ms Image
image/jpeg 172.67.74.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gsmd.336699bet.com/lobby/gamelist/image/px/en-us/Buffalo%20Blitz%20Mega%20Merge.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e2fad1f507ab29cbc17faa1416ed58ffb2a7d3a09efb9fbde5266789ddb30dff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "e960cf5283ddda1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YdnmZOI6Fulf6thT8bZY29ckccQkslmeX0hhdFgTgp%2FzHvl8Q50VE8DHCwtBRZ8b%2FRz0HXWAIr8qhaa5lYs3IQIrgSDQFvl8kdgbaXbK0x4GrCv1oAD6b5L81x8UM34SfTePqw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f2decd29c7de4b9-OTP
accept-ranges: bytes
server-timing: cfL4;desc="?proto=TCP&rtt=26207&min_rtt=25985&rtt_var=92&sent=254&recv=62&lost=0&retrans=0&sent_bytes=312946&recv_bytes=2813&delivery_rate=4171509&cwnd=285&unsent_bytes=0&cid=34c8ac69e026825e&ts=1814&x=0"
content-length: 149307
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/jpeg
last-modified: Wed, 24 Jul 2024 04:38:26 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 404
Not Found 5006.jpg
www.g500on.cfd.unogg168.web.id/dekstop/ 708 B
708 B 429ms
428ms Image
text/html 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/5006.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=100
content-length: 708
pragma: no-cache
date: Mon, 16 Dec 2024 10:17:45 GMT
content-type: text/html
Connection: Keep-Alive

GET
H/1.1 404
Not Found 5008.jpg
www.g500on.cfd.unogg168.web.id/dekstop/ 708 B
708 B 428ms
428ms Image
text/html 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/5008.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=100
content-length: 708
pragma: no-cache
date: Mon, 16 Dec 2024 10:17:45 GMT
content-type: text/html
Connection: Keep-Alive

GET
H/1.1 404
Not Found 5009.jpg
www.g500on.cfd.unogg168.web.id/dekstop/ 708 B
708 B 377ms
377ms Image
text/html 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/5009.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=100
content-length: 708
pragma: no-cache
date: Mon, 16 Dec 2024 10:17:45 GMT
content-type: text/html
Connection: Keep-Alive

GET
H/1.1 404
Not Found 5013.jpg
www.g500on.cfd.unogg168.web.id/dekstop/ 708 B
708 B 368ms
368ms Image
text/html 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/5013.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=100
content-length: 708
pragma: no-cache
date: Mon, 16 Dec 2024 10:17:45 GMT
content-type: text/html
Connection: Keep-Alive

GET
H/1.1 404
Not Found 5014.jpg
www.g500on.cfd.unogg168.web.id/dekstop/ 708 B
708 B 1274ms
1274ms Image
text/html 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/5014.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=100
content-length: 708
pragma: no-cache
date: Mon, 16 Dec 2024 10:17:46 GMT
content-type: text/html
Connection: Keep-Alive

GET
H/1.1 404
Not Found 5027.jpg
www.g500on.cfd.unogg168.web.id/dekstop/ 708 B
708 B 369ms
368ms Image
text/html 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/5027.jpg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=100
content-length: 708
pragma: no-cache
date: Mon, 16 Dec 2024 10:17:46 GMT
content-type: text/html
Connection: Keep-Alive

GET
H2 200 880003.png
file.32828a.com/images/MD/YD/en-US/ 127 KB
0 1ms
1ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/YD/en-US/880003.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 36a7fee233fdff4eb0e17782b44e69f31bc054cc75ce22a7e70c5fec3fe57898

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "a2f2e2786ab0d71:0"
cf-ray: 8f2decd7d858c9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 129934
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Thu, 23 Sep 2021 11:02:17 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 880009.png
file.32828a.com/images/MD/YD/en-US/ 111 KB
0 1ms
1ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/YD/en-US/880009.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 09f43420ad7491870dc980c2ab7b56bb3c110f1e67c2da25f902130cc3446b37

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "46c192786ab0d71:0"
cf-ray: 8f2decd7d859c9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 113799
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Thu, 23 Sep 2021 11:02:16 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 880010.png
file.32828a.com/images/MD/YD/en-US/ 107 KB
0 1ms
1ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/YD/en-US/880010.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 42f0b965c267c0c7f1c85f2d2933b3503d3fbd2941af0df89381b9d4bc8f370c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "af309c786ab0d71:0"
cf-ray: 8f2decd7d85bc9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 109412
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Thu, 23 Sep 2021 11:02:16 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 880011.png
file.32828a.com/images/MD/YD/en-US/ 99 KB
0 2ms
2ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/YD/en-US/880011.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 23944860300a6ddadf40365229ed9c8cdcef46e00118ea2f39e0ab8ca3ea4d4f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "861aa4786ab0d71:0"
cf-ray: 8f2decd7d85cc9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 101192
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Thu, 23 Sep 2021 11:02:16 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 880013.png
file.32828a.com/images/MD/YD/en-US/ 94 KB
0 2ms
2ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/YD/en-US/880013.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 518876ee0bc7b4faff39a791f8002d590de00f36c1bc51448fbe76f89234bbfe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "03cad786ab0d71:0"
cf-ray: 8f2decd7e865c9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96699
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Thu, 23 Sep 2021 11:02:16 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 880014.png
file.32828a.com/images/MD/YD/en-US/ 117 KB
0 2ms
2ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/YD/en-US/880014.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bd6176ed45d40b4a3014fda5fbb1ef2a5664e916f5708caf89878cd3ea863353

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "c7ccb1786ab0d71:0"
cf-ray: 8f2decd7e866c9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 119837
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Thu, 23 Sep 2021 11:02:16 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 Egypt_Gods.png
file.32828a.com/images/MD/EP/en-US/ 212 KB
0 3ms
3ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/EP/en-US/Egypt_Gods.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 57f11ab0d9eff8be0726b35a3caf2682444d644529c20eb385f9f637b229949c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: REVALIDATED
etag: "75b92a69b690d61:0"
cf-ray: 8f2decd7e867c9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 216649
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Tue, 22 Sep 2020 08:00:17 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 Basketball.png
file.32828a.com/images/MD/EP/en-US/ 41 KB
0 3ms
3ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/EP/en-US/Basketball.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3df9a31c64c787f9855f955ed75d6a1001dbf90ec66e6694a7678147f2bf5ede

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: REVALIDATED
etag: "5ece6269b690d61:0"
cf-ray: 8f2decd7e868c9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 41665
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Tue, 22 Sep 2020 08:00:18 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 Talismans_of_Fortune.png
file.32828a.com/images/MD/EP/en-US/ 39 KB
0 3ms
3ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/EP/en-US/Talismans_of_Fortune.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0463efa6e6724ba9625efcfb1277cfde110e6be801211653c2afce0fb99b3344

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "985269b690d61:0"
cf-ray: 8f2decd7e869c9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 40046
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Tue, 22 Sep 2020 08:00:17 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 The_Great_Wall_Treasure.png
file.32828a.com/images/MD/EP/en-US/ 51 KB
0 4ms
4ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/EP/en-US/The_Great_Wall_Treasure.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1a6b7c818e3421152237a822ce764553b21b8fcb8acf08d5caa4af6775bd2bb4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "eab75569b690d61:0"
cf-ray: 8f2decd7e86ac9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 51997
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Tue, 22 Sep 2020 08:00:17 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK live-chat.svg
www.g500on.cfd.unogg168.web.id/dekstop/bundles/img/nav/ 588 B
642 B 1490ms
496ms Image
image/svg+xml 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/bundles/img/nav/live-chat.svg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 667ee8612b9502ae0c6f0b8eac253c8bca307446262f7ac5c2cc1a84b50d9d65

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
Connection: Keep-Alive
expires: Mon, 23 Dec 2024 10:17:38 GMT
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 286
date: Mon, 16 Dec 2024 10:17:38 GMT
content-type: image/svg+xml
last-modified: Thu, 10 Oct 2024 07:54:56 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK android-logo.svg
www.g500on.cfd.unogg168.web.id/dekstop/bundles/img/nav/ 3 KB
2 KB 1124ms
358ms Image
image/svg+xml 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/bundles/img/nav/android-logo.svg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: bfdfa71f660ce0d2661801bf59cab3f2948df1e24735f9d45933358d4fbd1192

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
Connection: Keep-Alive
expires: Mon, 23 Dec 2024 10:17:38 GMT
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1368
date: Mon, 16 Dec 2024 10:17:38 GMT
content-type: image/svg+xml
last-modified: Thu, 10 Oct 2024 07:54:52 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK mobile.svg
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/dark-green/desktop/layout/ 733 B
2 KB 492ms
167ms Image
image/svg+xml 18.66.107.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/dark-green/desktop/layout/mobile.svg?v=20241025

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

HTTP/1.1

Server

18.66.107.128 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-107-128.fra56.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

cbf8ea136cb9875f6548ddfeb8eaf0290fab91b50610dfdd8583f5bc8644e04d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

ETag: "0c6755975c7d61:0"
Age: 279199
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: TKT7bwewpgRhX3CNvHT3iJTxlSelOOUt0lZQwIux0SA2aj6CPzq5LA==
Date: Fri, 13 Dec 2024 04:44:18 GMT
Content-Type: image/svg+xml
Last-Modified: Tue, 01 Dec 2020 00:03:08 GMT
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Cache-Control: max-age=31536000
Connection: keep-alive
Via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 733
X-Xss-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P5
Server: TrillionSoft

GET
H/1.1 200
OK flags.png
www.g500on.cfd.unogg168.web.id/dekstop/bundles/img/nav/ 6 KB
7 KB 1009ms
353ms Image
image/png 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/bundles/img/nav/flags.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/Content/dekstop.css
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: cdb1815b5776953153bac927f409e9030393dedbd1b0358a34048d4e9e19eeea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/Content/dekstop.css

Response headers

cache-control: public, max-age=604800
Connection: Keep-Alive
expires: Mon, 23 Dec 2024 10:17:37 GMT
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 6478
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/png
last-modified: Thu, 10 Oct 2024 07:54:54 GMT

GET
H/1.1 200
OK user.svg
www.g500on.cfd.unogg168.web.id/dekstop/bundles/img/nav/ 355 B
601 B 1331ms
353ms Image
image/svg+xml 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/bundles/img/nav/user.svg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: ba68e8016b4b516172039894389bbc6e624607a69efc0c788f5fef8e080389ee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
Connection: Keep-Alive
expires: Mon, 23 Dec 2024 10:17:38 GMT
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 245
date: Mon, 16 Dec 2024 10:17:38 GMT
content-type: image/svg+xml
last-modified: Thu, 10 Oct 2024 07:54:52 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK lock.svg
www.g500on.cfd.unogg168.web.id/dekstop/bundles/img/nav/ 355 B
597 B 1399ms
356ms Image
image/svg+xml 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/bundles/img/nav/lock.svg
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 56ad43e8fc2177c33b57e4d8a45e137965321f262fb90050bd5d69f2298c7a97

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
Connection: Keep-Alive
expires: Mon, 23 Dec 2024 10:17:38 GMT
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 241
date: Mon, 16 Dec 2024 10:17:38 GMT
content-type: image/svg+xml
last-modified: Thu, 10 Oct 2024 07:54:58 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK category-sprite.png
www.g500on.cfd.unogg168.web.id/dekstop/bundles/img/nav/ 7 KB
7 KB 974ms
576ms Image
image/png 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.g500on.cfd.unogg168.web.id/dekstop/bundles/img/nav/category-sprite.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/Content/dekstop.css
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: d7b97efc465acc2f757951556127a485b2d28aaee2692d45ad4ac4296af5960e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/Content/dekstop.css

Response headers

cache-control: public, max-age=604800
Connection: Keep-Alive
expires: Mon, 23 Dec 2024 10:17:37 GMT
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 7325
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/png
last-modified: Tue, 29 Oct 2024 02:13:59 GMT

GET
H2

200

icon-sprite.png
nx1.cdn2go.net/Images/nexus-alpha/dark-green/desktop/layout/
Redirect Chain

http://d1bnhxh1olb98c.cloudfront.net/Images/nexus-alpha/dark-green/desktop/layout/icon-sprite.png?v=20240326-2
https://nx1.cdn2go.net/Images/nexus-alpha/dark-green/desktop/layout/icon-sprite.png

3 KB
5 KB

921ms
680ms

Image
image/png

172.67.74.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx1.cdn2go.net/Images/nexus-alpha/dark-green/desktop/layout/icon-sprite.png

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/Content/Home/dekstop.css

Protocol

Server

172.67.74.73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c1783ab1e4056272d5f760b0273500921ae504e444215b704c8627f896d2bcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-cache-status: BYPASS
etag: "0c6755975c7d61:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7md2a4KDgZMDXBC8kGGqPnFGQHsNKEAvY3Gfj7U%2FXzVxkNYT1wsrGFWMiAneLzYRJUenq8AJTourTg%2FXlMBXJWBbRvwqxaIhyWE4f8UsFzSkPNvlN9eTP%2FVIBN9ExXXS"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=26090&min_rtt=25985&rtt_var=498&sent=28&recv=20&lost=0&retrans=0&sent_bytes=22924&recv_bytes=2488&delivery_rate=718468&cwnd=246&unsent_bytes=0&cid=a058823839cdc80f&ts=765&x=0"
date: Mon, 16 Dec 2024 10:17:38 GMT
content-type: image/png
last-modified: Tue, 01 Dec 2020 00:03:08 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f2decbf187ae5a8-OTP
accept-ranges: bytes
content-length: 3434
x-xss-protection: 1; mode=block
server: cloudflare

Redirect headers

Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rhun4tjGmYb%2Fj1jZVBUJ%2FJQQ1nHu7WGB0K8fp4j%2FlBh3fA%2FRvyzXQYwaABzzl9kD3Z1y%2B9ZTuTEr7XnsiyZ5lbAV5SXkuZHe0r7dm58PgOJlOO7ntfNYlP%2BJEAn2Hksy"}],"group":"cf-nel","max_age":604800}
Expires: Mon, 16 Dec 2024 11:17:37 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=947&min_rtt=947&rtt_var=473&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=412&delivery_rate=0&cwnd=241&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
X-Cache: Miss from cloudfront
X-Amz-Cf-Id: Fh4KbJl4i9lh-1hlT31SxhlTgG6s60U4yVxgPRoaYxsXXRz5YM5cIw==
Date: Mon, 16 Dec 2024 10:17:37 GMT
Content-Type: text/html
Cache-Control: max-age=3600
Location: https://nx1.cdn2go.net/Images/nexus-alpha/dark-green/desktop/layout/icon-sprite.png
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
CF-RAY: 8f2decbc5e369d20-SIN
Content-Length: 167
X-Amz-Cf-Pop: FRA56-P5
Server: cloudflare

GET
H2

200

numbers.png
nx1.cdn2go.net/Images/nexus-alpha/dark-green/desktop/home/
Redirect Chain

http://d1bnhxh1olb98c.cloudfront.net/Images/nexus-alpha/dark-green/desktop/home/numbers.png?v=20240326-2
https://nx1.cdn2go.net/Images/nexus-alpha/dark-green/desktop/home/numbers.png

14 KB
15 KB

1195ms
603ms

Image
image/png

172.67.74.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx1.cdn2go.net/Images/nexus-alpha/dark-green/desktop/home/numbers.png

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/Content/Home/dekstop.css

Protocol

Server

172.67.74.73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78c5d3f0c294936ebeb6bd9a5568a2ebd72736f7f51ae22eada200ca0c90b7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-cache-status: BYPASS
etag: "0c6755975c7d61:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z%2FTgJFx%2FymqMdFlpiab5VptB0kE91ZQOnZQgJL5hxeXqJ7uAdYJpt6%2B1D2OkssZdL5i2iTmfm9k16d63Ye8gI5ukKN8QuROJmS94sH4bjb6U8Xx8nc7ySr0KpZ1t1sAN"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=26162&min_rtt=26015&rtt_var=2395&sent=14&recv=14&lost=0&retrans=0&sent_bytes=7051&recv_bytes=2488&delivery_rate=257261&cwnd=246&unsent_bytes=0&cid=a058823839cdc80f&ts=691&x=0"
date: Mon, 16 Dec 2024 10:17:38 GMT
content-type: image/png
last-modified: Tue, 01 Dec 2020 00:03:08 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f2decbee867e5a8-OTP
accept-ranges: bytes
content-length: 14406
x-xss-protection: 1; mode=block
server: cloudflare

Redirect headers

Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BnDxk1oQNilJKueK75WozSFrFcQCAc7exBu8zwxPcAc%2FKsMINURovptJE1gEint6KJt%2FC3MVN%2Fo%2FY1Yxz7OKYhxfGhxOd6X1vMkdx47JPy2Ro0olJmy%2FrmRIYpD5Drgx"}],"group":"cf-nel","max_age":604800}
Expires: Mon, 16 Dec 2024 11:17:37 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=1765&min_rtt=1765&rtt_var=882&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=406&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
X-Cache: Miss from cloudfront
X-Amz-Cf-Id: WKBbDumYMC3S4QpoqPVXHxDp1fP9pkPbcUw8bhPbNcj3hOYDcU-Wrw==
Date: Mon, 16 Dec 2024 10:17:37 GMT
Content-Type: text/html
Cache-Control: max-age=3600
Location: https://nx1.cdn2go.net/Images/nexus-alpha/dark-green/desktop/home/numbers.png
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Via: 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
CF-RAY: 8f2decba5a745ff2-SIN
Content-Length: 167
X-Amz-Cf-Pop: FRA56-P5
Server: cloudflare

GET
H2

200

trophy.png
nx1.cdn2go.net/Images/nexus-alpha/dark-green/desktop/jackpot/
Redirect Chain

http://d1bnhxh1olb98c.cloudfront.net/Images/nexus-alpha/dark-green/desktop/jackpot/trophy.png?v=20240326-2
https://nx1.cdn2go.net/Images/nexus-alpha/dark-green/desktop/jackpot/trophy.png

1 KB
2 KB

601ms
601ms

Image
image/png

172.67.74.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx1.cdn2go.net/Images/nexus-alpha/dark-green/desktop/jackpot/trophy.png

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/Content/Slots/dekstop.css

Protocol

Server

172.67.74.73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

112697936e5de4bf0340107c17b1a5f70d98562dfc3c5b72d45adb7772561cca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-cache-status: BYPASS
etag: "0c6755975c7d61:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xgj5cxWhTYuoHRWYb5E9ZrHP%2FJRAFiwFpbB5FKJPE086tA4ijqUO5Wupbr70qKDjqpLYJPmZ6HDN98rMC%2FzXSRuYQBhxiUJcMgTcrMVs2PU8Ddl1zs85fL76VQefZIsa"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=26105&min_rtt=25985&rtt_var=236&sent=38&recv=27&lost=0&retrans=0&sent_bytes=27814&recv_bytes=2894&delivery_rate=718468&cwnd=246&unsent_bytes=0&cid=a058823839cdc80f&ts=8507&x=0"
date: Mon, 16 Dec 2024 10:17:46 GMT
content-type: image/png
last-modified: Tue, 01 Dec 2020 00:03:08 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f2decefcb6fe5a8-OTP
accept-ranges: bytes
content-length: 1060
x-xss-protection: 1; mode=block
server: cloudflare

Redirect headers

Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bN8aMuSj8dF6z2MrEzdz5gPKokst9wHuT4ZJP2rnf63si08jmgguCTXW%2B5Bukx%2FSrIDuNPe0ZzopQoW9V4s2EeAAlgZhybvT0fKXbKVJicAWyvjyJHDHn%2BrhITfMBAvW"}],"group":"cf-nel","max_age":604800}
Expires: Mon, 16 Dec 2024 11:17:46 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=1615&min_rtt=1615&rtt_var=807&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=408&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
X-Cache: Miss from cloudfront
X-Amz-Cf-Id: 0N-FlXpZuJV_5kEXUJXr2apa2a_s7PFFR9TRjog8VY2d-Pd4kJZPXA==
Date: Mon, 16 Dec 2024 10:17:46 GMT
Content-Type: text/html
Cache-Control: max-age=3600
Location: https://nx1.cdn2go.net/Images/nexus-alpha/dark-green/desktop/jackpot/trophy.png
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Via: 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
CF-RAY: 8f2deceedce4fdc1-SIN
Content-Length: 167
X-Amz-Cf-Pop: FRA56-P5
Server: cloudflare

GET
H/1.1 404
Not Found digital_sans_ef_medium.woff2
www.g500on.cfd.unogg168.web.id/fonts/ 0
0 423ms
399ms Font
text/html 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.g500on.cfd.unogg168.web.id/fonts/digital_sans_ef_medium.woff2
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/Content/dekstop.css
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: http://www.g500on.cfd.unogg168.web.id
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/Content/dekstop.css

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=100
content-length: 708
pragma: no-cache
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: text/html
Connection: Keep-Alive

GET
H/1.1 404
Not Found glyphicons-halflings-regular.woff
www.g500on.cfd.unogg168.web.id/fonts/ 0
0 423ms
399ms Font
text/html 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.g500on.cfd.unogg168.web.id/fonts/glyphicons-halflings-regular.woff
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/Content/dekstop.css
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: http://www.g500on.cfd.unogg168.web.id
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/Content/dekstop.css

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=100
content-length: 708
pragma: no-cache
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: text/html
Connection: Keep-Alive

GET
H/1.1 404
Not Found Gilroy-ExtraBold.ttf
www.g500on.cfd.unogg168.web.id/fonts/ 0
0 412ms
402ms Font
text/html 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.g500on.cfd.unogg168.web.id/fonts/Gilroy-ExtraBold.ttf
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/Content/dekstop.css
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: http://www.g500on.cfd.unogg168.web.id
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/Content/dekstop.css

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=100
content-length: 708
pragma: no-cache
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: text/html
Connection: Keep-Alive

GET
H/1.1 404
Not Found Open24DisplaySt.woff2
www.g500on.cfd.unogg168.web.id/fonts/ 0
0 775ms
522ms Font
text/html 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.g500on.cfd.unogg168.web.id/fonts/Open24DisplaySt.woff2
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/Content/dekstop.css
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: http://www.g500on.cfd.unogg168.web.id
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/Content/dekstop.css

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=100
content-length: 708
pragma: no-cache
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: text/html
Connection: Keep-Alive

GET
H/1.1 200
OK IMG-20241028-WA0161-removebg-preview.png
www.g500on.cfd.unogg168.web.id/assets/img/ 256 KB
257 KB 1585ms
529ms Image
image/png 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.g500on.cfd.unogg168.web.id/assets/img/IMG-20241028-WA0161-removebg-preview.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 48047b0e5701a85c3fd43488f686c47b2a47b5a9e843b47f0367a8703c6e68ca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: public, max-age=604800
Connection: Keep-Alive
expires: Mon, 23 Dec 2024 10:17:38 GMT
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 262517
date: Mon, 16 Dec 2024 10:17:38 GMT
content-type: image/png
last-modified: Mon, 28 Oct 2024 16:30:11 GMT

GET
H/1.1 200
OK pp-mahjong-wins-3-black-scatter-mobile.png
www.g500on.cfd.unogg168.web.id/uploads/fotobanner/ 112 KB
113 KB 1584ms
460ms Image
image/png 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.g500on.cfd.unogg168.web.id/uploads/fotobanner/pp-mahjong-wins-3-black-scatter-mobile.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: b470ef5cfb211925bc35f55d5fa2a4b870e4f9667ed1340cc1254ef052d9e0a2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: public, max-age=604800
Connection: Keep-Alive
expires: Mon, 23 Dec 2024 10:17:38 GMT
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 114906
date: Mon, 16 Dec 2024 10:17:38 GMT
content-type: image/png
last-modified: Mon, 28 Oct 2024 17:00:18 GMT

GET
H/1.1 200
OK jackpot-play-logo-v2.webp
d2rzzcn1jnr24x.cloudfront.net/Images/jackpot/ 2 KB
3 KB 488ms
166ms Image
image/webp 18.66.107.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://d2rzzcn1jnr24x.cloudfront.net/Images/jackpot/jackpot-play-logo-v2.webp?v=20241025

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

HTTP/1.1

Server

18.66.107.128 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-107-128.fra56.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

d5764279fe4b7e27d481581b1b68590f32574d05d0fb52a89a7b3c9628aba0c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

ETag: "0678726414db1:0"
Age: 282317
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: T40NNzSJ21LEGZY_P9nkFIA1pvEpkVI2xrEyA9hTA9r2QMXo94P4tA==
Date: Fri, 13 Dec 2024 03:52:20 GMT
Content-Type: image/webp
Last-Modified: Wed, 02 Oct 2024 00:45:58 GMT
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Cache-Control: max-age=31536000
Connection: keep-alive
Via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 1690
X-Xss-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P5
Server: TrillionSoft

GET
H2

200

singapore-pools.webp
nx1.cdn2go.net/Images/nexus-alpha/dark-green/desktop/home/
Redirect Chain

http://d1bnhxh1olb98c.cloudfront.net/Images/nexus-alpha/dark-green/desktop/home/singapore-pools.webp?v=20240326-2
https://nx1.cdn2go.net/Images/nexus-alpha/dark-green/desktop/home/singapore-pools.webp

2 KB
3 KB

815ms
574ms

Image
image/webp

172.67.74.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx1.cdn2go.net/Images/nexus-alpha/dark-green/desktop/home/singapore-pools.webp

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

Server

172.67.74.73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7be6afef81567967cf4c8e76e17a809403187c2fc2c16c8c8f57bf555ec342b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-cache-status: BYPASS
etag: "0f489cc4ecfd61:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ggpVLFDnGzBj0JWcBJzDh36suAMvIYfPZi55oATP0FX1jt8kQVLmPqcChq3S88hHr1DU9CMUllS2j6jAOb7ikvCzwukUbdZBZgKawWxJISPINM43nIgSeqE%2BhPKYg3uZ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=26189&min_rtt=26015&rtt_var=5585&sent=9&recv=11&lost=0&retrans=0&sent_bytes=3975&recv_bytes=2488&delivery_rate=154889&cwnd=242&unsent_bytes=0&cid=a058823839cdc80f&ts=661&x=0"
date: Mon, 16 Dec 2024 10:17:38 GMT
content-type: image/webp
last-modified: Thu, 10 Dec 2020 23:47:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f2decbf1879e5a8-OTP
accept-ranges: bytes
content-length: 1562
x-xss-protection: 1; mode=block
server: cloudflare

Redirect headers

Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c%2BbwHpb8KiC1Jsjf0rybk6J2AIym9dGFRnaRCtUKcmAwBYFYrAqtw4Y7BwJru8yHMsVC5tsQju%2Buk4%2FbsgUHjvl28uZuZHPpCVDLphzI6ir9Gfd274g4I%2BENSm7Do%2B%2Fe"}],"group":"cf-nel","max_age":604800}
Expires: Mon, 16 Dec 2024 11:17:37 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=859&min_rtt=859&rtt_var=429&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=415&delivery_rate=0&cwnd=247&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
X-Cache: Miss from cloudfront
X-Amz-Cf-Id: 7qXjmzGRX_WlFPF5IZqpXPVAFosyTPtZYn6kJQmC-iuPsvxVMnplKA==
Date: Mon, 16 Dec 2024 10:17:37 GMT
Content-Type: text/html
Cache-Control: max-age=3600
Location: https://nx1.cdn2go.net/Images/nexus-alpha/dark-green/desktop/home/singapore-pools.webp
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
CF-RAY: 8f2decbc5bdf8247-SIN
Content-Length: 167
X-Amz-Cf-Pop: FRA56-P5
Server: cloudflare

GET
H2

200

vs20olympx.webp
nx1.cdn2go.net/Images/providers/PP/
Redirect Chain

http://d1bnhxh1olb98c.cloudfront.net/Images/providers/PP/vs20olympx.webp?v=20240326-2
https://nx1.cdn2go.net/Images/providers/PP/vs20olympx.webp

12 KB
13 KB

774ms
774ms

Image
image/webp

172.67.74.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx1.cdn2go.net/Images/providers/PP/vs20olympx.webp

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

Server

172.67.74.73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f8db2adc18a2fd5ac5d2486d9852fd9685d5e00a8bb7e8078a665e253ce890b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-cache-status: BYPASS
etag: "08946c5ae53da1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UKc0axG9eG2FpIzpAJqBdMLz5VON6%2BlESjaWlvtHiiVYQ3q4%2FhI0%2BAf9daJYYoSw4FnItDQ5zdFyYk13DQY%2FoGFPxhYVMHznfBzKSHyDuSw7PPOLQxSySRehacFQn0hQ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=26364&min_rtt=25985&rtt_var=655&sent=56&recv=33&lost=0&retrans=0&sent_bytes=43416&recv_bytes=3005&delivery_rate=718468&cwnd=246&unsent_bytes=0&cid=a058823839cdc80f&ts=8660&x=0"
date: Mon, 16 Dec 2024 10:17:46 GMT
content-type: image/webp
last-modified: Tue, 30 Jan 2024 19:01:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f2decefbb68e5a8-OTP
accept-ranges: bytes
content-length: 12196
x-xss-protection: 1; mode=block
server: cloudflare

Redirect headers

Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y92%2BZb9EbcWhDGNfmaUsi7B7FDVjmSUyIYfyXkVx%2FXkDeurKk%2Brmcq6uJ4AFBPmSlKOhyn5z%2BN5B%2BfuZ%2FbL2vkn%2F0pVgSSapKeaxe3gaYCuCbl3CesPfBPz1vkfS6iR6"}],"group":"cf-nel","max_age":604800}
Expires: Mon, 16 Dec 2024 11:17:46 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=1135&min_rtt=1135&rtt_var=567&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=387&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
X-Cache: Miss from cloudfront
X-Amz-Cf-Id: TIpoZD2GwpLoMPTQPcuLbg1bjsOG7Grhv9K1kVE_b0v3mdgI5aW5Zg==
Date: Mon, 16 Dec 2024 10:17:46 GMT
Content-Type: text/html
Cache-Control: max-age=3600
Location: https://nx1.cdn2go.net/Images/providers/PP/vs20olympx.webp
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
CF-RAY: 8f2deceeca59fd89-SIN
Content-Length: 167
X-Amz-Cf-Pop: FRA56-P5
Server: cloudflare

GET
H2

200

vs20bnnzdice.webp
nx1.cdn2go.net/Images/providers/PP/
Redirect Chain

http://d1bnhxh1olb98c.cloudfront.net/Images/providers/PP/vs20bnnzdice.webp?v=20240326-2
https://nx1.cdn2go.net/Images/providers/PP/vs20bnnzdice.webp

11 KB
13 KB

733ms
733ms

Image
image/webp

172.67.74.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx1.cdn2go.net/Images/providers/PP/vs20bnnzdice.webp

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

Server

172.67.74.73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8ac827a15bec9d27e6a0f660282b4d3c93b0cf0ceea44fdf260bfd9beb7b38c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-cache-status: BYPASS
etag: "029de940fbd91:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=suw4OwrWzTJEA0fw3qFFZCf8%2FxyBNP3OhldkHMzQ4QETSxARtOjqQOvJrS0dTrzrXWACPmqdmdLKpWJ8fd%2FT3JcK7EJkdfxCBcd84qIIJNr%2FnlUmoR6UpFMP8CnB0Wi5"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=26086&min_rtt=25985&rtt_var=132&sent=43&recv=32&lost=0&retrans=0&sent_bytes=30134&recv_bytes=3005&delivery_rate=718468&cwnd=246&unsent_bytes=0&cid=a058823839cdc80f&ts=8632&x=0"
date: Mon, 16 Dec 2024 10:17:46 GMT
content-type: image/webp
last-modified: Tue, 10 Oct 2023 06:13:40 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f2decefbb6be5a8-OTP
accept-ranges: bytes
content-length: 11664
x-xss-protection: 1; mode=block
server: cloudflare

Redirect headers

Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XUz0htZXA1f5SynIgXhvffgsJQjerUj6SHbOEElkFmB%2FdVx3CZCxhzXN6UBrWV%2BbFcyb8Oj4DYwkZqoJ%2BuAe2YmI14KTcTg0RDNqs8FX9GtqoJIAoYQ09C%2BE%2FlPWI%2FTt"}],"group":"cf-nel","max_age":604800}
Expires: Mon, 16 Dec 2024 11:17:46 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=1381&min_rtt=1381&rtt_var=690&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=389&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
X-Cache: Miss from cloudfront
X-Amz-Cf-Id: wy6rJ6P0PlvL2GW6XgMlZKOkg6PVnTV5w5HU1Jwj-syAJ44eesqzzQ==
Date: Mon, 16 Dec 2024 10:17:46 GMT
Content-Type: text/html
Cache-Control: max-age=3600
Location: https://nx1.cdn2go.net/Images/providers/PP/vs20bnnzdice.webp
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
CF-RAY: 8f2deceed844fdb8-SIN
Content-Length: 167
X-Amz-Cf-Pop: FRA56-P5
Server: cloudflare

GET
H2

200

vs20starlight.webp
nx1.cdn2go.net/Images/providers/PP/
Redirect Chain

http://d1bnhxh1olb98c.cloudfront.net/Images/providers/PP/vs20starlight.webp?v=20240326-2
https://nx1.cdn2go.net/Images/providers/PP/vs20starlight.webp

11 KB
12 KB

604ms
604ms

Image
image/webp

172.67.74.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx1.cdn2go.net/Images/providers/PP/vs20starlight.webp

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

Server

172.67.74.73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32c29a7daeacb1f14ac3fef72a1ee4c80e1b86b3e8331f7f7b51b4bb957efdeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-cache-status: BYPASS
etag: "03dc25c7dad91:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mH7GnfxxjhUXF9ggNhZYXWlpiYKcGzBuFKo1RbfYgrWKDGpeDHL7LQREM5gwEYi4G90epTvXtECbWtde5kMHGozFF1A8YseDOpIq75bV7B3AdPIl2RXv6iO7ut6j8bOD"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=33530&min_rtt=25985&rtt_var=12018&sent=68&recv=42&lost=0&retrans=0&sent_bytes=56963&recv_bytes=3005&delivery_rate=718468&cwnd=246&unsent_bytes=0&cid=a058823839cdc80f&ts=8859&x=0"
date: Mon, 16 Dec 2024 10:17:47 GMT
content-type: image/webp
last-modified: Mon, 28 Aug 2023 23:28:34 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f2decf1fcf4e5a8-OTP
accept-ranges: bytes
content-length: 10968
x-xss-protection: 1; mode=block
server: cloudflare

Redirect headers

Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1VZpQaTruFS31Gi8yROOguSZ5HWw53c3JkxisvY%2FwZcuu5KJ99cf6Rh%2Be3SDJfYYmj2JL7Ro2SNHyys8yrXGPOr1wPXtXChVaVptFzhdryuCzuy0nS7mxviwCOq0cM%2F4"}],"group":"cf-nel","max_age":604800}
Expires: Mon, 16 Dec 2024 11:17:46 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=975&min_rtt=975&rtt_var=487&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=390&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
X-Cache: Miss from cloudfront
X-Amz-Cf-Id: LUhvEUT2VNDRSonfEreAdGOg4_SPjaIAHaRHNu2uZXg_lz1hnJQDnA==
Date: Mon, 16 Dec 2024 10:17:46 GMT
Content-Type: text/html
Cache-Control: max-age=3600
Location: https://nx1.cdn2go.net/Images/providers/PP/vs20starlight.webp
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
CF-RAY: 8f2decf119dff8fe-SIN
Content-Length: 167
X-Amz-Cf-Pop: FRA56-P5
Server: cloudflare

GET
H2

200

vs20gatotx.webp
nx1.cdn2go.net/Images/providers/PP/
Redirect Chain

http://d1bnhxh1olb98c.cloudfront.net/Images/providers/PP/vs20gatotx.webp?v=20240326-2
https://nx1.cdn2go.net/Images/providers/PP/vs20gatotx.webp

11 KB
12 KB

607ms
606ms

Image
image/webp

172.67.74.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx1.cdn2go.net/Images/providers/PP/vs20gatotx.webp

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

Server

172.67.74.73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

836aa8ae22eab52480fbdc25c22d11c98c6cb94ba2e56b2a2d40871888fd36ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-cache-status: BYPASS
etag: "07758e9f69bda1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ICqpYdKAaIbvIeeNYmM0ckTc%2BWjgJ4Ak3yXu7eCzZbFU9mKPB4JXV5E8FtLOof6RtZ3gHcGmmRqjz5u1SmLqeJVi6QIQEHVD5e%2Bv94NE5RqxlZp9xGCGLQ7Zg1rTxvtc"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=28225&min_rtt=25985&rtt_var=3199&sent=91&recv=56&lost=0&retrans=0&sent_bytes=79583&recv_bytes=3178&delivery_rate=718468&cwnd=246&unsent_bytes=0&cid=a058823839cdc80f&ts=9099&x=0"
date: Mon, 16 Dec 2024 10:17:47 GMT
content-type: image/webp
last-modified: Wed, 01 May 2024 18:39:34 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f2decf36e2ae5a8-OTP
accept-ranges: bytes
content-length: 11084
x-xss-protection: 1; mode=block
server: cloudflare

Redirect headers

Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XSt23aorIAX%2Ft5USY%2Frvm3Dno4LP%2FE0ywZoSIFlrv5a1ziH2OvRyVpMb07H9eYLuIE7FTcqJRCXAWh%2F3x4FogJdINPBawHxUpzmM4ebb1WCKwn5knONcLuH3fKie2ZUP"}],"group":"cf-nel","max_age":604800}
Expires: Mon, 16 Dec 2024 11:17:46 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=1615&min_rtt=1615&rtt_var=807&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=387&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
X-Cache: Miss from cloudfront
X-Amz-Cf-Id: w_Vyy9RKPF5DN6kcReVXJbw704QHIeIPQVa_dx2RSlyz433KjXXXDg==
Date: Mon, 16 Dec 2024 10:17:46 GMT
Content-Type: text/html
Cache-Control: max-age=3600
Location: https://nx1.cdn2go.net/Images/providers/PP/vs20gatotx.webp
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
CF-RAY: 8f2decf24bf2fd88-SIN
Content-Length: 167
X-Amz-Cf-Pop: FRA56-P5
Server: cloudflare

GET
H2

200

vs20olympgate.webp
nx1.cdn2go.net/Images/providers/PP/
Redirect Chain

http://d1bnhxh1olb98c.cloudfront.net/Images/providers/PP/vs20olympgate.webp?v=20240326-2
https://nx1.cdn2go.net/Images/providers/PP/vs20olympgate.webp

9 KB
10 KB

714ms
714ms

Image
image/webp

172.67.74.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx1.cdn2go.net/Images/providers/PP/vs20olympgate.webp

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

Server

172.67.74.73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

302f07a0c666aa1a497cdf887b675b36c8482cc42fda64b6e73af3511cc2220a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-cache-status: BYPASS
etag: "03dc25c7dad91:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E7x0evwfZ1h%2BwBlmLiuswbQ6STf3B00oGtlacKvR4JXJtKKfn0ipQKF35zdTmW26zBpxLkH61Vl%2B3MZyGMbNa1KRNFKdDkj4FRJq3P7hxCFXnSXrW6sCWDBOGIZ9DBTk"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=33530&min_rtt=25985&rtt_var=12018&sent=80&recv=42&lost=0&retrans=0&sent_bytes=69431&recv_bytes=3005&delivery_rate=718468&cwnd=246&unsent_bytes=0&cid=a058823839cdc80f&ts=8883&x=0"
date: Mon, 16 Dec 2024 10:17:47 GMT
content-type: image/webp
last-modified: Mon, 28 Aug 2023 23:28:34 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f2decf17c9ee5a8-OTP
accept-ranges: bytes
content-length: 8902
x-xss-protection: 1; mode=block
server: cloudflare

Redirect headers

Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BvE0GLTgDF5tRujDQLNDF1mm4At5YV2KJEb5y4nxIoHI75uxDjTDFgaSDbvd6fw%2BiFE1zCZPJJLVAkrfnbrglQs9AHazs73MKfYr93f%2BpHinALE3QPfS090y2O13RyiA"}],"group":"cf-nel","max_age":604800}
Expires: Mon, 16 Dec 2024 11:17:46 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=1658&min_rtt=1658&rtt_var=829&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=390&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
X-Cache: Miss from cloudfront
X-Amz-Cf-Id: t23FEM0LEp9EFbq9wKVSGbXuvBZoblIRGlEg5bMOscmJHIy8w6ulmA==
Date: Mon, 16 Dec 2024 10:17:46 GMT
Content-Type: text/html
Cache-Control: max-age=3600
Location: https://nx1.cdn2go.net/Images/providers/PP/vs20olympgate.webp
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Via: 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
CF-RAY: 8f2decf089b08959-SIN
Content-Length: 167
X-Amz-Cf-Pop: FRA56-P5
Server: cloudflare

GET
H2

200

vs20sugarrushx.webp
nx1.cdn2go.net/Images/providers/PP/
Redirect Chain

http://d1bnhxh1olb98c.cloudfront.net/Images/providers/PP/vs20sugarrushx.webp?v=20240326-2
https://nx1.cdn2go.net/Images/providers/PP/vs20sugarrushx.webp

14 KB
15 KB

824ms
824ms

Image
image/webp

172.67.74.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx1.cdn2go.net/Images/providers/PP/vs20sugarrushx.webp

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

Server

172.67.74.73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

303f96fd1df1cd9293f918581c7423f617e638150340e0c16706155f55244f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-cache-status: BYPASS
etag: "0f0c4e5f69bda1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=52AKhEvbFzs%2BIfs4BuAVQYVmiq2eyZXD2e0UyMhD%2B%2FKPgGbU64pAPF0Iq6tirLWXCuNJKLci6vpqRtefVist5AQTSthNoqTnVHoADVvL0cPhLuZT7JgHJu1W9QVIfKLJ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=26506&min_rtt=25985&rtt_var=589&sent=165&recv=72&lost=0&retrans=0&sent_bytes=166806&recv_bytes=3277&delivery_rate=1324165&cwnd=246&unsent_bytes=0&cid=a058823839cdc80f&ts=9725&x=0"
date: Mon, 16 Dec 2024 10:17:47 GMT
content-type: image/webp
last-modified: Wed, 01 May 2024 18:39:28 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f2decf61ff1e5a8-OTP
accept-ranges: bytes
content-length: 13824
x-xss-protection: 1; mode=block
server: cloudflare

Redirect headers

Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3uJ5TqWZBZrWpIYbXFS7OtKCxOxF8eXHtttPaEv9%2Fy2Upav8okbVxW0PvguvIG%2FmWvZtDRUJV0QH8bG%2BVKhyZD7bQm97uu2ESZa5jg4hVcMJQB59vI1v0FaUWhq6cYBu"}],"group":"cf-nel","max_age":604800}
Expires: Mon, 16 Dec 2024 11:17:47 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=1582&min_rtt=1582&rtt_var=791&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=391&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
X-Cache: Miss from cloudfront
X-Amz-Cf-Id: U4FATpJya63tGW8lgelbPA6PgX_IbHllKZ0uy77ryaiTNzfid8eMmw==
Date: Mon, 16 Dec 2024 10:17:47 GMT
Content-Type: text/html
Cache-Control: max-age=3600
Location: https://nx1.cdn2go.net/Images/providers/PP/vs20sugarrushx.webp
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
CF-RAY: 8f2decf53caff914-SIN
Content-Length: 167
X-Amz-Cf-Pop: FRA56-P5
Server: cloudflare

GET
H2

200

arcade-link.webp
nx1.cdn2go.net/Images/nexus-alpha/dark-green/desktop/home/
Redirect Chain

http://d1bnhxh1olb98c.cloudfront.net/Images/nexus-alpha/dark-green/desktop/home/arcade-link.webp?v=20240326-2
https://nx1.cdn2go.net/Images/nexus-alpha/dark-green/desktop/home/arcade-link.webp

9 KB
10 KB

624ms
624ms

Image
image/webp

172.67.74.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx1.cdn2go.net/Images/nexus-alpha/dark-green/desktop/home/arcade-link.webp

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

Server

172.67.74.73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e50bc47c56ad5566f451b7f3f31a43b17b7702796283207452328cde81c6a31

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-cache-status: BYPASS
etag: "0f489cc4ecfd61:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QHxKpUZA8D64L6Gb%2BBjghrZ3oOUbz%2BPlCY%2FDj0q8zZjdlhMKbEwiRVkl01kgNTNL%2F4mrfQWaSI%2B5zZL4asqaGStdOVUFkpzykbaW6AeTn19IIlUe0Aynti6FvzUbnAab"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=27300&min_rtt=25985&rtt_var=1469&sent=104&recv=63&lost=0&retrans=0&sent_bytes=92181&recv_bytes=3277&delivery_rate=718468&cwnd=246&unsent_bytes=0&cid=a058823839cdc80f&ts=9578&x=0"
date: Mon, 16 Dec 2024 10:17:47 GMT
content-type: image/webp
last-modified: Thu, 10 Dec 2020 23:47:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f2decf6581be5a8-OTP
accept-ranges: bytes
content-length: 8930
x-xss-protection: 1; mode=block
server: cloudflare

Redirect headers

Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=piGW8rkBK%2B6fOp0Q0xnWZCkAUyQ7U4ghXocXf7KmaCYKpqDx0Lu8QSr2OfTMbHraF%2BjVXyB9ZEQ%2BnZa5oRjqyqR7wNrw6PDq4hyDidNQgOYPBOrugb8MCLV2blilu8%2Fb"}],"group":"cf-nel","max_age":604800}
Expires: Mon, 16 Dec 2024 11:17:47 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=922&min_rtt=920&rtt_var=349&sent=2&recv=5&lost=0&retrans=0&sent_bytes=1003&recv_bytes=629&delivery_rate=1545357&cwnd=250&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
X-Cache: Miss from cloudfront
X-Amz-Cf-Id: u8kHl7dTCvtpU9VhaM4kEAe8xJYfthCUufzLL9dASL6cV1CjzJ0VwQ==
Date: Mon, 16 Dec 2024 10:17:47 GMT
Content-Type: text/html
Cache-Control: max-age=3600
Location: https://nx1.cdn2go.net/Images/nexus-alpha/dark-green/desktop/home/arcade-link.webp
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
CF-RAY: 8f2decf57b0ffcef-SIN
Content-Length: 167
X-Amz-Cf-Pop: FRA56-P5
Server: cloudflare

GET
H2 200 pragmatic-play.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 3 KB
3 KB 1432ms
393ms Image
image/webp 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/pragmatic-play.webp
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: f2ca0b5c1a3ee1ce3eb2ec0bec84a203b3e8b7ca38d564cae550e093622d35ef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=604800
expires: Mon, 23 Dec 2024 10:17:38 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 2696
date: Mon, 16 Dec 2024 10:17:38 GMT
content-type: image/webp
last-modified: Thu, 10 Oct 2024 07:54:40 GMT

GET
H2 200 pg-soft.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 2 KB
2 KB 1707ms
668ms Image
image/webp 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/pg-soft.webp
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: a75c741635aa16e2799fb448d78317358f52c25a23b01cc4926ca5dfa5576c6d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=604800
expires: Mon, 23 Dec 2024 10:17:38 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1690
date: Mon, 16 Dec 2024 10:17:38 GMT
content-type: image/webp
last-modified: Thu, 10 Oct 2024 07:54:36 GMT

GET
H2 200 habanero.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 1 KB
1 KB 1706ms
667ms Image
image/webp 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/habanero.webp
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 3b19b8235dc776ab8c03cc035dde3d6c9a1e3f2154e07b47ce4a75173d8d97d4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=604800
expires: Mon, 23 Dec 2024 10:17:38 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1354
date: Mon, 16 Dec 2024 10:17:38 GMT
content-type: image/webp
last-modified: Thu, 10 Oct 2024 07:54:42 GMT

GET
H2 200 spade-gaming.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 2 KB
2 KB 1704ms
666ms Image
image/webp 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/spade-gaming.webp
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: b3ecc694b5b966a72e72f8046c55e942110f40317876e2327e8b61ce5f3f1559

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=604800
expires: Mon, 23 Dec 2024 10:17:38 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1848
date: Mon, 16 Dec 2024 10:17:38 GMT
content-type: image/webp
last-modified: Thu, 10 Oct 2024 07:54:36 GMT

GET
H2 200 joker.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 4 KB
5 KB 1707ms
668ms Image
image/webp 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/joker.webp
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 8dde4ad19297df0f45dbbfba91f5cc2286ced2bdc56728dc2b66550db7dc27c5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=604800
expires: Mon, 23 Dec 2024 10:17:38 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4600
date: Mon, 16 Dec 2024 10:17:38 GMT
content-type: image/webp
last-modified: Thu, 10 Oct 2024 07:54:40 GMT

GET
H2 200 micro-gaming-plus.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 2 KB
3 KB 1706ms
668ms Image
image/webp 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/micro-gaming-plus.webp
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: ca09cb2945c25927ca7eeb061455a2919deeed00a43c4df561864900c279c40f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=604800
expires: Mon, 23 Dec 2024 10:17:38 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 2544
date: Mon, 16 Dec 2024 10:17:38 GMT
content-type: image/webp
last-modified: Thu, 10 Oct 2024 07:54:38 GMT

GET jili.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 0
0

GET
H2 200 jdb.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 2 KB
2 KB 1432ms
394ms Image
image/webp 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/jdb.webp
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 07d068e1d7f29844c5d285beabf1cd9aec0167d8531b123688adc35bef15aa06

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=604800
expires: Mon, 23 Dec 2024 10:17:38 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1836
date: Mon, 16 Dec 2024 10:17:38 GMT
content-type: image/webp
last-modified: Thu, 10 Oct 2024 07:54:40 GMT

GET evolution.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 0
0

GET
H2 200 advant-play.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 3 KB
3 KB 848ms
846ms Image
image/webp 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/advant-play.webp
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: f48fd820d2622a237cfd01d2643edd67b28dd2ff7b42b50ed4f2fc29575ed2b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

expires: Mon, 23 Dec 2024 10:17:38 GMT
accept-ranges: bytes
cache-control: public, max-age=604800
content-length: 3076
date: Mon, 16 Dec 2024 10:17:38 GMT
content-type: image/webp
last-modified: Thu, 10 Oct 2024 07:54:42 GMT

GET live22-slotmaker.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 0
0

GET wow-gaming.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 0
0

GET playtech.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 0
0

GET bbin.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 0
0

GET
H2 200 play-n-go.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 2 KB
0 405ms
405ms Image
image/webp 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/play-n-go.webp
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 3312944416b813b2b8dfb561ec10807ad4b840f38dbe565aaca087291fc6faff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

expires: Mon, 23 Dec 2024 10:17:47 GMT
accept-ranges: bytes
cache-control: public, max-age=604800
content-length: 2272
date: Mon, 16 Dec 2024 10:17:46 GMT
content-type: image/webp
last-modified: Thu, 10 Oct 2024 07:54:34 GMT

GET
H2 200 yggdrasil.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 2 KB
0 405ms
405ms Image
image/webp 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/yggdrasil.webp
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: bf2b4d30d7baf33c46c34cfd7207634b96106c293da65cfa4ab47d851c01cef8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

expires: Mon, 23 Dec 2024 10:17:47 GMT
accept-ranges: bytes
cache-control: public, max-age=604800
content-length: 2048
date: Mon, 16 Dec 2024 10:17:46 GMT
content-type: image/webp
last-modified: Thu, 10 Oct 2024 07:54:40 GMT

GET evoplay.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 0
0

GET
H2 200 cq9.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 2 KB
0 329ms
328ms Image
image/webp 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/cq9.webp
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 95c55f1d5a14dbe3af8deee6141fad2427c1ff40d69102c87c356eac134f5fb1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

expires: Mon, 23 Dec 2024 10:17:47 GMT
accept-ranges: bytes
cache-control: public, max-age=604800
content-length: 1612
date: Mon, 16 Dec 2024 10:17:46 GMT
content-type: image/webp
last-modified: Thu, 10 Oct 2024 07:54:36 GMT

GET asia-gaming.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 0
0

GET
H2 200 playstar.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 2 KB
0 405ms
405ms Image
image/webp 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/playstar.webp
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 43fc54e989dc12d674a24cc5b1aaf0ee00129850b427f94146ccdb47e00a4900

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

expires: Mon, 23 Dec 2024 10:17:47 GMT
accept-ranges: bytes
cache-control: public, max-age=604800
content-length: 1690
date: Mon, 16 Dec 2024 10:17:46 GMT
content-type: image/webp
last-modified: Thu, 10 Oct 2024 07:54:38 GMT

GET
H2 200 sbo-slot.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 3 KB
0 405ms
405ms Image
image/webp 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/sbo-slot.webp
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 1b49ae06fe1ede83067c2a18db55b8e11d1c3bc3644170f0e97bb3041b29ad52

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

expires: Mon, 23 Dec 2024 10:17:47 GMT
accept-ranges: bytes
cache-control: public, max-age=604800
content-length: 3458
date: Mon, 16 Dec 2024 10:17:46 GMT
content-type: image/webp
last-modified: Thu, 10 Oct 2024 07:54:34 GMT

GET rich88.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 0
0

GET
H2 200 fun-gaming.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 5 KB
0 403ms
403ms Image
image/webp 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/fun-gaming.webp
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 0535dbaeea4ed88fbba3340cc4baee0375309e9d7abd4cc4358077123a413155

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

expires: Mon, 23 Dec 2024 10:17:47 GMT
accept-ranges: bytes
cache-control: public, max-age=604800
content-length: 4628
date: Mon, 16 Dec 2024 10:17:46 GMT
content-type: image/webp
last-modified: Thu, 10 Oct 2024 07:54:38 GMT

GET
H2 200 Robin_Hood.png
file.32828a.com/images/MD/EP/en-US/ 45 KB
0 1ms
1ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/EP/en-US/Robin_Hood.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e0b33e2e32774c3daa96575b4d0b38fd679b17a1290cb046bc4a6ac107e26872

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "ebc44969b690d61:0"
cf-ray: 8f2decd7e86bc9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 45819
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Tue, 22 Sep 2020 08:00:17 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 Chinese_New_Year.png
file.32828a.com/images/MD/EP/en-US/ 57 KB
0 1ms
1ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/EP/en-US/Chinese_New_Year.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 01afeb56aa9c9c193074fc792eece2e01c5220a6b38faedb91b9f92f5563efcf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: REVALIDATED
etag: "bbda2569b690d61:0"
cf-ray: 8f2decd7e86cc9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 58490
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Tue, 22 Sep 2020 08:00:17 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 1.png
img.viva88athenae.com/cq9/images/ 20 KB
0 282ms
281ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/cq9/images/1.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2f72bf3463ea18fde96f022d0035462d75535d2cf61e2379ef50b284e72d11f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6ed0be463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=21339
alt-svc: h3=":443"; ma=86400
content-length: 20304
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="1.webp"
vary: Accept
last-modified: Fri, 04 Nov 2022 11:03:28 GMT

GET
H2 200 10.png
img.viva88athenae.com/cq9/images/ 26 KB
0 246ms
246ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/cq9/images/10.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 807e231346e1868c244d20ec3ea698d7e2bb74bb83452822bd4cda6221ce80df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6ed0de463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=27052
alt-svc: h3=":443"; ma=86400
content-length: 26790
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="10.webp"
vary: Accept
last-modified: Fri, 04 Nov 2022 11:02:55 GMT

GET
H2 200 111.png
img.viva88athenae.com/cq9/images/ 18 KB
0 245ms
245ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/cq9/images/111.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b809d4ccaa869b336febfb09e60b7a4b1620a02b9f8846825aa1ad17e1c2550b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6ed0ee463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=19906
alt-svc: h3=":443"; ma=86400
content-length: 18922
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="111.webp"
vary: Accept
last-modified: Fri, 04 Nov 2022 11:03:04 GMT

GET
H2 200 113.png
img.viva88athenae.com/cq9/images/ 23 KB
0 243ms
243ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/cq9/images/113.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9438b3dd72954d1290759ed443bb4776bb3bec14316ab91a3b8b271e5c8a7b69

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6ed10e463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=23946
alt-svc: h3=":443"; ma=86400
content-length: 23290
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="113.webp"
vary: Accept
last-modified: Fri, 04 Nov 2022 11:03:04 GMT

GET
H2 200 115.png
img.viva88athenae.com/cq9/images/ 22 KB
0 246ms
246ms Image
image/webp 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/cq9/images/115.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a52b02930abaec0471b8acf8833346c52d48c20666d8ed0c38d6178dcf58224

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

server: cloudflare
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6ed12e463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origFmt=png, origSize=23974
alt-svc: h3=":443"; ma=86400
content-length: 22876
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/webp
content-disposition: inline; filename="115.webp"
vary: Accept
last-modified: Fri, 04 Nov 2022 11:03:04 GMT

GET
H2 200 117.png
img.viva88athenae.com/cq9/images/ 24 KB
0 245ms
245ms Image
image/png 172.64.144.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.viva88athenae.com/cq9/images/117.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.224 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffc3fccce1f26593d0d4cdb27d1038ad09f4ea2c98a42ceab81e78fca8082f60

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
cf-ray: 8f2decb6ed13e463-OTP
expires: Mon, 16 Dec 2024 14:17:37 GMT
accept-ranges: bytes
cf-polished: origSize=25880, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 24940
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: image/png
last-modified: Fri, 04 Nov 2022 11:03:04 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 PSS-ON-00155.png
file.32828a.com/images/MD/PS/en-US/ 94 KB
0 2ms
2ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/PS/en-US/PSS-ON-00155.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5b8a16e418af08fe9fe916515e4a57c68413d3d3bf00b5db781bf00953f8c3b3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "5f3c9143a676da1:0"
cf-ray: 8f2decd7e86dc9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96289
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Fri, 15 Mar 2024 06:59:03 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 PSS-ON-00146.png
file.32828a.com/images/MD/PS/en-US/ 31 KB
0 3ms
3ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/PS/en-US/PSS-ON-00146.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ea31676bac344318cee7d79160af2ff5d4e856c413fe63269b4234319149105e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "822cae774aada1:0"
cf-ray: 8f2decd7e86ec9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31260
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Mon, 20 May 2024 05:16:44 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 PSS-ON-00141.png
file.32828a.com/images/MD/PS/en-US/ 82 KB
0 3ms
3ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/PS/en-US/PSS-ON-00141.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 53ffd11d1e84e9d56b32c247aaa74ed0182a63e8a388b20d371ab5d106c9582a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "90d6c8a29c93d91:0"
cf-ray: 8f2decd7e870c9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 84026
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Wed, 31 May 2023 08:48:13 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 PSS-ON-00025.png
file.32828a.com/images/MD/PS/en-US/ 122 KB
0 4ms
4ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/PS/en-US/PSS-ON-00025.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 027846113da10b1e0d593d8b0b43e63ff1ada1f037b6179aee49ccd252fc53db

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "67f5efa29c93d91:0"
cf-ray: 8f2decd7e871c9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 125290
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Wed, 31 May 2023 08:48:14 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 PSS-ON-00147.png
file.32828a.com/images/MD/PS/en-US/ 30 KB
0 5ms
5ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/PS/en-US/PSS-ON-00147.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 811073ac2db66bc94a606c0ea6f888a735674e97f4d3579cbfd22b1b683c6f9c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "ce59c9e774aada1:0"
cf-ray: 8f2decd7e872c9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30800
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Mon, 20 May 2024 05:16:44 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 PSS-ON-00148.png
file.32828a.com/images/MD/PS/en-US/ 24 KB
0 6ms
6ms Image
image/png 104.18.31.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.32828a.com/images/MD/PS/en-US/PSS-ON-00148.png
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cdc8fae8291d737d559b642cd5c2db9f7cb6f16bde53fe7f33f7a64cfccd2f64

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "a7ed2da75ef7d91:0"
cf-ray: 8f2decd7e874c9cf-OTP
expires: Mon, 16 Dec 2024 14:17:42 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24482
date: Mon, 16 Dec 2024 10:17:42 GMT
content-type: image/png
last-modified: Thu, 05 Oct 2023 07:36:28 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK Open24DisplaySt.woff2
www.g500on.cfd.unogg168.web.id/assets/fonts/ 6 KB
6 KB 1008ms
658ms Font
font/woff2 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.g500on.cfd.unogg168.web.id/assets/fonts/Open24DisplaySt.woff2
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 2991f771f85700b7f88a8944a66afcd96199467920eec36cbb7ea77b6028f1dc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: http://www.g500on.cfd.unogg168.web.id
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: public, max-age=604800
Connection: Keep-Alive
expires: Mon, 23 Dec 2024 10:17:37 GMT
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 6100
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: font/woff2
last-modified: Sun, 20 Oct 2024 19:38:05 GMT

GET
H2

200

icon-sprite.png
nx-cdn.trgwl.com/Images/nexus-alpha/red/desktop/layout/
Redirect Chain

http://nx-cdn.trgwl.com/Images/nexus-alpha/red/desktop/layout/icon-sprite.png?v=20231212-1
https://nx-cdn.trgwl.com/Images/nexus-alpha/red/desktop/layout/icon-sprite.png?v=20231212-1

4 KB
6 KB

1163ms
600ms

Image
image/png

104.27.202.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-alpha/red/desktop/layout/icon-sprite.png?v=20231212-1

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

Server

104.27.202.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b81a90d317b70f82719218970659a41b488eae52d89f93401a41bcc7b23f44e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-cache-status: BYPASS
etag: "0d49c6075c7d61:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=91nVP3V%2Bn9O2SGB0BSh1YFaLi893je98%2FXJJWGIe5fNhtzpjKZrXcqYB%2B0yM37qlUizmRYV6ksRlb%2BamuELZL10eBUxHZdgCWtLCG6tlkNCAPHy9S%2FfUmz%2BRFZeXoFYGsxI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=28245&min_rtt=27009&rtt_var=5391&sent=7&recv=10&lost=0&retrans=0&sent_bytes=4027&recv_bytes=2306&delivery_rate=146511&cwnd=253&unsent_bytes=0&cid=8c4c15628114a36e&ts=671&x=0"
date: Mon, 16 Dec 2024 10:17:48 GMT
content-type: image/png
last-modified: Tue, 01 Dec 2020 00:03:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f2decf8b805c9d0-OTP
accept-ranges: bytes
content-length: 4235
x-xss-protection: 1; mode=block
server: cloudflare

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://nx-cdn.trgwl.com/Images/nexus-alpha/red/desktop/layout/icon-sprite.png?v=20231212-1
Non-Authoritative-Reason: DNS

GET
H/1.1 404
Not Found digital_sans_ef_medium.woff
www.g500on.cfd.unogg168.web.id/fonts/ 0
0 575ms
573ms Font
text/html 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.g500on.cfd.unogg168.web.id/fonts/digital_sans_ef_medium.woff
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/Content/dekstop.css
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: http://www.g500on.cfd.unogg168.web.id
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/Content/dekstop.css

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=100
content-length: 708
pragma: no-cache
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: text/html
Connection: Keep-Alive

GET
H/1.1 404
Not Found glyphicons-halflings-regular.ttf
www.g500on.cfd.unogg168.web.id/fonts/ 0
0 574ms
414ms Font
text/html 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.g500on.cfd.unogg168.web.id/fonts/glyphicons-halflings-regular.ttf
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/Content/dekstop.css
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: http://www.g500on.cfd.unogg168.web.id
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/Content/dekstop.css

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=100
content-length: 708
pragma: no-cache
date: Mon, 16 Dec 2024 10:17:37 GMT
content-type: text/html
Connection: Keep-Alive

GET
H/1.1 404
Not Found Open24DisplaySt.woff
www.g500on.cfd.unogg168.web.id/fonts/ 0
0 718ms
513ms Font
text/html 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.g500on.cfd.unogg168.web.id/fonts/Open24DisplaySt.woff
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/Content/dekstop.css
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: http://www.g500on.cfd.unogg168.web.id
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/Content/dekstop.css

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=100
content-length: 708
pragma: no-cache
date: Mon, 16 Dec 2024 10:17:38 GMT
content-type: text/html
Connection: Keep-Alive

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 730ms
108ms Fetch
text/plain 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-DEMR8X28X3&gtm=45je4cc1v867581139za200&_p=1734344256998&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=42287819.1734344258&ul=de-de&sr=1600x1200&are=1&frm=0&pscdl=noapi&_s=1&sid=1734344257&sct=1&seg=0&dl=http%3A%2F%2Fwww.g500on.cfd.unogg168.web.id%2Fdekstop%2Findex.php&dr=http%3A%2F%2Fwww.g500on.cfd.unogg168.web.id%2F&dt=G500VIP&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4982
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DEMR8X28X3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: http://www.g500on.cfd.unogg168.web.id
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 10:17:38 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 307512991727066 Show response
connect.facebook.net/signals/config/ 62 KB
14 KB 142ms
141ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/307512991727066?v=2.9.179&r=stable&domain=www.g500on.cfd.unogg168.web.id&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

f8f6c0e5bfdaa8ce4d19aa327cc677a7514ea9c9c7a508ac74f7b8357b624599

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-HMs4U6OR' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 10:17:45 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-HMs4U6OR' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=66, mss=1348, tbw=67935, tp=-1, tpl=-1, uplat=73, ullat=0
pragma: public
x-fb-debug: EtcDX0FNh4cumFs6HHc8h8GFe8lVtRbzaifQvk2DL2yq7v/Olp/sdeYVZOF9djeCvvMNxxBxFPp3negHsqe8CA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 3548697528743011 Show response
connect.facebook.net/signals/config/ 38 KB
7 KB 144ms
143ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3548697528743011?v=2.9.179&r=stable&domain=www.g500on.cfd.unogg168.web.id&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C135%2C164%2C198%2C200%2C123%2C146%2C152%2C130%2C236%2C117%2C199%2C127%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

66167e4db0571e18126951c8964c4e1233951450a3ad7a3491eceb4e0b1cd0e6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-wY7qYwlE' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 10:17:45 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-wY7qYwlE' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=79, mss=1348, tbw=81931, tp=-1, tpl=-1, uplat=74, ullat=0
pragma: public
x-fb-debug: 8Nl3P9oci6keCg9TTYnIADIMRS3G6jm6Uu5O1nAPxdpZATrjyfZIAMB0D7cCMadD8i9oM9extfRQzPclrnHHCg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 641ms
101ms Image
text/plain 157.240.251.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=307512991727066&ev=PageView&dl=http%3A%2F%2Fwww.g500on.cfd.unogg168.web.id%2Fdekstop%2Findex.php&rl=http%3A%2F%2Fwww.g500on.cfd.unogg168.web.id%2F&if=false&ts=1734344265695&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12316&fbp=fb.2.1734344265682.629455422804363964&cs_est=true&cdl=API_unavailable&it=1734344265294&coo=false&rqm=GET

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=10, mss=1348, tbw=3055, tp=-1, tpl=-1, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 16 Dec 2024 10:17:47 GMT
content-type: text/plain
server: proxygen-bolt

GET /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 0
0

OPTIONS
H2 204 progressive-jackpot
jp-api2.namesvr.dev/ 0
0 1438ms
661ms Preflight 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jp-api2.namesvr.dev/progressive-jackpot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://www.g500on.cfd.unogg168.web.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f2decf2fac8e3f7-OTP
date: Mon, 16 Dec 2024 10:17:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bjw33YeHYCn5lL71TQU%2FUCZ0hBIhetrLXZjg6wIEtPgm1F7yNrXLnyCWbJFKVZpUgVZs6E%2BIf3%2BLX1nTVYNmTXljC95GthI8L%2FTSlfj%2B3etlkj%2BuxgPb46uhDcFgY0fBlsfqwSPs"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=26204&min_rtt=26038&rtt_var=4238&sent=9&recv=11&lost=0&retrans=0&sent_bytes=4714&recv_bytes=2413&delivery_rate=154398&cwnd=240&unsent_bytes=0&cid=3e348570230950e3&ts=938&x=0"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 progressive-jackpot Show response
jp-api2.namesvr.dev/ 14 B
456 B 681ms
338ms XHR
application/json 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jp-api2.namesvr.dev/progressive-jackpot

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/bundles/dekstop.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08f01b7087decabdc413ec0b209d78fddf1542c4ee01e943b23e5cfa2126c2e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.g500on.cfd.unogg168.web.id/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/json; charset=utf-8

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vow55yjusSU6AMNgNeoIcnULTwbYLndN2rJkjTvtvT3XwSEjRBcC%2BCHwHOoQxPzl%2BACPwJxqfYzCZMoAxre%2FzhWNyopt6On%2BJop6qpIImaY7m7B8v2G1ls7%2BZ3hTYYLEEiNjj7tV"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8f2decf93f51e3f7-OTP
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=26356&min_rtt=26038&rtt_var=1516&sent=14&recv=17&lost=0&retrans=0&sent_bytes=5688&recv_bytes=2605&delivery_rate=154398&cwnd=243&unsent_bytes=0&cid=3e348570230950e3&ts=1618&x=0"
date: Mon, 16 Dec 2024 10:17:47 GMT
x-xss-protection: 1; mode=block
content-type: application/json; charset=utf-8
server: cloudflare

GET
H2 200 progressive-jackpot Show response
jp-api2.namesvr.dev/ 14 B
476 B 343ms
341ms XHR
application/json 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jp-api2.namesvr.dev/progressive-jackpot

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/bundles/dekstop.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62299539accd8f5cc8f255194f97aa407f73f21f28aeccb1450b3344cf78a318

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.g500on.cfd.unogg168.web.id/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/json; charset=utf-8

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YAbWqYZqiHJntkx2TrprBQeqIpIW9lMFnx5U6RWjiJkaPJNaG1OHgX5GmErFcxPsiasVrb8RdDenGu5OsFV44z52g5PW27vSVDrrwFnnxgswcTu8EQ4p2fhpKQ7H%2FubuPMN5JysM"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8f2decf71d95e3f7-OTP
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=26313&min_rtt=26038&rtt_var=2562&sent=11&recv=14&lost=0&retrans=0&sent_bytes=5146&recv_bytes=2538&delivery_rate=154398&cwnd=242&unsent_bytes=0&cid=3e348570230950e3&ts=1279&x=0"
date: Mon, 16 Dec 2024 10:17:47 GMT
x-xss-protection: 1; mode=block
content-type: application/json; charset=utf-8
server: cloudflare

GET
H/1.1 200
OK play.png
d2rzzcn1jnr24x.cloudfront.net/Images/icons/ 2 KB
3 KB 69ms
69ms Image
image/png 18.66.107.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://d2rzzcn1jnr24x.cloudfront.net/Images/icons/play.png?v=20241025

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/Content/dekstop.css

Protocol

HTTP/1.1

Server

18.66.107.128 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-107-128.fra56.r.cloudfront.net

Software

TrillionSoft /

Resource Hash

2e11dedfaf2b4a23ce120e63ec4fbe737fd51c14db823e5566993b4380356081

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

ETag: "0c3abd379a2d61:0"
Age: 282789
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 2sqLURAsiWKQ3tt8tMeP3qa_z6LtkAmo15A_vHRujygFjJQmbUa_HQ==
Date: Fri, 13 Dec 2024 03:44:36 GMT
Content-Type: image/png
Last-Modified: Wed, 14 Oct 2020 22:31:58 GMT
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Cache-Control: max-age=31536000
Connection: keep-alive
Via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 1845
X-Xss-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P5
Server: TrillionSoft

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 87 KB
28 KB 377ms
115ms Script
application/javascript 2.16.1.243
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.1.243 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-16-1-243.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5425605463d89fe30eb08c7b77fc73a86f5ecdbacf6be9c3fb96443be339d049

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

content-encoding: br
x-amz-version-id: c1C4vVsvV_t3Ne3mPItD6Soyyfsk7UYQ
etag: W/"5ea2a28e2baad696a203d70d29925000"
expires: Mon, 16 Dec 2024 18:17:47 GMT
x-amz-cf-id: OWXGJcV1j6mU2ypyEjkH0xCYiiMoDI15C_pXDlsfHRnNjtUxwLYw9w==
date: Mon, 16 Dec 2024 10:17:47 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 13 Dec 2024 08:43:34 GMT
vary: accept-encoding
cache-control: max-age=28800
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 27989
x-amz-cf-pop: FRA53-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2

200

PP.webp
nx1.cdn2go.net/Images/nexus-alpha/dark-green/desktop/home/slots/animations/
Redirect Chain

http://d1bnhxh1olb98c.cloudfront.net/Images/nexus-alpha/dark-green/desktop/home/slots/animations/PP.webp?v=20240326-2
https://nx1.cdn2go.net/Images/nexus-alpha/dark-green/desktop/home/slots/animations/PP.webp

202 KB
204 KB

611ms
611ms

Image
image/webp

172.67.74.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx1.cdn2go.net/Images/nexus-alpha/dark-green/desktop/home/slots/animations/PP.webp

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

Server

172.67.74.73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77134f83a30c54d59ae478a3013c04a4dba1da5cdb043d7f6dc14464dceb8297

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cf-cache-status: BYPASS
etag: "012435939d0d71:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bJHBK8h1FE5DpkbxrcRPFyCNDiSlT6dqDIdrBD0YYbv8Cxoghkp0xObAl6k9%2FYzAe%2B7L7UZo5r2WNcVVMttvpmz7xSRvIBPDlZUj7QEmOOy0Nann3g63RxcjfIJ7s9iF"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=26826&min_rtt=25985&rtt_var=1081&sent=113&recv=67&lost=0&retrans=0&sent_bytes=102397&recv_bytes=3277&delivery_rate=718468&cwnd=246&unsent_bytes=0&cid=a058823839cdc80f&ts=9675&x=0"
date: Mon, 16 Dec 2024 10:17:47 GMT
content-type: image/webp
last-modified: Tue, 02 Nov 2021 22:31:16 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f2decf70876e5a8-OTP
accept-ranges: bytes
content-length: 206830
x-xss-protection: 1; mode=block
server: cloudflare

Redirect headers

Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mbr%2BiwFyW%2BsvHrNYtEUlP3XIVR3h3jAwbAxD1gr4IxVILhxM5rqFyDYRBu4IIO7tll16q2vc4F61TVQzf%2BW%2BGeCncfYUq71oJfGPay1vLH1w63yp4%2FK8C7PGdvVWwHaJ"}],"group":"cf-nel","max_age":604800}
Expires: Mon, 16 Dec 2024 11:17:47 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=847&min_rtt=847&rtt_var=423&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=419&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
X-Cache: Miss from cloudfront
X-Amz-Cf-Id: FEU-GVtuKJQACzpm6tQlrxTp45DgVczYDq8oc3Sj0yPup9PGp-e_xw==
Date: Mon, 16 Dec 2024 10:17:47 GMT
Content-Type: text/html
Cache-Control: max-age=3600
Location: https://nx1.cdn2go.net/Images/nexus-alpha/dark-green/desktop/home/slots/animations/PP.webp
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Via: 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
CF-RAY: 8f2decf62e00f8f2-SIN
Content-Length: 167
X-Amz-Cf-Pop: FRA56-P5
Server: cloudflare

GET
H2 200 pragmatic-play.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 3 KB
0 3ms
3ms Image
image/webp 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/pragmatic-play.webp
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: f2ca0b5c1a3ee1ce3eb2ec0bec84a203b3e8b7ca38d564cae550e093622d35ef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=604800
expires: Mon, 23 Dec 2024 10:17:38 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 2696
date: Mon, 16 Dec 2024 10:17:38 GMT
content-type: image/webp
last-modified: Thu, 10 Oct 2024 07:54:40 GMT

GET
H2 200 pg-soft.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 2 KB
0 3ms
3ms Image
image/webp 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/pg-soft.webp
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: a75c741635aa16e2799fb448d78317358f52c25a23b01cc4926ca5dfa5576c6d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=604800
expires: Mon, 23 Dec 2024 10:17:38 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1690
date: Mon, 16 Dec 2024 10:17:38 GMT
content-type: image/webp
last-modified: Thu, 10 Oct 2024 07:54:36 GMT

GET
H2 200 habanero.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 1 KB
0 3ms
3ms Image
image/webp 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/habanero.webp
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 3b19b8235dc776ab8c03cc035dde3d6c9a1e3f2154e07b47ce4a75173d8d97d4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=604800
expires: Mon, 23 Dec 2024 10:17:38 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1354
date: Mon, 16 Dec 2024 10:17:38 GMT
content-type: image/webp
last-modified: Thu, 10 Oct 2024 07:54:42 GMT

GET
H2 200 spade-gaming.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 2 KB
0 3ms
3ms Image
image/webp 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/spade-gaming.webp
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: b3ecc694b5b966a72e72f8046c55e942110f40317876e2327e8b61ce5f3f1559

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=604800
expires: Mon, 23 Dec 2024 10:17:38 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1848
date: Mon, 16 Dec 2024 10:17:38 GMT
content-type: image/webp
last-modified: Thu, 10 Oct 2024 07:54:36 GMT

GET
H2 200 joker.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 4 KB
0 4ms
4ms Image
image/webp 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/joker.webp
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 8dde4ad19297df0f45dbbfba91f5cc2286ced2bdc56728dc2b66550db7dc27c5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=604800
expires: Mon, 23 Dec 2024 10:17:38 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4600
date: Mon, 16 Dec 2024 10:17:38 GMT
content-type: image/webp
last-modified: Thu, 10 Oct 2024 07:54:40 GMT

GET
H2 200 micro-gaming-plus.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 2 KB
0 4ms
4ms Image
image/webp 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/micro-gaming-plus.webp
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: ca09cb2945c25927ca7eeb061455a2919deeed00a43c4df561864900c279c40f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=604800
expires: Mon, 23 Dec 2024 10:17:38 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 2544
date: Mon, 16 Dec 2024 10:17:38 GMT
content-type: image/webp
last-modified: Thu, 10 Oct 2024 07:54:38 GMT

GET jili.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 0
0

GET
H2 200 jdb.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 2 KB
0 4ms
4ms Image
image/webp 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/jdb.webp
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 07d068e1d7f29844c5d285beabf1cd9aec0167d8531b123688adc35bef15aa06

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=604800
expires: Mon, 23 Dec 2024 10:17:38 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1836
date: Mon, 16 Dec 2024 10:17:38 GMT
content-type: image/webp
last-modified: Thu, 10 Oct 2024 07:54:40 GMT

GET evolution.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 0
0

GET
H2 200 advant-play.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 3 KB
0 4ms
4ms Image
image/webp 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/advant-play.webp
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: f48fd820d2622a237cfd01d2643edd67b28dd2ff7b42b50ed4f2fc29575ed2b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

expires: Mon, 23 Dec 2024 10:17:38 GMT
accept-ranges: bytes
cache-control: public, max-age=604800
content-length: 3076
date: Mon, 16 Dec 2024 10:17:38 GMT
content-type: image/webp
last-modified: Thu, 10 Oct 2024 07:54:42 GMT

GET live22-slotmaker.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 0
0

GET wow-gaming.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 0
0

GET playtech.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 0
0

GET bbin.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 0
0

GET
H2 200 play-n-go.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 2 KB
2 KB 1451ms
1446ms Image
image/webp 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/play-n-go.webp
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 3312944416b813b2b8dfb561ec10807ad4b840f38dbe565aaca087291fc6faff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

expires: Mon, 23 Dec 2024 10:17:47 GMT
accept-ranges: bytes
cache-control: public, max-age=604800
content-length: 2272
date: Mon, 16 Dec 2024 10:17:46 GMT
content-type: image/webp
last-modified: Thu, 10 Oct 2024 07:54:34 GMT

GET
H2 200 yggdrasil.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 2 KB
2 KB 1451ms
1446ms Image
image/webp 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/yggdrasil.webp
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: bf2b4d30d7baf33c46c34cfd7207634b96106c293da65cfa4ab47d851c01cef8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

expires: Mon, 23 Dec 2024 10:17:47 GMT
accept-ranges: bytes
cache-control: public, max-age=604800
content-length: 2048
date: Mon, 16 Dec 2024 10:17:46 GMT
content-type: image/webp
last-modified: Thu, 10 Oct 2024 07:54:40 GMT

GET evoplay.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 0
0

GET
H2 200 cq9.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 2 KB
2 KB 1377ms
1373ms Image
image/webp 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/cq9.webp
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 95c55f1d5a14dbe3af8deee6141fad2427c1ff40d69102c87c356eac134f5fb1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

expires: Mon, 23 Dec 2024 10:17:47 GMT
accept-ranges: bytes
cache-control: public, max-age=604800
content-length: 1612
date: Mon, 16 Dec 2024 10:17:46 GMT
content-type: image/webp
last-modified: Thu, 10 Oct 2024 07:54:36 GMT

GET asia-gaming.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 0
0

GET
H2 200 playstar.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 2 KB
2 KB 1451ms
1447ms Image
image/webp 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/playstar.webp
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 43fc54e989dc12d674a24cc5b1aaf0ee00129850b427f94146ccdb47e00a4900

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

expires: Mon, 23 Dec 2024 10:17:47 GMT
accept-ranges: bytes
cache-control: public, max-age=604800
content-length: 1690
date: Mon, 16 Dec 2024 10:17:46 GMT
content-type: image/webp
last-modified: Thu, 10 Oct 2024 07:54:38 GMT

GET
H2 200 sbo-slot.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 3 KB
3 KB 1451ms
1446ms Image
image/webp 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/sbo-slot.webp
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 1b49ae06fe1ede83067c2a18db55b8e11d1c3bc3644170f0e97bb3041b29ad52

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

expires: Mon, 23 Dec 2024 10:17:47 GMT
accept-ranges: bytes
cache-control: public, max-age=604800
content-length: 3458
date: Mon, 16 Dec 2024 10:17:46 GMT
content-type: image/webp
last-modified: Thu, 10 Oct 2024 07:54:34 GMT

GET rich88.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 0
0

GET
H2 200 fun-gaming.webp
g500on.cfd/dekstop/bundles/img/provider/slots/ 5 KB
5 KB 1449ms
1445ms Image
image/webp 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/fun-gaming.webp
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 0535dbaeea4ed88fbba3340cc4baee0375309e9d7abd4cc4358077123a413155

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

expires: Mon, 23 Dec 2024 10:17:47 GMT
accept-ranges: bytes
cache-control: public, max-age=604800
content-length: 4628
date: Mon, 16 Dec 2024 10:17:46 GMT
content-type: image/webp
last-modified: Thu, 10 Oct 2024 07:54:38 GMT

GET
H2 200 993697205076579 Show response
connect.facebook.net/signals/config/ 28 KB
4 KB 179ms
173ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/993697205076579?v=2.9.179&r=stable&domain=www.g500on.cfd.unogg168.web.id&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C135%2C164%2C198%2C200%2C123%2C146%2C152%2C130%2C236%2C117%2C199%2C127%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C133%2C158

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

79128baddd2fe4050ff31895f49c53a89d5f6173f45fcd90f03e26c2940c1211

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-Gr065Tog' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 10:17:46 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-Gr065Tog' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=86, mss=1348, tbw=88941, tp=-1, tpl=-1, uplat=103, ullat=0
pragma: public
x-fb-debug: Mx33mtqX3Qi5XKXRlYHJP+3dj8cN44jvQ8eVf00QFEFRvBPKaVPeYwZF0baS5O89VOmi7JO9nnV/hhFKN2hCXA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 571ms
102ms Image
text/plain 157.240.251.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3548697528743011&ev=PageView&dl=http%3A%2F%2Fwww.g500on.cfd.unogg168.web.id%2Fdekstop%2Findex.php&rl=http%3A%2F%2Fwww.g500on.cfd.unogg168.web.id%2F&if=false&ts=1734344265979&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.2.1734344265682.629455422804363964&cs_est=true&cdl=API_unavailable&it=1734344265294&coo=false&rqm=GET

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=10, mss=1348, tbw=3365, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 16 Dec 2024 10:17:47 GMT
content-type: text/plain
server: proxygen-bolt

GET /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 0
0

OPTIONS
H2 204 progressive-jackpot
jp-api2.namesvr.dev/ 0
0 1411ms
659ms Preflight 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jp-api2.namesvr.dev/progressive-jackpot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://www.g500on.cfd.unogg168.web.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f2decf2fac5e3f7-OTP
date: Mon, 16 Dec 2024 10:17:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UDqff1zMZfwpypp%2Bvlf4JvdGT50AEVOfhcZCyZAby%2FurYm22SujltBjB40kJIQ5KroaU1%2FpfJC3sQSgJQDv%2Fnyq5KI6Zrk1qMv%2BgSNLBgtr%2B0z0h0Vg3DvzH2X1F1dSJZ9adMT5a"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=26204&min_rtt=26038&rtt_var=4238&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4029&recv_bytes=2413&delivery_rate=154398&cwnd=240&unsent_bytes=0&cid=3e348570230950e3&ts=935&x=0"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 875479224220932 Show response
connect.facebook.net/signals/config/ 29 KB
4 KB 156ms
151ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/875479224220932?v=2.9.179&r=stable&domain=www.g500on.cfd.unogg168.web.id&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C135%2C164%2C198%2C200%2C123%2C146%2C152%2C130%2C236%2C117%2C199%2C127%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C133%2C158

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

fbda67bc054eea92be5b5ddece23499b58f8a9936ee501912cd21b445df61ed6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-E9kb4Qg4' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 10:17:46 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-E9kb4Qg4' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=86, mss=1348, tbw=93084, tp=-1, tpl=-1, uplat=83, ullat=0
pragma: public
x-fb-debug: yx8rBWnkJQb9bitq5/4CvJeEGATFBIK8P9kLWG84brMQbUjJAUMHZru6kSSgbBfC2KlIRzgoGHT4ABcZt+8GYw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 332ms
101ms Image
text/plain 157.240.251.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=993697205076579&ev=PageView&dl=http%3A%2F%2Fwww.g500on.cfd.unogg168.web.id%2Fdekstop%2Findex.php&rl=http%3A%2F%2Fwww.g500on.cfd.unogg168.web.id%2F&if=false&ts=1734344266169&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.2.1734344265682.629455422804363964&cs_est=true&cdl=API_unavailable&it=1734344265294&coo=false&rqm=GET

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=10, mss=1348, tbw=3055, tp=-1, tpl=-1, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 16 Dec 2024 10:17:47 GMT
content-type: text/plain
server: proxygen-bolt

GET /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 0
0

GET
H2 200 688837020048195 Show response
connect.facebook.net/signals/config/ 29 KB
4 KB 147ms
147ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/688837020048195?v=2.9.179&r=stable&domain=www.g500on.cfd.unogg168.web.id&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C135%2C164%2C198%2C200%2C123%2C146%2C152%2C130%2C236%2C117%2C199%2C127%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C133%2C158

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

26abb6726ffd1034b4a16f36f30d6a8aeedfbdde786993e11405f694f5764fdc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-S1HXhKF8' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 10:17:46 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-S1HXhKF8' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=86, mss=1348, tbw=97448, tp=-1, tpl=-1, uplat=79, ullat=0
pragma: public
x-fb-debug: YcdttEYwxaU4wKir6my11bHw9KDYBW7g4hJuCYvGcYg9hseNa/sNXdZL9jyTrW1JzceOpMqh2JSAMoqMmbW/aQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 71ms
69ms Image
text/plain 157.240.251.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=875479224220932&ev=PageView&dl=http%3A%2F%2Fwww.g500on.cfd.unogg168.web.id%2Fdekstop%2Findex.php&rl=http%3A%2F%2Fwww.g500on.cfd.unogg168.web.id%2F&if=false&ts=1734344266338&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.2.1734344265682.629455422804363964&cs_est=true&cdl=API_unavailable&it=1734344265294&coo=false&rqm=GET

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=10, mss=1348, tbw=3565, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 16 Dec 2024 10:17:47 GMT
content-type: text/plain
server: proxygen-bolt

GET /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 0
0

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 82ms
80ms Image
text/plain 157.240.251.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=688837020048195&ev=PageView&dl=http%3A%2F%2Fwww.g500on.cfd.unogg168.web.id%2Fdekstop%2Findex.php&rl=http%3A%2F%2Fwww.g500on.cfd.unogg168.web.id%2F&if=false&ts=1734344266669&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.2.1734344265682.629455422804363964&cs_est=true&cdl=API_unavailable&it=1734344265294&coo=false&rqm=GET

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=10, mss=1348, tbw=3773, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 16 Dec 2024 10:17:47 GMT
content-type: text/plain
server: proxygen-bolt

GET /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 0
0

GET
H2 200 get_dynamic_configuration Show response
api.livechatinc.com/v3.6/customer/action/ 391 B
629 B 744ms
414ms Script
application/javascript 95.101.111.159
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=12126543&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=http%3A%2F%2Fwww.g500on.cfd.unogg168.web.id%2Fdekstop%2Findex.php&channel_type=code&jsonp=__uqf2td69ttf

Requested by

Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.159 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a95-101-111-159.deploy.static.akamaitechnologies.com

Software

Resource Hash

dd914c1243e4b605038a9a6b5adfe387a3b5e97cdf4ae6e7996ad244b4405a4e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://www.g500on.cfd.unogg168.web.id/;
X-Frame-Options	allow-from http://www.g500on.cfd.unogg168.web.id/

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

content-security-policy: frame-ancestors http://www.g500on.cfd.unogg168.web.id/;
content-length: 391
date: Mon, 16 Dec 2024 10:17:48 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
x-frame-options: allow-from http://www.g500on.cfd.unogg168.web.id/

GET
H2 200 get_configuration Show response
api.livechatinc.com/v3.4/customer/action/ 5 KB
2 KB 256ms
254ms Script
application/javascript 95.101.111.159
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=00eff5dc-fd95-4473-a028-967ec73c01cc&version=1800.0.1.2437.1167.43.2.1.7.133.5.20.1&group_id=0&jsonp=__lc_static_config
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.159 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a95-101-111-159.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6f5c80e51bc7d6d64fb2495fec0e4062a83f3d6419074dd5f4a7493d574fc382

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/

Response headers

cache-control: public, max-age=600
content-encoding: gzip
cross-origin-resource-policy: cross-origin
deprecation: 2024-11-30
expires: Mon, 16 Dec 2024 10:27:48 GMT
content-length: 1640
date: Mon, 16 Dec 2024 10:17:48 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding

GET
H/1.1 200
OK IMG-20241028-WA0161-removebg-preview.png
www.g500on.cfd.unogg168.web.id/assets/img/ 256 KB
0 0ms
0ms Other
image/png 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.g500on.cfd.unogg168.web.id/assets/img/IMG-20241028-WA0161-removebg-preview.png
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 48047b0e5701a85c3fd43488f686c47b2a47b5a9e843b47f0367a8703c6e68ca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

expires: Mon, 23 Dec 2024 10:17:38 GMT
accept-ranges: bytes
cache-control: public, max-age=604800
content-length: 262517
date: Mon, 16 Dec 2024 10:17:38 GMT
content-type: image/png
last-modified: Mon, 28 Oct 2024 16:30:11 GMT

POST
H/1.1 404
Not Found online Show response
www.g500on.cfd.unogg168.web.id/session/ 708 B
963 B 437ms
437ms XHR
text/html 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.g500on.cfd.unogg168.web.id/session/online
Requested by: Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/bundles/dekstop.js
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/json; charset=utf-8

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=100
content-length: 708
pragma: no-cache
date: Mon, 16 Dec 2024 10:17:51 GMT
content-type: text/html
Connection: Keep-Alive

GET progressive-jackpot
jp-api2.namesvr.dev/ 0
0

GET
H2 200 progressive-jackpot Show response
jp-api2.namesvr.dev/ 14 B
476 B 348ms
347ms XHR
application/json 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jp-api2.namesvr.dev/progressive-jackpot

Requested by

Host: www.g500on.cfd.unogg168.web.id
URL: http://www.g500on.cfd.unogg168.web.id/dekstop/bundles/dekstop.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10b9fc7b56d813669663201100d63b37a8d057aad3fd0e3656d89447101fbdc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.g500on.cfd.unogg168.web.id/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/json; charset=utf-8

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rnsyMy%2FfpBQUD8AUBUwk66GcbNX5%2BdJbgIrg1A6q3LyPKaJ1L1fsxeilp4kI3XB%2F%2BF1NrS8gNsTds6EmEBEe9cq6aQaIWt7BYaM6sC0pNRlscs88K9Ycqrw799%2F9CN5bfR9szkFw"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8f2ded146b8ce3f7-OTP
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=26296&min_rtt=26038&rtt_var=958&sent=19&recv=22&lost=0&retrans=0&sent_bytes=6210&recv_bytes=2774&delivery_rate=154398&cwnd=243&unsent_bytes=0&cid=3e348570230950e3&ts=5977&x=0"
date: Mon, 16 Dec 2024 10:17:52 GMT
x-xss-protection: 1; mode=block
content-type: application/json; charset=utf-8
server: cloudflare

GET
H/1.1 200
OK hb-champ-oct-mobile.jpg
www.g500on.cfd.unogg168.web.id/uploads/fotobanner/ 39 KB
0 659ms
658ms Image
image/jpeg 103.140.90.101
IDNIC-SARANAINDO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.g500on.cfd.unogg168.web.id/uploads/fotobanner/hb-champ-oct-mobile.jpg
Protocol: HTTP/1.1
Server: 103.140.90.101 , Indonesia, ASN138876 (IDNIC-SARANAINDO-AS-ID CV. Saranaindo, ID),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php

Response headers

cache-control: public, max-age=604800
Connection: Keep-Alive
expires: Mon, 23 Dec 2024 10:17:53 GMT
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 78949
date: Mon, 16 Dec 2024 10:17:53 GMT
content-type: image/jpeg
last-modified: Mon, 28 Oct 2024 15:23:10 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: line.ppprrp.com
URL: https://line.ppprrp.com/global/files/images/2019102922541993154.png

Domain: line.ppprrp.com
URL: https://line.ppprrp.com/global/files/images/2019102922495611028.png

Domain: line.ppprrp.com
URL: https://line.ppprrp.com/global/files/images/2019102922452490974.png

Domain: line.ppprrp.com
URL: https://line.ppprrp.com/global/files/images/2023032406002771377.png

Domain: line.ppprrp.com
URL: https://line.ppprrp.com/global/files/images/2023032406015231827.png

Domain: line.ppprrp.com
URL: https://line.ppprrp.com/global/files/images/2019091023314111296.png

Domain: g500on.cfd
URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/jili.webp

Domain: g500on.cfd
URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/evolution.webp

Domain: g500on.cfd
URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/live22-slotmaker.webp

Domain: g500on.cfd
URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/wow-gaming.webp

Domain: g500on.cfd
URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/playtech.webp

Domain: g500on.cfd
URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/bbin.webp

Domain: g500on.cfd
URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/evoplay.webp

Domain: g500on.cfd
URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/asia-gaming.webp

Domain: g500on.cfd
URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/rich88.webp

Domain: www.facebook.com
URL: https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=307512991727066&ev=PageView&dl=http%3A%2F%2Fwww.g500on.cfd.unogg168.web.id%2Fdekstop%2Findex.php&rl=http%3A%2F%2Fwww.g500on.cfd.unogg168.web.id%2F&if=false&ts=1734344265695&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12316&fbp=fb.2.1734344265682.629455422804363964&cs_est=true&cdl=API_unavailable&it=1734344265294&coo=false&rqm=FGET

Domain: g500on.cfd
URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/jili.webp

Domain: g500on.cfd
URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/evolution.webp

Domain: g500on.cfd
URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/live22-slotmaker.webp

Domain: g500on.cfd
URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/wow-gaming.webp

Domain: g500on.cfd
URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/playtech.webp

Domain: g500on.cfd
URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/bbin.webp

Domain: g500on.cfd
URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/evoplay.webp

Domain: g500on.cfd
URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/asia-gaming.webp

Domain: g500on.cfd
URL: https://g500on.cfd/dekstop/bundles/img/provider/slots/rich88.webp

Domain: www.facebook.com
URL: https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=3548697528743011&ev=PageView&dl=http%3A%2F%2Fwww.g500on.cfd.unogg168.web.id%2Fdekstop%2Findex.php&rl=http%3A%2F%2Fwww.g500on.cfd.unogg168.web.id%2F&if=false&ts=1734344265979&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.2.1734344265682.629455422804363964&cs_est=true&cdl=API_unavailable&it=1734344265294&coo=false&rqm=FGET

Domain: www.facebook.com
URL: https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=993697205076579&ev=PageView&dl=http%3A%2F%2Fwww.g500on.cfd.unogg168.web.id%2Fdekstop%2Findex.php&rl=http%3A%2F%2Fwww.g500on.cfd.unogg168.web.id%2F&if=false&ts=1734344266169&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.2.1734344265682.629455422804363964&cs_est=true&cdl=API_unavailable&it=1734344265294&coo=false&rqm=FGET

Domain: www.facebook.com
URL: https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=875479224220932&ev=PageView&dl=http%3A%2F%2Fwww.g500on.cfd.unogg168.web.id%2Fdekstop%2Findex.php&rl=http%3A%2F%2Fwww.g500on.cfd.unogg168.web.id%2F&if=false&ts=1734344266338&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.2.1734344265682.629455422804363964&cs_est=true&cdl=API_unavailable&it=1734344265294&coo=false&rqm=FGET

Domain: www.facebook.com
URL: https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=688837020048195&ev=PageView&dl=http%3A%2F%2Fwww.g500on.cfd.unogg168.web.id%2Fdekstop%2Findex.php&rl=http%3A%2F%2Fwww.g500on.cfd.unogg168.web.id%2F&if=false&ts=1734344266669&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.2.1734344265682.629455422804363964&cs_est=true&cdl=API_unavailable&it=1734344265294&coo=false&rqm=FGET

Domain: jp-api2.namesvr.dev
URL: https://jp-api2.namesvr.dev/progressive-jackpot

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.g500on.cfd.unogg168.web.id/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6f9a2f32ef315acb1d9ad1275d6f2dcc
.viva88athenae.com/	1970-01-21 01:45:46	Name: __cf_bm Value: Iu.T.QnC0RzDJiVVD9abYzAFWHI_dkMLQ.VPdjMkJ6E-1734344255-1.0.1.1-tF6cTDkLeRm93ttt2ywiZvl701KxsSISCkj7Wqd3yNTdcZC6TNrAKWVr.y9sY9OSNAkfv_z3d359DhM8yEvoWg
.unogg168.web.id/	1970-01-21 11:21:44	Name: _ga_DEMR8X28X3 Value: GS1.1.1734344257.1.0.1734344257.0.0.0
.unogg168.web.id/	1970-01-21 11:21:44	Name: _ga Value: GA1.1.42287819.1734344258
.32828a.com/	1970-01-21 01:45:46	Name: __cf_bm Value: c9FXNkcpU1Hx6jfxtuvLGq1JYtdWCCZP9GGxa9eqwqw-1734344259-1.0.1.1-z8Cd5URab1tB1KUb_NxU5.CriB1l2FwCxGENT5nZJC4EQcp7OuarLriODDhOlVFQ5BGSmJFCi2Y0xmUaWNW1lA
.unogg168.web.id/	1970-01-21 03:55:20	Name: _fbp Value: fb.2.1734344265682.629455422804363964

34 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://www.g500on.cfd.unogg168.web.id/fonts/digital_sans_ef_medium.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.g500on.cfd.unogg168.web.id/fonts/glyphicons-halflings-regular.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.g500on.cfd.unogg168.web.id/fonts/Gilroy-ExtraBold.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.g500on.cfd.unogg168.web.id/img/whatsapp.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.g500on.cfd.unogg168.web.id/fonts/Open24DisplaySt.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.g500on.cfd.unogg168.web.id/fonts/digital_sans_ef_medium.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.g500on.cfd.unogg168.web.id/fonts/glyphicons-halflings-regular.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.g500on.cfd.unogg168.web.id/fonts/Open24DisplaySt.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.g500on.cfd.unogg168.web.id/dekstop/5006.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.g500on.cfd.unogg168.web.id/dekstop/5009.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.g500on.cfd.unogg168.web.id/dekstop/5008.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.g500on.cfd.unogg168.web.id/dekstop/royalbaccarat.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.g500on.cfd.unogg168.web.id/dekstop/5013.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.g500on.cfd.unogg168.web.id/dekstop/5014.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.g500on.cfd.unogg168.web.id/dekstop/5027.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.g500on.cfd.unogg168.web.id/dekstop/royalroulette.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.g500on.cfd.unogg168.web.id/dekstop/royalsicbo.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.g500on.cfd.unogg168.web.id/dekstop/royal5boxbj.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.g500on.cfd.unogg168.web.id/dekstop/royalblackjack.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://line.ppprrp.com/global/files/images/2019102922541993154.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://line.ppprrp.com/global/files/images/2019102922495611028.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://line.ppprrp.com/global/files/images/2019102922452490974.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://line.ppprrp.com/global/files/images/2019091023314111296.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://line.ppprrp.com/global/files/images/2023032406015231827.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://line.ppprrp.com/global/files/images/2023032406002771377.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: http://www.g500on.cfd.unogg168.web.id/dekstop/dragonbonus.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.g500on.cfd.unogg168.web.id/dekstop/5006.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.g500on.cfd.unogg168.web.id/dekstop/5008.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
recommendation	verbose	URL: http://www.g500on.cfd.unogg168.web.id/dekstop/index.php Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: http://www.g500on.cfd.unogg168.web.id/dekstop/5009.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.g500on.cfd.unogg168.web.id/dekstop/5013.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.g500on.cfd.unogg168.web.id/dekstop/5027.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.g500on.cfd.unogg168.web.id/dekstop/5014.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.g500on.cfd.unogg168.web.id/session/online Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-egame-staging.sgplay.net
api.livechatinc.com
cdn.icon-icons.com
cdn.jsdelivr.net
cdn.livechatinc.com
connect.facebook.net
d1bnhxh1olb98c.cloudfront.net
d2rzzcn1jnr24x.cloudfront.net
dlntdk2it99.anhuidingyue.com
file.32828a.com
g500on.cfd
game.thbinn.online
gsmd.336699bet.com
img.qiangmingbao.net
img.viva88athenae.com
jp-api2.namesvr.dev
line.ppprrp.com
media.tenor.com
nx-cdn.trgwl.com
nx1.cdn2go.net
www.facebook.com
www.g500on.cfd.unogg168.web.id
www.google-analytics.com
www.googletagmanager.com
g500on.cfd
jp-api2.namesvr.dev
line.ppprrp.com
www.facebook.com
103.140.90.101
103.148.239.44
104.18.31.132
104.27.202.89
142.250.184.232
151.101.129.229
157.240.251.35
157.240.252.13
163.181.92.234
172.217.18.10
172.217.18.14
172.64.144.224
172.67.72.210
172.67.74.173
172.67.74.73
18.66.107.128
18.66.107.155
188.114.96.3
2.16.1.243
95.101.111.159
01afeb56aa9c9c193074fc792eece2e01c5220a6b38faedb91b9f92f5563efcf
0268b8e9d84e82e5e12508d8ee42bf87987cdbd4005286cd799fb6a72092c95c
027846113da10b1e0d593d8b0b43e63ff1ada1f037b6179aee49ccd252fc53db
0463efa6e6724ba9625efcfb1277cfde110e6be801211653c2afce0fb99b3344
0535dbaeea4ed88fbba3340cc4baee0375309e9d7abd4cc4358077123a413155
07d068e1d7f29844c5d285beabf1cd9aec0167d8531b123688adc35bef15aa06
08f01b7087decabdc413ec0b209d78fddf1542c4ee01e943b23e5cfa2126c2e7
09f43420ad7491870dc980c2ab7b56bb3c110f1e67c2da25f902130cc3446b37
09f77f8c57d107f06a4bc31e3e749fbe90d8ecb7c4e82b5fbd8e8fd3d3fb4fad
0b1040b4503c2191b346e3e9ae3a35ec8f6bdea62eb446e5f9aa5a556706e711
0b175c69392e9610594de0ab3c4fa3a9513313942f3a95245d24ff5c6ca6ce6d
0e50bc47c56ad5566f451b7f3f31a43b17b7702796283207452328cde81c6a31
0ebdf80237b424500a180e3e9545c1108c56611011ec54517bc92568eeb133c7
0f88784b349e4f6d9bf7a9c340582e80f3682f19f85a27d16687c4ff48e573c8
10b9fc7b56d813669663201100d63b37a8d057aad3fd0e3656d89447101fbdc0
112697936e5de4bf0340107c17b1a5f70d98562dfc3c5b72d45adb7772561cca
1381de4140f90dcd7c7e839383719ece1a256ae6d12e6c6e9da7fea650264847
14e4667fa31cc868619538a099a3d7399b9dcdbc5db99a19e5a56a38db81946c
1778a457a85c1e05e1a4906b5229bb42fb5471719652ceee81c34ff5c5010877
1a6b7c818e3421152237a822ce764553b21b8fcb8acf08d5caa4af6775bd2bb4
1b49ae06fe1ede83067c2a18db55b8e11d1c3bc3644170f0e97bb3041b29ad52
1b81a90d317b70f82719218970659a41b488eae52d89f93401a41bcc7b23f44e
1c1783ab1e4056272d5f760b0273500921ae504e444215b704c8627f896d2bcf
1d9fbdfbb4d4b561511f16aa2b67a3b4ca2beb0d55daa958e29c4800faed1c37
220ff94f3bd512dfe3f4bbb44f7677067083e13680812b20f565b04359968a01
22f50308aeab20fc9a99de9f24614a4019e2547bc0ab3835cd6de47c682e2b9d
23944860300a6ddadf40365229ed9c8cdcef46e00118ea2f39e0ab8ca3ea4d4f
240355f4e85792fb5c1e46a942e6d797a078d39f8717dfbab666e4e80cb4dd8d
24ed87f4cbd36757e004a68209778835cdac1212ff483130797e6989e5fe0393
26abb6726ffd1034b4a16f36f30d6a8aeedfbdde786993e11405f694f5764fdc
2991f771f85700b7f88a8944a66afcd96199467920eec36cbb7ea77b6028f1dc
2da03dc2c83144a601ae50987e8e09e016a4a921167b755586ed421f767bf6fa
2e11dedfaf2b4a23ce120e63ec4fbe737fd51c14db823e5566993b4380356081
302f07a0c666aa1a497cdf887b675b36c8482cc42fda64b6e73af3511cc2220a
303f96fd1df1cd9293f918581c7423f617e638150340e0c16706155f55244f9d
32c29a7daeacb1f14ac3fef72a1ee4c80e1b86b3e8331f7f7b51b4bb957efdeb
3312944416b813b2b8dfb561ec10807ad4b840f38dbe565aaca087291fc6faff
332a837ede916219ee9bf2d600c6577f5f0f1db95dd8f9f53e762252f982c3b0
36a7fee233fdff4eb0e17782b44e69f31bc054cc75ce22a7e70c5fec3fe57898
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
3815eba1b61f8c9bc806b74b1c58330e07fd1e5f4c31b13785348e0a6ce4c03d
3b19b8235dc776ab8c03cc035dde3d6c9a1e3f2154e07b47ce4a75173d8d97d4
3c534f17f7f6514855e3b8091e82f321c0cafd1a6ae77dc6ba8b39d80405a8db
3dd56684d034815f21c90c8839d7ad1e7c42e890ce658a2559fc32ee7e6d7094
3df9a31c64c787f9855f955ed75d6a1001dbf90ec66e6694a7678147f2bf5ede
418030ca862fa0e3341895241c578389ee9d74517a3615cf618d93381618f0f0
42f0b965c267c0c7f1c85f2d2933b3503d3fbd2941af0df89381b9d4bc8f370c
43fc54e989dc12d674a24cc5b1aaf0ee00129850b427f94146ccdb47e00a4900
4412698ddcc3c92787402e53649adc75e93bc40c9d3a18cacaa3449c5b03c237
474ac05ab8926870ec4fe034227e2e85fa05144f5e2393be074b3ccf663fb565
48047b0e5701a85c3fd43488f686c47b2a47b5a9e843b47f0367a8703c6e68ca
518876ee0bc7b4faff39a791f8002d590de00f36c1bc51448fbe76f89234bbfe
528f7fa864a82947b89c2af67290bdc7b54457a83ef89b5dea4e887820cb6b22
53ffd11d1e84e9d56b32c247aaa74ed0182a63e8a388b20d371ab5d106c9582a
5425605463d89fe30eb08c7b77fc73a86f5ecdbacf6be9c3fb96443be339d049
554a55ee4610693a930ca8af518ed0cf4281d8a458390f1e3f57c2e3472d154a
55f176c0cdf59b9f9b51893350da65675cb292b72f935a2012bd2183e54ed82f
56ad43e8fc2177c33b57e4d8a45e137965321f262fb90050bd5d69f2298c7a97
57f11ab0d9eff8be0726b35a3caf2682444d644529c20eb385f9f637b229949c
5a4b44f8323120e842da25e1c427d854f1288e75ea376cebfb7f81972c034209
5b8a16e418af08fe9fe916515e4a57c68413d3d3bf00b5db781bf00953f8c3b3
5fbdef4b06a2f251d6b53984888d52b3d0029c6d5ee2cf64939afd46fd2baea9
62299539accd8f5cc8f255194f97aa407f73f21f28aeccb1450b3344cf78a318
644da6a85bc4de667c5243374ccfd1730df89f1865dd5bf80ee53b884f69593d
66167e4db0571e18126951c8964c4e1233951450a3ad7a3491eceb4e0b1cd0e6
667ee8612b9502ae0c6f0b8eac253c8bca307446262f7ac5c2cc1a84b50d9d65
66a84eebf8d1f072d566e0d4d76dab431205e5135d5d3267c6c1d90a476de1a2
676d120d172dd00e4694ce12ddd396ab9441b0c3d26a66e6bfb8293e91d9cf96
67be67cc4fd9db44372239a8ea5fc07095722bafa29e57229ab20b7eebdb9d2a
6859917f17c0b4ccd4e0f7944f49bc9b2968fb61a4593428cfd176613922f81b
6a894ca4eb98b94dd64c4932a00556251a255d1eb577880df7cd2a98e2cb1b72
6c8daef8e2635af89aa5651dfc84b1a2e2fd99455390da3850a32e0883d19e13
6e08483bc3be8ea7f9f047a74339d2ce41e15406b046a8aae565574de8e56313
6e43117ca573b423cc36d361a0eb652908f0af1a9532e4e2db658ee8edcbdf84
6e9105ca0c7775fcfd53e25f729cfd79f2f1b408bdf95ede483ee19a07d466f4
6f5c80e51bc7d6d64fb2495fec0e4062a83f3d6419074dd5f4a7493d574fc382
6f8db2adc18a2fd5ac5d2486d9852fd9685d5e00a8bb7e8078a665e253ce890b
71dda9bc7e88b5dceef9edc6b222974508ab9b969995d8a1abdde6bf3aa110a1
74a8b1968bf8bca40ecfbf6549c6c399e3143e14d0024bffd51f4a4b04c5119d
77134f83a30c54d59ae478a3013c04a4dba1da5cdb043d7f6dc14464dceb8297
78c5d3f0c294936ebeb6bd9a5568a2ebd72736f7f51ae22eada200ca0c90b7fb
79128baddd2fe4050ff31895f49c53a89d5f6173f45fcd90f03e26c2940c1211
7a10c5720d463fab133069ca3b9cca667989feb341c55f901c7a67ba59f96372
7a52b02930abaec0471b8acf8833346c52d48c20666d8ed0c38d6178dcf58224
7bd28c513ad9c9826fcd23d2a06281ade00d9fbb55e939a902c9782101970097
7be6afef81567967cf4c8e76e17a809403187c2fc2c16c8c8f57bf555ec342b7
7c677bb947094453f01adc8c07141268f0118aeb353aea712372d885705a5183
7e6fb78523303040ab8969ff1ceb9fc7deb74782eb7f456462b54b3d82d0d47c
8005b566a540489858728150e487632846c78102509d4ee7c43e89db4b830b8f
807e231346e1868c244d20ec3ea698d7e2bb74bb83452822bd4cda6221ce80df
811073ac2db66bc94a606c0ea6f888a735674e97f4d3579cbfd22b1b683c6f9c
836aa8ae22eab52480fbdc25c22d11c98c6cb94ba2e56b2a2d40871888fd36ee
872509d28d0e980320423b89fb35ecacff81bb9be80889f2e0b280d51c82a604
88bd896be0a8ef0dd374f874cd4b1ca7ca9fc9beee4266c050ea9389a96ff0cf
89bf19455165ca0da37d00a9a7016ab19382df969f537c0267a5d83d340b032c
89ced59147d0e22f6e9c7d443b74087181faa8d7309fccab4875fdbc66fbfd7f
8dde4ad19297df0f45dbbfba91f5cc2286ced2bdc56728dc2b66550db7dc27c5
8e35251d6654086ffa067cde149a004bec4da189a792d43fa6b86569f032a5fb
92c789ee556c6356ddbea9d45bd7e7de3526b411bd73e95570d1e16c86fc6bc5
9438b3dd72954d1290759ed443bb4776bb3bec14316ab91a3b8b271e5c8a7b69
95c55f1d5a14dbe3af8deee6141fad2427c1ff40d69102c87c356eac134f5fb1
9ae511e09295907e7399387c5edb476c424d3778daa280ed39e4327ef030470c
9c2e164067aa0ae27eda68953a52b02f17869b82a5235c4843be53055948c902
9f1c9ffe5cdbba38a6790ba005d9d5c44aababef888407fe45f07f331ed36d53
a068e514fcff1a17cffbcaf54b1fac203ba9069f85e16e62da4abefee2a74460
a148a6403cfac93daca5103a58584b7373e4e532deec70f7d2a5fa8e7a068216
a190432e0e3a321ab8cf5d7f501c5b383fefe28c106635723ebf6f5fcf46b3f3
a4df6008aa45a797a041fff9daaede51e234b8460a7ef0607a962a6a9b2a3ca4
a4e9ed35971a5a6f28747146723405072f7958131afab41b8f77189879eb11a2
a75c741635aa16e2799fb448d78317358f52c25a23b01cc4926ca5dfa5576c6d
a84b9ef223533928ad19cf6ed510017edfffce1cb34c65b2d0efe58624be0d79
ac5fd7715aff3d238f458bb35c6fb19cb3ebe6bf524812fbd95f8f831441f5ad
acf935748f02b0d97aa902f5e319c42a7318b6aee5f6d2b3a0b91de533c76107
b3aa56fd6df7716aaf86dadb3bd94dad64f39f6eadc1df87edfcbe3b35ff2af2
b3ecc694b5b966a72e72f8046c55e942110f40317876e2327e8b61ce5f3f1559
b470ef5cfb211925bc35f55d5fa2a4b870e4f9667ed1340cc1254ef052d9e0a2
b517a438763c94ee49f6cd2164754137b4131999a48d5ea40a28f328195d4bae
b809d4ccaa869b336febfb09e60b7a4b1620a02b9f8846825aa1ad17e1c2550b
b8e4af26282183ff711a3df3f082b20122f55012424022a46d706e969e51e8fa
b9c7e7fec1cfea805dcd69a6f0478eab548addc1ac634f30873e07cab1d12970
ba68e8016b4b516172039894389bbc6e624607a69efc0c788f5fef8e080389ee
bd6176ed45d40b4a3014fda5fbb1ef2a5664e916f5708caf89878cd3ea863353
beb2de5e526219d206a738f00445c1ebbe673ec646453d4334bf7c8ef40cd34d
bf2b4d30d7baf33c46c34cfd7207634b96106c293da65cfa4ab47d851c01cef8
bfdfa71f660ce0d2661801bf59cab3f2948df1e24735f9d45933358d4fbd1192
c2c5d04eb7e176102414247143e08fe742d63ad2b1f83b7a3fd5f510825707d3
c2f0664f5df5358ec469df522b81e6098582c650361755985c0bf140e7ef8d4b
c2f72bf3463ea18fde96f022d0035462d75535d2cf61e2379ef50b284e72d11f
c4f7270079111bfd4aad32fa4361bbdd26f315f8ee62aea8182b1b7d5fdf7221
c7943f023102af18c12250036088dcefe1d5f955765972d1f2036acab523464f
ca09cb2945c25927ca7eeb061455a2919deeed00a43c4df561864900c279c40f
cbf8ea136cb9875f6548ddfeb8eaf0290fab91b50610dfdd8583f5bc8644e04d
cdb1815b5776953153bac927f409e9030393dedbd1b0358a34048d4e9e19eeea
cdc8fae8291d737d559b642cd5c2db9f7cb6f16bde53fe7f33f7a64cfccd2f64
cdedd3079cda5eb76abdb54800b29dc21a24bbf688637fc45658dac7c86757e2
cedc45605094170cf6f90d6227d1816216504ad1ca8b26c38376ea61cab95010
d0fd921eb9cd4824e65f7d0fd2af8ba42595223a6c874534b94440670f89dd07
d5764279fe4b7e27d481581b1b68590f32574d05d0fb52a89a7b3c9628aba0c4
d7b97efc465acc2f757951556127a485b2d28aaee2692d45ad4ac4296af5960e
d8ac827a15bec9d27e6a0f660282b4d3c93b0cf0ceea44fdf260bfd9beb7b38c
d9af82474404ae999509960540473b4b6fe3499e715a4467b150e4f7ce008b82
da43eb7f461c7c6a0d8cca2812388191f25c5e2a0f236274fc1bab58e69f198c
dd914c1243e4b605038a9a6b5adfe387a3b5e97cdf4ae6e7996ad244b4405a4e
def4ce81ae76f3d11f3a12a52bf0f4c4536b37614bab2edce5d3eadc00c4a711
e0b33e2e32774c3daa96575b4d0b38fd679b17a1290cb046bc4a6ac107e26872
e1d6dc1fb1dce28020a92d2f89f93eaf0da3684614b1dc424a5771557e4f19e0
e2fad1f507ab29cbc17faa1416ed58ffb2a7d3a09efb9fbde5266789ddb30dff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3eff9d210c9b8e2ab65d6d2eafab66dff7bd2c01a0c574133cea76ffb82e00d
e8cd5103b615b93e648e926dfe8d3fbc537becb73c9351ce2411498ad12db0b3
e9d9eeae9527a77a615148c782df998cca89ccd1b3a55eb758a04db4b9941fef
ea31676bac344318cee7d79160af2ff5d4e856c413fe63269b4234319149105e
ea37bf3e3d469a369e4a565577126849801d213e39e3640369f27c98bd7b8f2a
ec10b83050a6193164366aa440a5f8d6dac6043624f509acd528abc0d39ddae3
ec5e050cb8eafb6cac369481c6dc533083385616ce0d41656f4ad9034a4b4274
ed9904faa4096611159e2580d887f5d9c85f65cb82d0328ef6236c9076ef58d7
f2195a38a669d5ae41085e14e5260444b12685eaf30f154775dc757554cab7e5
f2ca0b5c1a3ee1ce3eb2ec0bec84a203b3e8b7ca38d564cae550e093622d35ef
f48fd820d2622a237cfd01d2643edd67b28dd2ff7b42b50ed4f2fc29575ed2b2
f7523659539bc3e77c2e9c5dd33ed8f56cdbb46ba282d955dd950258d3e1db7a
f7ab9c9a9999d06d05341d75f6f1b8e6f5e41c0becb44957ce917ef3485622c2
f8f6c0e5bfdaa8ce4d19aa327cc677a7514ea9c9c7a508ac74f7b8357b624599
f933f79a85c898d47d4679dbe3ca4cc8008c67c58731f91550b239c8c1781331
fbda67bc054eea92be5b5ddece23499b58f8a9936ee501912cd21b445df61ed6
fbef64d2867f18e33b9430b813ae93961ecf565dd5da9dfe7228907db9e63009
ffc3fccce1f26593d0d4cdb27d1038ad09f4ea2c98a42ceab81e78fca8082f60

www.g500on.cfd.unogg168.web.id Open in urlscan Pro 103.140.90.101 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

330 Requests

62 %HTTPS

0 %IPv6

22 Domains

24 Subdomains

20 IPs

6 Countries

8988 kBTransfer

16345 kBSize

6 Cookies

5 Outgoing links

Page URL History

Redirected requests

330 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.g500on.cfd.unogg168.web.id Open in urlscan Pro
103.140.90.101 Public Scan

Screenshot
Live screenshot

Full Image

330
Requests

62 %
HTTPS

0 %
IPv6

22
Domains

24
Subdomains

20
IPs

6
Countries

8988 kB
Transfer

16345 kB
Size

6
Cookies

330 HTTP transactions
0 data transactions