urlscan.io logo urlscan.io
SecurityTrails logo

telegram-bot.getzoot.us Open in urlscan Pro
18.238.49.50  Public Scan

Go To Rescan Add Verdict Report
URL: https://telegram-bot.getzoot.us/
Submission: On November 27 via automatic, source certstream-suspicious — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 45 IPs in 3 countries across 43 domains to perform 123 HTTP transactions. The main IP is 18.238.49.50, located in United States and belongs to AMAZON-02, US. The main domain is telegram-bot.getzoot.us.
TLS certificate: Issued by Amazon RSA 2048 M02 on November 24th 2024. Valid for: a year.
This is the only time telegram-bot.getzoot.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
42 18.238.49.50 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 3.163.245.4 16509 (AMAZON-02)
2 2a04:4e42:400... 54113 (FASTLY)
5 23.48.224.112 20940 (AKAMAI-AS...)
2 31.13.80.12 32934 (FACEBOOK)
1 151.101.129.140 54113 (FASTLY)
1 151.101.65.140 54113 (FASTLY)
5 35.190.43.134 15169 (GOOGLE)
2 31.13.80.36 32934 (FACEBOOK)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 34.86.110.8 396982 (GOOGLE-CL...)
7 54.87.35.102 14618 (AMAZON-AES)
4 18.233.92.127 14618 (AMAZON-AES)
1 2001:67c:4e8:... 62041 (Telegram ...)
3 108.138.128.29 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 52.207.36.173 14618 (AMAZON-AES)
2 52.23.143.117 14618 (AMAZON-AES)
4 52.73.245.201 14618 (AMAZON-AES)
2 44.195.212.175 14618 (AMAZON-AES)
3 54.191.83.64 16509 (AMAZON-02)
21 24 35.236.220.17 396982 (GOOGLE-CL...)
1 1 2600:9000:284... 16509 (AMAZON-02)
1 2 98.82.156.107 14618 (AMAZON-AES)
2 3 69.194.240.13 26120 (RHYTHMONE)
1 2 35.71.139.29 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 34.111.113.62 396982 (GOOGLE-CL...)
1 1 108.138.128.83 16509 (AMAZON-02)
1 1 2600:9000:21f... 16509 (AMAZON-02)
1 2 2600:9000:251... 16509 (AMAZON-02)
1 8.28.7.83 62713 (AS-PUBMATIC)
1 63.251.28.230 26558 (FREEWHEEL)
2 3 2600:1901:0:8... 396982 (GOOGLE-CL...)
1 1 2001:4998:14:... 14777 (YAHOO)
2 3 2001:4998:14:... 14777 (YAHOO)
1 2 50.16.197.56 14618 (AMAZON-AES)
1 3.213.29.127 14618 (AMAZON-AES)
1 23.47.69.85 16625 (AKAMAI-AS)
1 2 34.204.27.94 14618 (AMAZON-AES)
1 2 54.210.193.121 14618 (AMAZON-AES)
2 2 35.244.154.8 396982 (GOOGLE-CL...)
1 1 107.178.254.65 396982 (GOOGLE-CL...)
1 2 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 142.251.40.226 15169 (GOOGLE)
1 1 142.250.80.98 15169 (GOOGLE)
1 172.217.165.132 15169 (GOOGLE)
1 2 68.67.160.114 29990 (ASN-APPNEX)
1 69.173.146.5 26667 (RUBICONPR...)
1 2 35.244.159.8 396982 (GOOGLE-CL...)
2 2 142.250.65.162 15169 (GOOGLE)
123 45
42    18.238.49.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-50.jfk52.r.cloudfront.net
telegram-bot.getzoot.us
1    2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    3.163.245.4 (United States)

ASN16509 (AMAZON-02, US)
sc-static.net
2    2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
5    23.48.224.112 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-48-224-112.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    31.13.80.12 (Toronto, Canada)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-yyz1.fbcdn.net
connect.facebook.net
1    151.101.129.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
pixel-config.reddit.com
1    151.101.65.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
alb.reddit.com
5    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
tr6.snapchat.com
2    31.13.80.36 (Toronto, Canada)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-yyz1.facebook.com
www.facebook.com
2    2607:f8b0:4006:809::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700::6810:a091 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
2    34.86.110.8 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.110.86.34.bc.googleusercontent.com
tag.simpli.fi
i.simpli.fi
7    54.87.35.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-35-102.compute-1.amazonaws.com
rgs.enigmalakecasino.com
4    18.233.92.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-92-127.compute-1.amazonaws.com
auth.enigmalakecasino.com
1    2001:67c:4e8:f004::9 (Amsterdam, Netherlands)

ASN62041 (Telegram Telegram Messenger Inc, VG)
telegram.org
3    108.138.128.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-29.jfk50.r.cloudfront.net
sr-client-cfg.amplitude.com
2    2606:4700::6811:2474 (United States)

ASN13335 (CLOUDFLARENET, US)
api.radar.io
4    52.207.36.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-36-173.compute-1.amazonaws.com
wallet.enigmalakecasino.com
2    52.23.143.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-143-117.compute-1.amazonaws.com
level-up.enigmalakecasino.com
4    52.73.245.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-245-201.compute-1.amazonaws.com
store.enigmalakecasino.com
2    44.195.212.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-212-175.compute-1.amazonaws.com
reward.enigmalakecasino.com
3    54.191.83.64 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-191-83-64.us-west-2.compute.amazonaws.com
api2.amplitude.com
24    35.236.220.17 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com
um.simpli.fi
1    2600:9000:2840:a000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    98.82.156.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-82-156-107.compute-1.amazonaws.com
s.amazon-adsystem.com
3    69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    2600:1f18:612b:4232:32bf:c12c:81c0:4994 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
simplifi.partners.tremorhub.com
1    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    108.138.128.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-83.jfk50.r.cloudfront.net
aa.agkn.com
1    2600:9000:21f9:7600:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)
d.agkn.com
2    2600:9000:2512:fa00:1b:6b7d:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
1    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    63.251.28.230 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
3    2600:1901:0:8eee:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
fei.pro-market.net
pbid.pro-market.net
1    2001:4998:14:800::1001 (United States)

ASN14777 (YAHOO, US)
cms.analytics.yahoo.com
3    2001:4998:14:800::1000 (United States)

ASN14777 (YAHOO, US)
ups.analytics.yahoo.com
2    50.16.197.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com
loadm.exelator.com
1    3.213.29.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-29-127.compute-1.amazonaws.com
sync.bfmio.com
1    23.47.69.85 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-69-85.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    34.204.27.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-27-94.compute-1.amazonaws.com
bcp.crwdcntrl.net
2    54.210.193.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-193-121.compute-1.amazonaws.com
ce.lijit.com
2    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    142.251.40.226 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net
www.googleadservices.com
1    142.250.80.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net
googleads.g.doubleclick.net
1    172.217.165.132 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s70-in-f4.1e100.net
www.google.com
2    68.67.160.114 (Colonia, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    69.173.146.5 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
2    142.250.65.162 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net
cm.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
42 getzoot.us
telegram-bot.getzoot.us
3 MB
26 simpli.fi
tag.simpli.fi — Cisco Umbrella Rank: 5206
i.simpli.fi — Cisco Umbrella Rank: 4244
um.simpli.fi — Cisco Umbrella Rank: 878
15 KB
23 enigmalakecasino.com
rgs.enigmalakecasino.com
auth.enigmalakecasino.com
wallet.enigmalakecasino.com
level-up.enigmalakecasino.com
store.enigmalakecasino.com
reward.enigmalakecasino.com
5 KB
6 amplitude.com
sr-client-cfg.amplitude.com — Cisco Umbrella Rank: 8479
api2.amplitude.com — Cisco Umbrella Rank: 1129
1 KB
5 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 903
tr6.snapchat.com — Cisco Umbrella Rank: 1333
833 B
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 799
140 KB
4 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 2194
ups.analytics.yahoo.com — Cisco Umbrella Rank: 548
1 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
cm.g.doubleclick.net — Cisco Umbrella Rank: 284
1 KB
3 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 2363
pbid.pro-market.net — Cisco Umbrella Rank: 9760
1 KB
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 525
517 B
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 281
2 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 333
933 B
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 476
831 B
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 973
895 B
2 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1026
837 B
2 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 2185
2 KB
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1052
2 KB
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 550
d.agkn.com — Cisco Umbrella Rank: 758
1 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 429
970 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 513
730 B
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 337
2 KB
2 radar.io
api.radar.io — Cisco Umbrella Rank: 6692
365 B
2 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 5669
65 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
214 B
2 reddit.com
pixel-config.reddit.com — Cisco Umbrella Rank: 2010
alb.reddit.com — Cisco Umbrella Rank: 1418
761 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
74 KB
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1095
13 KB
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 419
1 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
64 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 96
23 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 805
633 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 2213
27 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1532
421 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 619
653 B
1 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 886
551 B
1 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 470
761 B
1 tremorhub.com
simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6784
175 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1246
378 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 574
544 B
1 telegram.org
telegram.org — Cisco Umbrella Rank: 10608
22 KB
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1109
24 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
108 KB
123 43
Domain Requested by
42 telegram-bot.getzoot.us telegram-bot.getzoot.us
24 um.simpli.fi 21 redirects
7 rgs.enigmalakecasino.com telegram-bot.getzoot.us
5 analytics.tiktok.com telegram-bot.getzoot.us
analytics.tiktok.com
4 store.enigmalakecasino.com telegram-bot.getzoot.us
4 wallet.enigmalakecasino.com telegram-bot.getzoot.us
4 auth.enigmalakecasino.com telegram-bot.getzoot.us
4 tr.snapchat.com sc-static.net
3 ups.analytics.yahoo.com 2 redirects
3 api2.amplitude.com telegram-bot.getzoot.us
3 sr-client-cfg.amplitude.com telegram-bot.getzoot.us
2 cm.g.doubleclick.net 2 redirects
2 us-u.openx.net 1 redirects
2 ib.adnxs.com 1 redirects
2 px.ads.linkedin.com 1 redirects
2 idsync.rlcdn.com 2 redirects
2 ce.lijit.com 1 redirects
2 bcp.crwdcntrl.net 1 redirects
2 loadm.exelator.com 1 redirects
2 fei.pro-market.net 2 redirects
2 sync.intentiq.com 1 redirects
2 eb2.3lift.com 1 redirects
2 sync.1rx.io 2 redirects
2 s.amazon-adsystem.com 1 redirects
2 reward.enigmalakecasino.com telegram-bot.getzoot.us
2 level-up.enigmalakecasino.com telegram-bot.getzoot.us
2 api.radar.io telegram-bot.getzoot.us
2 cdn.onesignal.com telegram-bot.getzoot.us
cdn.onesignal.com
2 www.google-analytics.com www.googletagmanager.com
2 www.facebook.com telegram-bot.getzoot.us
2 connect.facebook.net telegram-bot.getzoot.us
connect.facebook.net
2 www.redditstatic.com telegram-bot.getzoot.us
www.redditstatic.com
1 pixel.rubiconproject.com
1 www.google.com
1 googleads.g.doubleclick.net 1 redirects
1 www.googleadservices.com 1 redirects
1 pippio.com 1 redirects
1 stags.bluekai.com
1 sync.bfmio.com
1 pbid.pro-market.net
1 cms.analytics.yahoo.com 1 redirects
1 ads.stickyadstv.com
1 image2.pubmatic.com
1 d.agkn.com 1 redirects
1 aa.agkn.com 1 redirects
1 pixel.tapad.com
1 simplifi.partners.tremorhub.com
1 sync.targeting.unrulymedia.com
1 s.ad.smaato.net 1 redirects
1 i.simpli.fi tag.simpli.fi
1 telegram.org telegram-bot.getzoot.us
1 tag.simpli.fi telegram-bot.getzoot.us
1 tr6.snapchat.com sc-static.net
1 alb.reddit.com telegram-bot.getzoot.us
1 pixel-config.reddit.com www.redditstatic.com
1 sc-static.net telegram-bot.getzoot.us
1 www.googletagmanager.com telegram-bot.getzoot.us
123 57

This site contains links to these domains. Also see Links.

Domain
support.getzoot.us
discord.gg
Subject Issuer Validity Valid
*.telegram-bot.getzoot.us
Amazon RSA 2048 M02		 2024-11-24 -
2025-12-23		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
sc-static.net
Amazon RSA 2048 M03		 2024-11-20 -
2025-12-20		 a year crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-06 -
2025-04-03		 6 months crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1		 2024-07-15 -
2025-07-15		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-05 -
2024-12-04		 3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-10-13 -
2025-04-11		 6 months crt.sh
*.snap.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-23 -
2025-07-22		 a year crt.sh
*.onesignal.com
WE1		 2024-10-31 -
2025-01-29		 3 months crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-11-13 -
2025-12-14		 a year crt.sh
*.enigmalakecasino.com
Amazon RSA 2048 M02		 2024-01-19 -
2025-02-16		 a year crt.sh
*.telegram.org
Go Daddy Secure Certificate Authority - G2		 2024-08-10 -
2025-09-11		 a year crt.sh
sr-client-cfg.amplitude.com
Amazon RSA 2048 M02		 2024-04-26 -
2025-05-25		 a year crt.sh
radar.io
WE1		 2024-10-01 -
2024-12-30		 3 months crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2024-01-31 -
2025-03-02		 a year crt.sh

This page contains 2 frames:

Primary Page: https://telegram-bot.getzoot.us/
Frame ID: 378123912A0BCB1289F5C2D914477D4C
Requests: 112 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=8ec5a36e-cc12-4448-92e7-3b2798fff243&u_scsid=b74d7b00-ff41-419b-9c39-d813c2871ca8&u_sclid=dfc0fe82-51ba-4c79-8bce-b4dfd0decaa5
Frame ID: EE5CF125CC3E5C22261DC5EDF4931925
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Zoot - Sweepstake Social Gaming

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

123
Requests

82 %
HTTPS

26 %
IPv6

43
Domains

57
Subdomains

45
IPs

3
Countries

3976 kB
Transfer

10832 kB
Size

74
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92
  • https://um.simpli.fi/smaato HTTP 302
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=35CF1AFDCC2B491FA08E6907C197322C HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=8c4e7df613&gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=8c4e7df613&gdpr=0&gdpr_consent=&dcc=t
Request Chain 93
  • https://um.simpli.fi/nexxen HTTP 302
  • https://sync.1rx.io/usersync/simplifi/35CF1AFDCC2B491FA08E6907C197322C HTTP 302
  • https://sync.1rx.io/usersync/simplifi/35CF1AFDCC2B491FA08E6907C197322C?zcc=1&cb=1732720326422 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-c936eb4f-1f5f-4708-a57a-0ecb8aa7b3f4-005
Request Chain 94
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=35CF1AFDCC2B491FA08E6907C197322C&dongle=yf3 HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=35CF1AFDCC2B491FA08E6907C197322C&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
Request Chain 95
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=35CF1AFDCC2B491FA08E6907C197322C
Request Chain 96
  • https://um.simpli.fi/tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=35CF1AFDCC2B491FA08E6907C197322C
Request Chain 97
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=35CF1AFDCC2B491FA08E6907C197322C HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1732720320190&ip=162.245.206.246&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D214190605079017970713 HTTP 302
  • https://um.simpli.fi/aa_px?sk=214190605079017970713 HTTP 302
  • https://um.simpli.fi/empty.gif
Request Chain 98
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=35CF1AFDCC2B491FA08E6907C197322C HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=35CF1AFDCC2B491FA08E6907C197322C&ckls=true&ci=ScUcNTsO6c&nc=false&trid=341121643
Request Chain 99
  • https://um.simpli.fi/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:35CF1AFDCC2B491FA08E6907C197322C
Request Chain 100
  • https://um.simpli.fi/freewheel HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=35CF1AFDCC2B491FA08E6907C197322C
Request Chain 101
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=35CF1AFDCC2B491FA08E6907C197322C;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=35CF1AFDCC2B491FA08E6907C197322C;mimetype=img;sr HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=DATCS HTTP 302
  • https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS HTTP 302
  • https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-TDyyHrBE2pSfjSUDr_zJ8.AoIhPOQzYsXs4-~A
Request Chain 102
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=35CF1AFDCC2B491FA08E6907C197322C&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=35CF1AFDCC2B491FA08E6907C197322C&j=0&xl8blockcheck=1
Request Chain 103
  • https://um.simpli.fi/yahoo HTTP 302
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=35CF1AFDCC2B491FA08E6907C197322C HTTP 302
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=35CF1AFDCC2B491FA08E6907C197322C&verify=true
Request Chain 104
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=35CF1AFDCC2B491FA08E6907C197322C
Request Chain 105
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=35CF1AFDCC2B491FA08E6907C197322C
Request Chain 106
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=35CF1AFDCC2B491FA08E6907C197322C HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=35CF1AFDCC2B491FA08E6907C197322C
Request Chain 107
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=35CF1AFDCC2B491FA08E6907C197322C HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=35CF1AFDCC2B491FA08E6907C197322C&dnr=1
Request Chain 108
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=35CF1AFDCC2B491FA08E6907C197322C HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogMzVDRjFBRkRDQzJCNDkxRkEwOEU2OTA3QzE5NzMyMkMQABoNCMDtnLoGEgUI6AcQAEIASgA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=f94e39d1763948dd0fcd7ffd0b0c6ddc9cba51de0d6b343561a58854e039607a791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=f94e39d1763948dd0fcd7ffd0b0c6ddc9cba51de0d6b343561a58854e039607a791426b5417dce21&rand=06967595 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=f94e39d1763948dd0fcd7ffd0b0c6ddc9cba51de0d6b343561a58854e039607a791426b5417dce21&rand=06967595&expected_cookie=0d070452-dcd9-496a-9c87-7ddb3f1e0a3b
Request Chain 109
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1732720319318&cv=7&fst=1732720319318&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=829510122&cv=7&fst=1732720319318&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi_yrECCLnBsQIIscOxAgiKxbECCMLJsQII68axAgjTxbECCKXGsQI&pscrd=IhMI3YeWmeb8iQMV4xOICR0r6DweMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiBodHRwczovL3RlbGVncmFtLWJvdC5nZXR6b290LnVzLw HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=829510122&cv=7&fst=1732720319318&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi_yrECCLnBsQIIscOxAgiKxbECCMLJsQII68axAgjTxbECCKXGsQI&pscrd=IhMI3YeWmeb8iQMV4xOICR0r6DweMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiBodHRwczovL3RlbGVncmFtLWJvdC5nZXR6b290LnVzLw&is_vtc=1&cid=CAQSGwCa7L7d1589dh14AQ5DJkfpo2JBKp5Y7u9Siw&random=985026531
Request Chain 111
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=35CF1AFDCC2B491FA08E6907C197322C HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D35CF1AFDCC2B491FA08E6907C197322C
Request Chain 112
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=35CF1AFDCC2B491FA08E6907C197322C&expires=365
Request Chain 113
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=35CF1AFDCC2B491FA08E6907C197322C HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=35CF1AFDCC2B491FA08E6907C197322C&cc=1
Request Chain 114
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
  • https://um.simpli.fi/g_match?id=&google_error=15

123 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
telegram-bot.getzoot.us/ 		36 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://telegram-bot.getzoot.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/ Next.js
Resource Hash
1e36b61e63a69448049579ae0cd7c53e9bd35f7aadf3a972b5ebc05849eaef68

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 27 Nov 2024 15:11:56 GMT
etag
"17nh8jz7dxqsgw"
vary
Accept-Encoding
via
1.1 2e60669cf4a63082b5e4935391509354.cloudfront.net (CloudFront)
x-amz-cf-id
5tDCrItu9s3hQqaX1nRCsJbngRAzRfZwhRe17L9SIBxSi2GPTVKq-A==
x-amz-cf-pop
JFK52-P3
x-cache
Miss from cloudfront
x-powered-by
Next.js
js
www.googletagmanager.com/gtag/ 		323 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-303NNHXEN6
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3a7848afa1330d6c9bfa6c172365903838dc78069cd6329d42ccb7713eb8b40b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 27 Nov 2024 15:11:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 15:11:56 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109696
x-xss-protection
0
server
Google Tag Manager
3f2d7d0c469e1046.css
telegram-bot.getzoot.us/_next/static/css/ 		86 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram-bot.getzoot.us/_next/static/css/3f2d7d0c469e1046.css
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
c83a23e3ab1464dfa7b486fd10aab39ab178e68f7bfe58ce36103d2d98805aab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
br
etag
W/"491883ec2645c74ce614a6cd5b4e1ee1"
via
1.1 2e60669cf4a63082b5e4935391509354.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
fHHPKyquIRA1oIAVR3dskTwnFiqvvUFiJcC02X7dhg-4W3UyihKYRw==
date
Wed, 27 Nov 2024 15:11:56 GMT
content-type
text/css
last-modified
Wed, 27 Nov 2024 15:10:50 GMT
vary
Accept-Encoding
x-amz-cf-pop
JFK52-P3
webpack-5b2e5c67ad87baf8.js
telegram-bot.getzoot.us/_next/static/chunks/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram-bot.getzoot.us/_next/static/chunks/webpack-5b2e5c67ad87baf8.js
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
ab1cfc28bff5790ae155d7f14de7db11abcf99b4167b919072168e80ed275528

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
br
etag
W/"b62cfb203b2c97dfa128ba462b5f6e5b"
via
1.1 2e60669cf4a63082b5e4935391509354.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
WNikWhN9_a4XKyhJVmhWcQ8iIp1dTrcZCjiZExdWF0-KvCn8NelKrQ==
date
Wed, 27 Nov 2024 15:11:56 GMT
content-type
text/javascript
last-modified
Wed, 27 Nov 2024 15:10:50 GMT
vary
Accept-Encoding
x-amz-cf-pop
JFK52-P3
framework-fe1bbc59a43cbe15.js
telegram-bot.getzoot.us/_next/static/chunks/ 		137 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram-bot.getzoot.us/_next/static/chunks/framework-fe1bbc59a43cbe15.js
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
f64e22c653d617519d1a432f82ff7441395b57e84e19a82179e8ae1c8000506c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
br
etag
W/"6d38e76740d8bf2c4ae9b8ecd3331f3b"
via
1.1 2e60669cf4a63082b5e4935391509354.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
Dk3taIcsx5tFndoPUruI8HtUsw-YX93dzwFvBfQ1YgoL8e5xIMlU7w==
date
Wed, 27 Nov 2024 15:11:56 GMT
content-type
text/javascript
last-modified
Wed, 27 Nov 2024 15:10:50 GMT
vary
Accept-Encoding
x-amz-cf-pop
JFK52-P3
main-d08384e5210a4cff.js
telegram-bot.getzoot.us/_next/static/chunks/ 		123 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram-bot.getzoot.us/_next/static/chunks/main-d08384e5210a4cff.js
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
8396c93c04cbdb050f158c1ea59949a21b6397f976039e2b702335c9029dde40

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
br
etag
W/"6832a9586871c143c609a4aebc6a398a"
via
1.1 2e60669cf4a63082b5e4935391509354.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
9W8esnNwBEsQHrJY07L_4e9sZxYDy01QiFPAMK7jznMG_5S1kckjQA==
date
Wed, 27 Nov 2024 15:11:56 GMT
content-type
text/javascript
last-modified
Wed, 27 Nov 2024 15:10:50 GMT
vary
Accept-Encoding
x-amz-cf-pop
JFK52-P3
_app-e5b0e88ab0373ebc.js
telegram-bot.getzoot.us/_next/static/chunks/pages/ 		7 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram-bot.getzoot.us/_next/static/chunks/pages/_app-e5b0e88ab0373ebc.js
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
8b35ff683f157c9dbbfc1f693dd38d97740ca1e2c8098faac0f1a147315a073a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
br
etag
W/"50ebda7b60fe2bea490db314afae0de6"
via
1.1 2e60669cf4a63082b5e4935391509354.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
Fh4Zpk6SPZRggIrmDxjpaUemeIRtpDBRxZJGrN6fpHOU8czL7Ta2gQ==
date
Wed, 27 Nov 2024 15:11:56 GMT
content-type
text/javascript
last-modified
Wed, 27 Nov 2024 15:10:50 GMT
vary
Accept-Encoding
x-amz-cf-pop
JFK52-P3
4053-ad37d710e3a92c0a.js
telegram-bot.getzoot.us/_next/static/chunks/ 		79 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram-bot.getzoot.us/_next/static/chunks/4053-ad37d710e3a92c0a.js
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
b181602adb198309c6adeab3134873eac9cc9d1bc0ad391de8b64696f8620b5b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
br
etag
W/"76005997e72e78e15025fa29a77c40ba"
via
1.1 2e60669cf4a63082b5e4935391509354.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
qWAqL-08Zykmz6neGiFnbiBRO_nqh1r24PZ-EjoNlG2Y2KPSMAbj4Q==
date
Wed, 27 Nov 2024 15:11:56 GMT
content-type
text/javascript
last-modified
Wed, 27 Nov 2024 15:10:50 GMT
vary
Accept-Encoding
x-amz-cf-pop
JFK52-P3
8305-6768520e97a89c3a.js
telegram-bot.getzoot.us/_next/static/chunks/ 		42 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram-bot.getzoot.us/_next/static/chunks/8305-6768520e97a89c3a.js
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
509c91550d95f660784edbbb99591dd3861aea5c7acc25a235b1c20583567a10

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
br
etag
W/"0ba61896df950174c5cc92af95a9494a"
via
1.1 2e60669cf4a63082b5e4935391509354.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
x6zXMrfPyiL3oBBIpaF3p9PRaaP9yiLUymjlL0sQ51cIyEd-fkrz2Q==
date
Wed, 27 Nov 2024 15:11:56 GMT
content-type
text/javascript
last-modified
Wed, 27 Nov 2024 15:10:50 GMT
vary
Accept-Encoding
x-amz-cf-pop
JFK52-P3
7025-ba77fa4b50c80caa.js
telegram-bot.getzoot.us/_next/static/chunks/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram-bot.getzoot.us/_next/static/chunks/7025-ba77fa4b50c80caa.js
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
909fd952ee2f8375f718dd7b1ea8cbfdde7d4db3b69a6866e3864cb65539aa9a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
br
etag
W/"c41b47dcb4aca6d34da3c6dafd8f0ddf"
via
1.1 2e60669cf4a63082b5e4935391509354.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
pGRpEAvTxsVuRJLaO6WgvzNd5sjMng4uTRZMegWAeE-Wt9P_l6PIvA==
date
Wed, 27 Nov 2024 15:11:56 GMT
content-type
text/javascript
last-modified
Wed, 27 Nov 2024 15:10:50 GMT
vary
Accept-Encoding
x-amz-cf-pop
JFK52-P3
4445-15081d69236b39f4.js
telegram-bot.getzoot.us/_next/static/chunks/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram-bot.getzoot.us/_next/static/chunks/4445-15081d69236b39f4.js
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
4dec061aef7fccabbb6fe5d6e351b0138a39518bb6536461518c5fd8ac8fa106

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
br
etag
W/"4234894339c2be3b59ec2452c5623fe9"
via
1.1 2e60669cf4a63082b5e4935391509354.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
ZSImHifR1W3UXex_giIHynUdf1DdL9IQjy7qyp6ry-Ik49lysT0oag==
date
Wed, 27 Nov 2024 15:11:56 GMT
content-type
text/javascript
last-modified
Wed, 27 Nov 2024 15:10:50 GMT
vary
Accept-Encoding
x-amz-cf-pop
JFK52-P3
4970-d3cec7fbacc77f3e.js
telegram-bot.getzoot.us/_next/static/chunks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram-bot.getzoot.us/_next/static/chunks/4970-d3cec7fbacc77f3e.js
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
df12e34512e4bafefe5e3955bc233f4de11893c75e0712fb062f7ae01748c261

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
br
etag
W/"dac9e2db302ac17234995304b5868d24"
via
1.1 2e60669cf4a63082b5e4935391509354.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
_bhOXrv2kG1-rfvB9EICwL9MeOUc-jZ9q3meCWljcMYQ2HRnG14KSw==
date
Wed, 27 Nov 2024 15:11:56 GMT
content-type
text/javascript
last-modified
Wed, 27 Nov 2024 15:10:50 GMT
vary
Accept-Encoding
x-amz-cf-pop
JFK52-P3
5186-823c9cdf411a9117.js
telegram-bot.getzoot.us/_next/static/chunks/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram-bot.getzoot.us/_next/static/chunks/5186-823c9cdf411a9117.js
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
2e8ec3162b1764f923d783726ff27fc7087ac6ba116004ad3294a3d9f08a7057

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
br
etag
W/"5fab7651b0c1aa32ad93c9f1ff4d5cb6"
via
1.1 2e60669cf4a63082b5e4935391509354.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
eG5JCEupEf8bAyIL--lAaXOyL4jZw1zUkaexdZr7bkOUkKHE8qVk2Q==
date
Wed, 27 Nov 2024 15:11:56 GMT
content-type
text/javascript
last-modified
Wed, 27 Nov 2024 15:10:50 GMT
vary
Accept-Encoding
x-amz-cf-pop
JFK52-P3
8969-00519d551b5788b1.js
telegram-bot.getzoot.us/_next/static/chunks/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram-bot.getzoot.us/_next/static/chunks/8969-00519d551b5788b1.js
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
d46203229ce89e35550e1e33ab09f05b8c7533c4b344f78650e27f2306fe2601

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
br
etag
W/"4ece6023166c90adee40d00f19c07bf4"
via
1.1 2e60669cf4a63082b5e4935391509354.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
0dnC3Mt3yHv8ulRfiyTpCsC3TBa_X16S-ZmMEbhE1tLOTdw-XmByKQ==
date
Wed, 27 Nov 2024 15:11:56 GMT
content-type
text/javascript
last-modified
Wed, 27 Nov 2024 15:10:50 GMT
vary
Accept-Encoding
x-amz-cf-pop
JFK52-P3
6498-f8017a2e5ed0e6f8.js
telegram-bot.getzoot.us/_next/static/chunks/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram-bot.getzoot.us/_next/static/chunks/6498-f8017a2e5ed0e6f8.js
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
85a4c1a3b0ee369def3c8744acb9c00f3ff5cc04bc215e4968a32b82d0da50c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
br
etag
W/"ce8d92f187e514df3a749d52f749cf0a"
via
1.1 2e60669cf4a63082b5e4935391509354.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
c20Ihho1b7OJam14p1FXkIfald-T499vEBzppTrAWXcXYrgy8mBRRg==
date
Wed, 27 Nov 2024 15:11:56 GMT
content-type
text/javascript
last-modified
Wed, 27 Nov 2024 15:10:50 GMT
vary
Accept-Encoding
x-amz-cf-pop
JFK52-P3
index-e7730a2244b8147f.js
telegram-bot.getzoot.us/_next/static/chunks/pages/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram-bot.getzoot.us/_next/static/chunks/pages/index-e7730a2244b8147f.js
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
d7e8162afe84150afdc33c01418664c6c70cb69fb0174139c64c028e9bfa12e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
br
etag
W/"50bf9494aa2a63eea902e487c7491ada"
via
1.1 2e60669cf4a63082b5e4935391509354.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
SdeMODecaZdaX3yIxToo3wkUNnQREDW7bzW9Tp8nXaDMelRHEGs7rQ==
date
Wed, 27 Nov 2024 15:11:56 GMT
content-type
text/javascript
last-modified
Wed, 27 Nov 2024 15:10:50 GMT
vary
Accept-Encoding
x-amz-cf-pop
JFK52-P3
_buildManifest.js
telegram-bot.getzoot.us/_next/static/mTcLEqAhuFD0lNKcapDkV/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram-bot.getzoot.us/_next/static/mTcLEqAhuFD0lNKcapDkV/_buildManifest.js
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
1b8cdfd5b62b170ac1f489ba68c3d32e64d4908eed272afa94314a2b3a9b18e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
br
etag
W/"cde3ec23f5134a40bb9ffe5305dd2a07"
via
1.1 2e60669cf4a63082b5e4935391509354.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
Yc4jiCWfQRBvXzt9DDzIL-ILaXctt_Y910p0-f1qsD22Ox2T_rCkow==
date
Wed, 27 Nov 2024 15:11:56 GMT
content-type
text/javascript
last-modified
Wed, 27 Nov 2024 15:10:50 GMT
vary
Accept-Encoding
x-amz-cf-pop
JFK52-P3
_ssgManifest.js
telegram-bot.getzoot.us/_next/static/mTcLEqAhuFD0lNKcapDkV/ 		177 B
547 B 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram-bot.getzoot.us/_next/static/mTcLEqAhuFD0lNKcapDkV/_ssgManifest.js
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
1c60acc794f88dab172d6f8db8d1c7e44ed07e1d9ab1d1ffdba1bfffcbb643f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
public, max-age=31536000, immutable
etag
"9efce26d74a658d3b50aed99f7b8077c"
via
1.1 2e60669cf4a63082b5e4935391509354.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
177
x-amz-cf-id
VJp-luBQpJOOPOCiyEtPpMDw-RKl7AKdhoLm75_sA09A12PzDCFj-Q==
date
Wed, 27 Nov 2024 15:11:56 GMT
content-type
text/javascript
last-modified
Wed, 27 Nov 2024 15:10:50 GMT
x-amz-cf-pop
JFK52-P3
scevent.min.js
sc-static.net/ 		55 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.163.245.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
1e2e6fcdd7f9ebb38ef2e0d2aa2281029760d1dd587484afe27d3232f312b95d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
private, s-maxage=0, max-age=600
content-encoding
gzip
via
1.1 6e11af43b7d44f54f9a54c759c251f16.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
23798
x-amz-cf-id
9Mg4X0nGknA5D7hThVbXElceW0ZU-LROF4iQFdlyM239hslrUL6cLQ==
date
Wed, 27 Nov 2024 15:11:56 GMT
content-type
application/javascript;charset=utf-8
x-amz-cf-pop
LAX50-P1
server
CloudFront
access-control-allow-headers
Content-Type
pixel.js
www.redditstatic.com/ads/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
10429db431cbd2fc042c7397c8f1e62996d636ddeef2702c912d9fb7fc650c35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
public, max-age=60
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
etag
"1a001f3a066bff47a766099b87253911"
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
12220
date
Wed, 27 Nov 2024 15:11:56 GMT
last-modified
Mon, 18 Nov 2024 21:16:35 GMT
content-type
application/javascript
vary
Accept-Encoding,Origin
server
snooserv
x-amz-server-side-encryption
AES256
events.js
analytics.tiktok.com/i18n/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CQVLU93C77U1RMG5AEB0&lib=ttq
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.112 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-48-224-112.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
72632191ef37b7a2d65ce91a0305aec5d7f6b894d66ef622fb45b2f04c08147c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

content-encoding
gzip
expires
Wed, 27 Nov 2024 15:11:56 GMT
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=11, origin; dur=38
x-cache
TCP_MISS from a23-195-36-68.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date
Wed, 27 Nov 2024 15:11:56 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
2a88af9c
x-tt-trace-host
01517621e153f4e6597b2abfd402ed4ae59631bfe4cee39b5746c3adae943a05003e48c6f984c6f37e84837c837f99aa33b42e2b1e18a98ba2406027a50802d36e18a55f8b2d05878a5dbcc0307cdcdef8dd419186ac8a80354f23008827972100
x-origin-response-time
38,23.195.36.68
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24112715115627B11513B1C60CBBF9A1-1B0F7A3E77160A9C-00
content-length
2031
x-tt-logid
2024112715115627B11513B1C60CBBF9A1
server
nginx
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.80.12 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-yyz1.fbcdn.net
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-sbjGT6b0' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 15:11:56 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-sbjGT6b0' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=132, rtx=0, c=24, mss=1232, tbw=8168, tp=13, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
pFdgAfHpuS5Z07wZt405ml+duT7gVCzlQbLQoqCftG21DYNAyDwwUfSi64kKfqr+h+2uFVmKf9hghQ12b1Ttug==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
config
pixel-config.reddit.com/pixels/a2_fhzpiu2tf92y/ 		3 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel-config.reddit.com/pixels/a2_fhzpiu2tf92y/config
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
max-age=14400
content-encoding
gzip
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
27
date
Wed, 27 Nov 2024 15:11:56 GMT
content-type
application/json
a2_fhzpiu2tf92y_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/a2_fhzpiu2tf92y_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
max-age=300
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
98
date
Wed, 27 Nov 2024 15:11:56 GMT
content-type
application/json
vary
Accept-Encoding,Origin
server
snooserv
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1732720316431&id=a2_fhzpiu2tf92y&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=af0b4a5a-3cea-49c2-a062-b9ea217c1b3c&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_b192616d&dpm=&dpcc=&dprc=
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
retry-after
0
cross-origin-resource-policy
cross-origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
content-length
42
date
Wed, 27 Nov 2024 15:11:56 GMT
content-type
image/gif
server
Varnish
8ec5a36e-cc12-4448-92e7-3b2798fff243.json
tr.snapchat.com/config/us/ 		209 B
498 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/config/us/8ec5a36e-cc12-4448-92e7-3b2798fff243.json?v=3.34.0-2411121854
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
d50343fadf10c087a2cbb26c568d603de76992670797524c7b355fc485daa1b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
Referer
https://telegram-bot.getzoot.us/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
41
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
access-control-allow-origin
https://telegram-bot.getzoot.us
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
209
date
Wed, 27 Nov 2024 15:11:56 GMT
content-type
application/json
server
API Gateway
i
tr.snapchat.com/cm/ Frame EE5C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=8ec5a36e-cc12-4448-92e7-3b2798fff243&u_scsid=b74d7b00-ff41-419b-9c39-d813c2871ca8&u_sclid=dfc0fe82-51ba-4c79-8bce-b4dfd0decaa5
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://telegram-bot.getzoot.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
672
content-type
text/html
date
Wed, 27 Nov 2024 15:11:56 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
1
Inter-Regular.ttf
telegram-bot.getzoot.us/fonts/Inter/ 		303 KB
132 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://telegram-bot.getzoot.us/fonts/Inter/Inter-Regular.ttf
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
41ab0f707a2bfab8133ccdfcdab52282f5f79e5751f43a264805451c7bb95fb8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://telegram-bot.getzoot.us
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
max-age=5, stale-while-revalidate
content-encoding
br
etag
W/"079af0e2936ccb99b391ddc0bbb73dcb"
via
1.1 8ca7450d970f904109dac7e068234b78.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
I6izG0EOanlUfbMoLZySQnq3bsjA9O6NUotD8fYTByo1wHPZA7UV2g==
date
Wed, 27 Nov 2024 15:11:56 GMT
content-type
font/ttf
x-amz-cf-pop
JFK52-P3
vary
Accept-Encoding
last-modified
Wed, 27 Nov 2024 15:10:50 GMT
1032311905027771
connect.facebook.net/signals/config/ 		68 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1032311905027771?v=2.9.176&r=stable&domain=telegram-bot.getzoot.us&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.80.12 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-yyz1.fbcdn.net
Software
/
Resource Hash
6d38f3c2a9a566f74dfe985f5b0b737090548288da6ee06a160e5daef42b4d01
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-d24JcMKl' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 15:11:56 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-d24JcMKl' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=133, rtx=0, c=80, mss=1232, tbw=74140, tp=71, tpl=0, uplat=65, ullat=0
pragma
public
x-fb-debug
kgImjchUYznzzM7Ctu6mcX+NQsld31oGRr5KGlAp2q4i7Qbw1xSfTD5HVV0/HPB1pfGUFkuvobTbflhxxWt3cw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
p
tr.snapchat.com/ 		0
244 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://telegram-bot.getzoot.us/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
4
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://telegram-bot.getzoot.us
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 27 Nov 2024 15:11:56 GMT
server
API Gateway
main.MTBlZWM4ZGM2MQ.js
analytics.tiktok.com/i18n/pixel/static/ 		350 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTBlZWM4ZGM2MQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CQVLU93C77U1RMG5AEB0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.112 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-48-224-112.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3606c679d28f0b91ff876c8648271304ae6d140b645f4e89fff5b7678b62d01d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

x-cache
TCP_HIT from a23-195-36-68.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=18
x-tt-trace-id
00-241126121511802DF0F9A3C0872C45C3-0BADD9093282EBCB-00
content-length
98606
date
Wed, 27 Nov 2024 15:11:56 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
20241126121511802DF0F9A3C0872C45C3
server
nginx
x-akamai-request-id
2a88b73b
x-tt-trace-host
01c35e1f401cb0e7ff134ca2d0fcda19f55893a152de8545ce7045d6e3cea6acf608eb0dcc864e214ff42cccb48b420a3db64ce07eb77e0f430ba5bf901c644147ef039903ffa801f03abf602a6d7ca60262e2a9b766e379b60f761ad8e63d3209
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1032311905027771&ev=PageView&dl=https%3A%2F%2Ftelegram-bot.getzoot.us%2F&rl=&if=false&ts=1732720316842&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1732720316840.321949268294443379&ler=empty&cdl=API_unavailable&it=1732720316624&coo=false&rqm=GET
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.80.36 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-yyz1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=130, rtx=0, c=24, mss=1232, tbw=8217, tp=14, tpl=0, uplat=1, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 27 Nov 2024 15:11:57 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1032311905027771&ev=PageView&dl=https%3A%2F%2Ftelegram-bot.getzoot.us%2F&rl=&if=false&ts=1732720316842&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1732720316840.321949268294443379&ler=empty&cdl=API_unavailable&it=1732720316624&coo=false&rqm=FGET
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.80.36 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-yyz1.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7441977094982174794"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 15:11:57 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
6yGCYCUApk/P4+FcuU6eNZSaK1X5NnT5igaHS41xgUCvNloRCRwFz541UCMOBIuGluDLKPlW4uXXmEgUMLi+ng==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7441977094982174794", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=130, rtx=0, c=24, mss=1232, tbw=8537, tp=16, tpl=0, uplat=71, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
p
tr6.snapchat.com/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr6.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://telegram-bot.getzoot.us/

Response headers

via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 27 Nov 2024 15:11:56 GMT
x-envoy-upstream-service-time
0
server
API Gateway
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-303NNHXEN6&gtm=45je4bk0v9194103294za200&_p=1732720316177&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=323057854.1732720317&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732720317&sct=1&seg=0&dl=https%3A%2F%2Ftelegram-bot.getzoot.us%2F&dt=ZOOT%3A%20Play%20Free%20Crash%2C%20Plinko%2C%20Mines%2C%20and%20Dice%20Games%20for%20Cash%20Prizes&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1428
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-303NNHXEN6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://telegram-bot.getzoot.us
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 15:11:57 GMT
content-type
text/plain
server
Golfe2
p
tr.snapchat.com/ 		0
46 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://telegram-bot.getzoot.us/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://telegram-bot.getzoot.us
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 27 Nov 2024 15:11:57 GMT
server
API Gateway
identify_45dd5971.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTBlZWM4ZGM2MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.112 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-48-224-112.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

x-cache
TCP_HIT from a23-195-36-68.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=15
x-tt-trace-id
00-24111505023471184E5894DE981AFF75-254B9EF354E335B6-00
content-length
39341
date
Wed, 27 Nov 2024 15:11:57 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
2024111505023471184E5894DE981AFF75
server
nginx
x-akamai-request-id
2a88c471
x-tt-trace-host
019da7bd06e912e229762c12209c342f6f58e50ad7bb32fe20a2e042211cbf81b6167b1696ccc5587daa49b17901c60261589a5cb5b99f7bd0f7201fb25a01e22ad13c6208ed229f198109a7edd2b0f7be0e6bbceeeedb2517feb9edc4a5c7dd09
pixel
analytics.tiktok.com/api/v2/ 		0
716 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTBlZWM4ZGM2MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.112 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-48-224-112.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://telegram-bot.getzoot.us/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 27 Nov 2024 15:11:57 GMT
server-timing
inner; dur=88, cdn-cache; desc=MISS, edge; dur=6, origin; dur=121
x-cache
TCP_MISS from a23-195-36-68.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date
Wed, 27 Nov 2024 15:11:57 GMT
x-akamai-request-id
2a88c4c1
access-control-allow-headers
Authorization,*
x-tt-trace-host
01517621e153f4e6597b2abfd402ed4ae59631bfe4cee39b5746c3adae943a05008318506679e03379a5fe740035c49cd0b3ebe23d2c17b8d6d7850801e03056e3b766e46277c0bb68e339e7104aa0854a8b2550ae8d9d80a21448bdce593ba8e2
x-origin-response-time
121,23.195.36.68
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241127151157502AC594FDC611BBBE85-47330D504B001362-00
content-length
0
x-tt-logid
20241127151157502AC594FDC611BBBE85
server
nginx
OneSignalSDK.page.js
cdn.onesignal.com/sdks/web/v16/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/_next/static/chunks/pages/_app-e5b0e88ab0373ebc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a091 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c621d6faf0b6eadeffbae8461aa4068441e9b10c4dad24671214ed7dea673923
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
cache-control
public, max-age=259200
content-encoding
br
cf-cache-status
HIT
etag
W/"bab14b8e01bcfe9f374e42aa0e03c113"
age
814
via
1.1 google
cf-ray
8e930dc4accef7cb-LAX
expires
Sat, 30 Nov 2024 15:11:58 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 15:11:58 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
OneSignal-Subscription-Id
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/webp
2361.a5cddef15863fdc5.js
telegram-bot.getzoot.us/_next/static/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram-bot.getzoot.us/_next/static/chunks/2361.a5cddef15863fdc5.js
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/_next/static/chunks/webpack-5b2e5c67ad87baf8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
5b2c86852b771ada2a3e4e3246313b87062ca19a4917585d66f173b7223fbd3f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
br
etag
W/"ce9c36f597ac52caac43583ba7362c1c"
via
1.1 8ca7450d970f904109dac7e068234b78.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
PhCicEeXSNihEhqTn0jO1l4zaDCU5cKtCKfPaj4B5s-Ye_Q2OM25BA==
date
Wed, 27 Nov 2024 15:11:58 GMT
content-type
text/javascript
x-amz-cf-pop
JFK52-P3
vary
Accept-Encoding
last-modified
Wed, 27 Nov 2024 15:10:50 GMT
cc7d24f2-d111-45a2-af07-dfe7db2424ea
tag.simpli.fi/sifitag/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.simpli.fi/sifitag/cc7d24f2-d111-45a2-af07-dfe7db2424ea
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/_next/static/chunks/pages/_app-e5b0e88ab0373ebc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.86.110.8 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.110.86.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
c02cb17e42f5182e22904bae69d5adfd819b2c79184858ed0939cdfae14783a5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

x-request-id
GAvb8wE1aY734SXtoW9C
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding
gzip
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
date
Wed, 27 Nov 2024 15:11:58 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
server
openresty
act
analytics.tiktok.com/api/v2/pixel/ 		0
880 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTBlZWM4ZGM2MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.112 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-48-224-112.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://telegram-bot.getzoot.us/

Response headers

x-cache-remote
TCP_MISS from a23-220-104-205.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 27 Nov 2024 15:11:58 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=17, origin; dur=155, inner; dur=152
x-cache
TCP_MISS from a23-195-36-68.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date
Wed, 27 Nov 2024 15:11:58 GMT
x-akamai-request-id
73b78bb9.2a88d328
access-control-allow-headers
Authorization,*
x-tt-trace-host
01517621e153f4e6597b2abfd402ed4ae5a3510ff8284388804972bf3276fe0f413ee8938f0c07a3d962dcc08e4e45b2e6fc10aefbda86a864608df0329d69d3b5f1824273c6a0bda8a45384a09c097ae89667f3b33e7c7a973555fd43579728167d7883407936ce7d7c8eeb13051a4118
x-origin-response-time
155,23.220.104.205
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241127151158472A9676083F3CE89DC1-12AFFC0254CB361F-00
content-length
0
x-parent-response-time
166,23.195.36.68
x-tt-logid
20241127151158472A9676083F3CE89DC1
server
nginx
retrieve-play-limits-configuration
rgs.enigmalakecasino.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rgs.enigmalakecasino.com/retrieve-play-limits-configuration
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.35.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-35-102.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,user-authorization
Access-Control-Request-Method
POST
Origin
https://telegram-bot.getzoot.us
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,user-authorization
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Wed, 27 Nov 2024 15:11:58 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
auth-guest
auth.enigmalakecasino.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://auth.enigmalakecasino.com/auth-guest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.92.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-92-127.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://telegram-bot.getzoot.us
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Wed, 27 Nov 2024 15:11:58 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
8474-86b378c220c176ba.js
telegram-bot.getzoot.us/_next/static/chunks/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram-bot.getzoot.us/_next/static/chunks/8474-86b378c220c176ba.js
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/_next/static/chunks/webpack-5b2e5c67ad87baf8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
50fac7cc87557c0f41784f3bfac466a955ed92944da843c01a64af2f9ff83c77

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
br
etag
W/"fbdc70eab02a9406fb189a42afe375bc"
via
1.1 8ca7450d970f904109dac7e068234b78.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
koQ4MXiD3xn-ch-j5lee_L5NqMsT-kitM1Nh-mG8Fmqp0dHx40H2-w==
date
Wed, 27 Nov 2024 15:11:58 GMT
content-type
text/javascript
x-amz-cf-pop
JFK52-P3
vary
Accept-Encoding
last-modified
Wed, 27 Nov 2024 15:10:50 GMT
373.9b6d546d1ec0da66.js
telegram-bot.getzoot.us/_next/static/chunks/ 		107 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram-bot.getzoot.us/_next/static/chunks/373.9b6d546d1ec0da66.js
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/_next/static/chunks/webpack-5b2e5c67ad87baf8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
fe5c9d09a31d5dd2a51bdf4b6119b38b72ece62b9be341e05033fb7fad9ae2cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
br
etag
W/"da72b8c43388a76bf445d801ee4c21c8"
via
1.1 8ca7450d970f904109dac7e068234b78.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
xBSnIqH35bL5l6O3VWgqicI-rMsJYD8x0sGxyFbF3ywhY2vKAh__Yw==
date
Wed, 27 Nov 2024 15:11:58 GMT
content-type
text/javascript
x-amz-cf-pop
JFK52-P3
vary
Accept-Encoding
last-modified
Wed, 27 Nov 2024 15:10:50 GMT
3962.2dbffb287980f116.js
telegram-bot.getzoot.us/_next/static/chunks/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram-bot.getzoot.us/_next/static/chunks/3962.2dbffb287980f116.js
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/_next/static/chunks/webpack-5b2e5c67ad87baf8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
d6f020fec44443300143ec6714f483ed9b9e70ae647e4348cad5074f229d5fcb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
br
etag
W/"5570d2955ab49680aaf22471f9c0d181"
via
1.1 8ca7450d970f904109dac7e068234b78.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
WEZlz9d5MokRG239EAcPG9zZShuPYTdpxN0Fg2qgyzXeQnYdhlSBNQ==
date
Wed, 27 Nov 2024 15:11:58 GMT
content-type
text/javascript
x-amz-cf-pop
JFK52-P3
vary
Accept-Encoding
last-modified
Wed, 27 Nov 2024 15:10:50 GMT
getStories
telegram-bot.getzoot.us/api/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://telegram-bot.getzoot.us/api/getStories
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/_next/static/chunks/pages/_app-e5b0e88ab0373ebc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
370e921b36c8fc08a311d6260fce1282736cc2c70a25eb5ba288edfb41f3d344

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

content-encoding
gzip
etag
"hvet5hw5gp3ot"
via
1.1 8ca7450d970f904109dac7e068234b78.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
4IFQSjUtSUvTwKgz3n-iAfZph__eWXOVNMCeLwIyUyr24irVyBsJmg==
date
Wed, 27 Nov 2024 15:11:58 GMT
content-type
application/json; charset=utf-8
x-amz-cf-pop
JFK52-P3
vary
Accept-Encoding
telegram-web-app.js
telegram.org/js/ 		106 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.org/js/telegram-web-app.js
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/_next/static/chunks/pages/_app-e5b0e88ab0373ebc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (Telegram Telegram Messenger Inc, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
3ab59994e7fad6650796e799102a64bcd660dd1b421887c74989729fcea14efc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=345600
content-encoding
gzip
etag
W/"6739f222-1a916"
expires
Sun, 01 Dec 2024 15:11:58 GMT
date
Wed, 27 Nov 2024 15:11:58 GMT
content-type
application/javascript
last-modified
Sun, 17 Nov 2024 13:39:46 GMT
server
nginx/1.18.0
truncated
/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7cbe2d6dafff1b040f1a1335e46d555381cbf0fd83046ba01dda237cd97a8e50

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
config
sr-client-cfg.amplitude.com/ 		265 B
716 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sr-client-cfg.amplitude.com/config?api_key=c7f5fce10056abbb44ec992985f75777&config_keys=sessionReplay&session_id=1732720318060
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/_next/static/chunks/pages/_app-e5b0e88ab0373ebc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-29.jfk50.r.cloudfront.net
Software
/
Resource Hash
cf6a5cfe750f2f9658cf02bf14b39715b9de116b58ef6c52bd6f56e19e7e2ce6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*/*
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
public, max-age=60, s-maxage=60, stale-if-error=86400, stale-while-revalidate=600
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS
via
1.1 0afec277ba3e75e96fa6b4c76d8e130c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
265
x-amz-cf-id
GdMPGuYdlo4r0J6VFmL-UEuoZ9oY6q6sOZLnmwvvx7ST-fIw7fsBbA==
date
Wed, 27 Nov 2024 15:11:58 GMT
content-type
application/json
x-amz-cf-pop
JFK50-P4
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
retrieve-play-limits-configuration
rgs.enigmalakecasino.com/ 		9 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rgs.enigmalakecasino.com/retrieve-play-limits-configuration
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/_next/static/chunks/pages/_app-e5b0e88ab0373ebc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.35.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-35-102.compute-1.amazonaws.com
Software
/ Express
Resource Hash
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

Request headers

User-Authorization
Bearer no-access-token
Referer
https://telegram-bot.getzoot.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

access-control-allow-origin
*
content-length
9
date
Wed, 27 Nov 2024 15:11:58 GMT
etag
W/"9-PatfYBLj4Um1qTm5zrukoLhNyPU"
content-type
text/plain; charset=utf-8
x-powered-by
Express
auth-guest
auth.enigmalakecasino.com/ 		286 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth.enigmalakecasino.com/auth-guest
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/_next/static/chunks/pages/_app-e5b0e88ab0373ebc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.92.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-92-127.compute-1.amazonaws.com
Software
/ Express
Resource Hash
8745e48f7457acc518f4049989cdfc4b751c2f09c5b6b3b9367b0c927e3756e5

Request headers

Referer
https://telegram-bot.getzoot.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

access-control-allow-origin
*
content-length
286
date
Wed, 27 Nov 2024 15:11:58 GMT
etag
W/"11e-WaecdEjTa4nXzfRL2LMn27sD5+o"
content-type
application/json; charset=utf-8
x-powered-by
Express
background.svg
telegram-bot.getzoot.us/svg/ 		2 KB
1011 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram-bot.getzoot.us/svg/background.svg
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
ba8c86fb6b4989631cabc7ff653615e2e0bab4ff0be98e0dc8fdf8195947341a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
max-age=5, stale-while-revalidate
content-encoding
br
etag
W/"3969b5ac744c8ecccd7e42d91379f58c"
via
1.1 8ca7450d970f904109dac7e068234b78.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
FirM8MglMCIfjV736AjRvp76xoZ-CCGV9tu9dKIvcwGnnkaooJrTzg==
date
Wed, 27 Nov 2024 15:11:58 GMT
content-type
image/svg+xml
x-amz-cf-pop
JFK52-P3
vary
Accept-Encoding
last-modified
Wed, 27 Nov 2024 15:10:51 GMT
Zoot_logo_full_SVG.svg
telegram-bot.getzoot.us/svg/logo/ 		1 KB
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram-bot.getzoot.us/svg/logo/Zoot_logo_full_SVG.svg
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
3b8ffb4c6aaab9251a7a4018446683bbee001efaca1ebd2e8a4741f9e3cdca0e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
max-age=5, stale-while-revalidate
content-encoding
br
etag
W/"38cf8905159183f3635554d5e2d81e6d"
via
1.1 8ca7450d970f904109dac7e068234b78.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
nGoYu2bQojjw_BFAlsmdtVazFjNsHbYp4B2Oq4lwCxJX0UhNolWrAQ==
date
Wed, 27 Nov 2024 15:11:58 GMT
content-type
image/svg+xml
x-amz-cf-pop
JFK52-P3
vary
Accept-Encoding
last-modified
Wed, 27 Nov 2024 15:10:51 GMT
image
telegram-bot.getzoot.us/_next/ 		142 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram-bot.getzoot.us/_next/image?url=%2Fimages%2Flanding-page%2FGames.webp&w=1920&q=70
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/_next/static/chunks/main-d08384e5210a4cff.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
e1c442afb55abed29331458a088295400e7eabb2dffa9689cad789419f2520eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

x-amplify-optimized
true
cache-control
max-age=60, stale-while-revalidate
etag
102-EQl8AbzS4nwKGcdBtFCJ8J9B+hU
via
1.1 8ca7450d970f904109dac7e068234b78.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
145662
x-amz-cf-id
dJIG0k0ihK3V1FmsfhvrT_oPnXVtuiGbXlukEJ17lLcprAAWTr7lQQ==
date
Wed, 27 Nov 2024 15:11:58 GMT
content-type
image/webp
vary
Accept
x-amz-cf-pop
JFK52-P3
image
telegram-bot.getzoot.us/_next/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram-bot.getzoot.us/_next/image?url=%2Fimages%2Flanding-page%2FGirl.webp&w=1920&q=75
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/_next/static/chunks/main-d08384e5210a4cff.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
b7cc0b2f938cd424fb4c8a4bc827c59db6560a1ea81b37f6a55a61bd21976401

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
max-age=60, stale-while-revalidate
x-amplify-optimized
true
etag
101-CghucjJjs9wsb5ki39tS07xeK9c
via
1.1 8ca7450d970f904109dac7e068234b78.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
36736
x-amz-cf-id
bXwvIjiIxxa_0vNmkLNVsLXtRMyf0G-FtnmRegHVrkz0lz2IgOYB3Q==
date
Wed, 27 Nov 2024 15:11:58 GMT
content-type
image/webp
vary
Accept
x-amz-cf-pop
JFK52-P3
config
api.radar.io/v1/ 		344 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.radar.io/v1/config?deviceId=17b520bb-285e-4c15-84cb-25ed1c269347&installId=519305a3-93ac-4e19-a0df-cda4fc32b284&sessionId=1732720318&locationAuthorization=NOT_DETERMINED
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/_next/static/chunks/pages/_app-e5b0e88ab0373ebc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:2474 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
692e66cc3093d92a8f802a8a55b13ffba48f9ac3c19b965eed6cc66a7ca06933

Request headers

X-Radar-SDK-Version
4.3.4
Authorization
prj_live_pk_8e29aaaadd3b7bf87969060e2462f0c6a3abfdc5
X-Radar-Device-Type
Web
Referer
https://telegram-bot.getzoot.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"158-SiT3zqFkQkXp69qm0BOvujJsYJg"
cf-ray
8e930dc838c32a86-LAX
access-control-allow-origin
https://telegram-bot.getzoot.us
date
Wed, 27 Nov 2024 15:11:58 GMT
content-type
application/json; charset=utf-8
x-powered-by
Express
server
cloudflare
config
api.radar.io/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.radar.io/v1/config?deviceId=17b520bb-285e-4c15-84cb-25ed1c269347&installId=519305a3-93ac-4e19-a0df-cda4fc32b284&sessionId=1732720318&locationAuthorization=NOT_DETERMINED
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:2474 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-radar-device-type,x-radar-sdk-version
Access-Control-Request-Method
GET
Origin
https://telegram-bot.getzoot.us
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type,x-radar-device-type,x-radar-sdk-version
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8e930dc73f752a86-LAX
date
Wed, 27 Nov 2024 15:11:58 GMT
server
cloudflare
vary
Access-Control-Request-Headers
x-powered-by
Express
OneSignalSDK.page.es6.js
cdn.onesignal.com/sdks/web/v16/ 		263 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.es6.js?v=160204
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a091 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57ce9b5a668b125901362c53e5cfdb4eb9dda721b609f6d71d2eb4b17a4e4e7c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
cache-control
public, max-age=259200
content-encoding
br
cf-cache-status
HIT
etag
W/"e46b99a45f77e5783a5a7de8b9fb7fcd"
age
1981
via
1.1 google
cf-ray
8e930dc62a1ff7cb-LAX
expires
Sat, 30 Nov 2024 15:11:58 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 15:11:58 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
OneSignal-Subscription-Id
cat-icon-just-dropped_back.webp
telegram-bot.getzoot.us/images/landing-page/featured-content-latest-game/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram-bot.getzoot.us/images/landing-page/featured-content-latest-game/cat-icon-just-dropped_back.webp
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
5ca5bab28b5e0ce04c1e3083ab3796f0a76421d169d5f67e9493148c1bc64403

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
max-age=5, stale-while-revalidate
etag
"8896e2db5b2487f41eea3462c7deff8b"
via
1.1 8ca7450d970f904109dac7e068234b78.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
3882
x-amz-cf-id
lVkqss1ypG-qaSEG2uegQQNEkifjcxoefq2NvE3AT0njFlKgGOgeWA==
date
Wed, 27 Nov 2024 15:11:58 GMT
content-type
image/webp
last-modified
Wed, 27 Nov 2024 15:10:51 GMT
x-amz-cf-pop
JFK52-P3
Games_ThumbNails_39_Basketball_Plinko_Small.png
telegram-bot.getzoot.us/game-thumbnails/mobile/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram-bot.getzoot.us/game-thumbnails/mobile/Games_ThumbNails_39_Basketball_Plinko_Small.png
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
d02a0b7708cdbc110e185a2e5c82796aaa6649813de8201b796cda2329c3577f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
max-age=5, stale-while-revalidate
etag
"558a628890fc2d23d8a78f44eb221f02"
via
1.1 8ca7450d970f904109dac7e068234b78.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
48473
x-amz-cf-id
xUegiMgnCycmoqmAQ2sR9OOYVi2NBQckrqdn9hGn8BYFOcKR1i8rMA==
date
Wed, 27 Nov 2024 15:11:58 GMT
content-type
image/png
last-modified
Wed, 27 Nov 2024 15:10:50 GMT
x-amz-cf-pop
JFK52-P3
cat-icon-just-dropped_outline.webp
telegram-bot.getzoot.us/images/landing-page/featured-content-latest-game/ 		648 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram-bot.getzoot.us/images/landing-page/featured-content-latest-game/cat-icon-just-dropped_outline.webp
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
1d3d48e641ed1e4d66a36104e9019ef9c6efeded957e797751c8e393881f6b1d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
max-age=5, stale-while-revalidate
etag
"f150262d288ef52dd35c146ef369c2a0"
via
1.1 8ca7450d970f904109dac7e068234b78.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
648
x-amz-cf-id
9m5naVxoxQ246EnjfufwlD8UJHsGJP95Y0ewOxTE4_LuBNdoklc_nQ==
date
Wed, 27 Nov 2024 15:11:58 GMT
content-type
image/webp
last-modified
Wed, 27 Nov 2024 15:10:51 GMT
x-amz-cf-pop
JFK52-P3
new_badge.svg
telegram-bot.getzoot.us/svg/badges/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram-bot.getzoot.us/svg/badges/new_badge.svg
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
32ad1e889151fb2eb23f1e0412879605fba2899fc01a3865388b99d1c1d96e6c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
max-age=5, stale-while-revalidate
content-encoding
br
etag
W/"e4bf0621f0fe028f435ccb7bbf209ac9"
via
1.1 8ca7450d970f904109dac7e068234b78.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
FA4-4E8tD6HrMZBblqIvF_oC2DVfOFoRtcMg4TE46p2zpid7B2P2Qw==
date
Wed, 27 Nov 2024 15:11:58 GMT
content-type
image/svg+xml
x-amz-cf-pop
JFK52-P3
vary
Accept-Encoding
last-modified
Wed, 27 Nov 2024 15:10:51 GMT
cat-icon-just-dropped_front.webp
telegram-bot.getzoot.us/images/landing-page/featured-content-latest-game/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram-bot.getzoot.us/images/landing-page/featured-content-latest-game/cat-icon-just-dropped_front.webp
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
3ccd02d196dfd79d9e0450210cd6374ce60eb19f60ec982b784903d50f3b01da

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
max-age=5, stale-while-revalidate
etag
"fc5993aaf7d0f5a6b2dde59dc4a16058"
via
1.1 8ca7450d970f904109dac7e068234b78.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
2096
x-amz-cf-id
QhYLutsJTsGe71Pnauof0yFBb6zami8W9YSCI2gH89H_MkPDwejgOA==
date
Wed, 27 Nov 2024 15:11:58 GMT
content-type
image/webp
last-modified
Wed, 27 Nov 2024 15:10:51 GMT
x-amz-cf-pop
JFK52-P3
quests.webp
telegram-bot.getzoot.us/images/landing-page/featured-content/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram-bot.getzoot.us/images/landing-page/featured-content/quests.webp
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
be4eaa95508ddf91d45596739d725fe9154d199b5c0bdcef539f53495a15f4e1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
max-age=5, stale-while-revalidate
etag
"85139c9e7f939e95ddf4349f7812c6b8"
via
1.1 8ca7450d970f904109dac7e068234b78.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
3122
x-amz-cf-id
z9aRm45czIWZVMsOrnnO6udCw4dN8bXbRh5JJ6806EJ2HISdhVKrQA==
date
Wed, 27 Nov 2024 15:11:58 GMT
content-type
image/webp
last-modified
Wed, 27 Nov 2024 15:10:51 GMT
x-amz-cf-pop
JFK52-P3
fc-dice.webp
telegram-bot.getzoot.us/images/landing-page/featured-content/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram-bot.getzoot.us/images/landing-page/featured-content/fc-dice.webp
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
e544b8a575a522084830de320d2c1f56bd9cad9b953000be157d28e88c1621a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
max-age=5, stale-while-revalidate
etag
"7116d269e174a771856d05cae364dc2f"
via
1.1 8ca7450d970f904109dac7e068234b78.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
5254
x-amz-cf-id
FGiHyVdxj8OnjndVCezHYcJa0c3ZDNr3uLbXnDCY2d8ayt7_cSSSQg==
date
Wed, 27 Nov 2024 15:11:58 GMT
content-type
image/webp
last-modified
Wed, 27 Nov 2024 15:10:51 GMT
x-amz-cf-pop
JFK52-P3
Inter-SemiBold.ttf
telegram-bot.getzoot.us/fonts/Inter/ 		308 KB
142 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://telegram-bot.getzoot.us/fonts/Inter/Inter-SemiBold.ttf
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
e8cbc2b88bc4268237ff5e251776d3c54edcb14e015a9e66e4883bde4b55f13f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://telegram-bot.getzoot.us
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
max-age=5, stale-while-revalidate
content-encoding
br
etag
W/"07a48beb92b401297a76ff9f6aedd0ed"
via
1.1 8ca7450d970f904109dac7e068234b78.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
sAAMCj-yvxfLojgu4-Dvo1Arun7jpK6hauCEYwZBNTAkMx7nWe7hSQ==
date
Wed, 27 Nov 2024 15:11:58 GMT
content-type
font/ttf
x-amz-cf-pop
JFK52-P3
vary
Accept-Encoding
last-modified
Wed, 27 Nov 2024 15:10:50 GMT
image
telegram-bot.getzoot.us/_next/ 		810 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram-bot.getzoot.us/_next/image?url=%2Fimages%2Flanding-page%2Ficons%2Fben-icon-daily.webp&w=1920&q=75
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
abe2c7da56b1d8b19e47531c48dffbac0dd8d0cb29283fae667e18d6291b0d60

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

x-amplify-optimized
true
cache-control
max-age=60, stale-while-revalidate
etag
111-fh8KkR4KmqW5UoFSvLFz5RDu9bo
via
1.1 8ca7450d970f904109dac7e068234b78.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
810
x-amz-cf-id
eEjGYX--zUGuOjNhBOUi-rLeZf-DJiSxHuE_e0DjbimM_FldUGCt2Q==
date
Wed, 27 Nov 2024 15:11:58 GMT
content-type
image/webp
vary
Accept
x-amz-cf-pop
JFK52-P3
image
telegram-bot.getzoot.us/_next/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram-bot.getzoot.us/_next/image?url=%2Fimages%2Flanding-page%2Ficons%2Fben-icon-level.webp&w=1920&q=75
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
f01233b1b8116c4bd8a490b04e66fad094b6b1e741dc82dec537115ea102989d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
max-age=60, stale-while-revalidate
x-amplify-optimized
true
etag
111-EfePoIG4ibjXxHukOnwNvHt6vPc
via
1.1 8ca7450d970f904109dac7e068234b78.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
1216
x-amz-cf-id
YM2H9KGZa5d4UBN2SDq-V4nkLVjKXcW3p6dTBb1gNNrLyKWsiktuRA==
date
Wed, 27 Nov 2024 15:11:58 GMT
content-type
image/webp
vary
Accept
x-amz-cf-pop
JFK52-P3
image
telegram-bot.getzoot.us/_next/ 		774 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram-bot.getzoot.us/_next/image?url=%2Fimages%2Flanding-page%2Ficons%2Fben-icon-challenges.webp&w=1920&q=75
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
78bc691b42eaff9ba2915265659313d172a9eb489f84ff6dd5910bf83d657d10

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

x-amplify-optimized
true
cache-control
max-age=60, stale-while-revalidate
etag
116-S8ul1pAgpUq3rMa52eZ8GtutamY
via
1.1 8ca7450d970f904109dac7e068234b78.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
774
x-amz-cf-id
tBkGErv9GlRInDldAQs5uu8wHo_Uugn3b3jN7rIOenHzrPgc44Hc-A==
date
Wed, 27 Nov 2024 15:11:58 GMT
content-type
image/webp
vary
Accept
x-amz-cf-pop
JFK52-P3
image
telegram-bot.getzoot.us/_next/ 		730 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram-bot.getzoot.us/_next/image?url=%2Fimages%2Flanding-page%2Ficons%2Fben-icon-rtp.webp&w=1920&q=75
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
b0f76feb5b2534b314fb4719ebc7b2b78dc899f5e460efdfc7acc242ef74740b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

x-amplify-optimized
true
cache-control
max-age=60, stale-while-revalidate
etag
10f-j+5kxycNcA8tvyY7XJDCsoquWSk
via
1.1 8ca7450d970f904109dac7e068234b78.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
730
x-amz-cf-id
tk1LwIxK1J-yzeYUJh1FNR1vWqoi5MnFsHZUDARygrnA-CXZ66Pkkw==
date
Wed, 27 Nov 2024 15:11:58 GMT
content-type
image/webp
vary
Accept
x-amz-cf-pop
JFK52-P3
Inter-Bold.ttf
telegram-bot.getzoot.us/fonts/Inter/ 		309 KB
143 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://telegram-bot.getzoot.us/fonts/Inter/Inter-Bold.ttf
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
790c108befe859dac2ddbd20af3fbb6917c601b3d544c8a05761519f3b5508fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://telegram-bot.getzoot.us
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
max-age=5, stale-while-revalidate
content-encoding
br
etag
W/"275bfea5dc74c33f51916fee80feae67"
via
1.1 8ca7450d970f904109dac7e068234b78.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
BTyx8K6g2eCS8mh4gjVZGm6KM_wvznXhwrL3mJcb_A57gmWLQMYSWw==
date
Wed, 27 Nov 2024 15:11:58 GMT
content-type
font/ttf
x-amz-cf-pop
JFK52-P3
vary
Accept-Encoding
last-modified
Wed, 27 Nov 2024 15:10:50 GMT
config
sr-client-cfg.amplitude.com/ 		265 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sr-client-cfg.amplitude.com/config?api_key=c7f5fce10056abbb44ec992985f75777&config_keys=sessionReplay&session_id=1732720318060
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/_next/static/chunks/pages/_app-e5b0e88ab0373ebc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-29.jfk50.r.cloudfront.net
Software
/
Resource Hash
cf6a5cfe750f2f9658cf02bf14b39715b9de116b58ef6c52bd6f56e19e7e2ce6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*/*
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
public, max-age=60, s-maxage=60, stale-if-error=86400, stale-while-revalidate=600
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS
via
1.1 0afec277ba3e75e96fa6b4c76d8e130c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
265
x-amz-cf-id
GdMPGuYdlo4r0J6VFmL-UEuoZ9oY6q6sOZLnmwvvx7ST-fIw7fsBbA==
date
Wed, 27 Nov 2024 15:11:58 GMT
content-type
application/json
x-amz-cf-pop
JFK50-P4
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
config
sr-client-cfg.amplitude.com/ 		265 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sr-client-cfg.amplitude.com/config?api_key=c7f5fce10056abbb44ec992985f75777&config_keys=sessionReplay&session_id=1732720318060
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/_next/static/chunks/pages/_app-e5b0e88ab0373ebc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-29.jfk50.r.cloudfront.net
Software
/
Resource Hash
cf6a5cfe750f2f9658cf02bf14b39715b9de116b58ef6c52bd6f56e19e7e2ce6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*/*
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
public, max-age=60, s-maxage=60, stale-if-error=86400, stale-while-revalidate=600
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS
via
1.1 0afec277ba3e75e96fa6b4c76d8e130c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
265
x-amz-cf-id
GdMPGuYdlo4r0J6VFmL-UEuoZ9oY6q6sOZLnmwvvx7ST-fIw7fsBbA==
date
Wed, 27 Nov 2024 15:11:58 GMT
content-type
application/json
x-amz-cf-pop
JFK50-P4
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
get-balance
wallet.enigmalakecasino.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://wallet.enigmalakecasino.com/get-balance
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.36.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-36-173.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://telegram-bot.getzoot.us
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Wed, 27 Nov 2024 15:11:59 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
get-balance
wallet.enigmalakecasino.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://wallet.enigmalakecasino.com/get-balance
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.36.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-36-173.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://telegram-bot.getzoot.us
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Wed, 27 Nov 2024 15:11:59 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
get-balance
wallet.enigmalakecasino.com/ 		144 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wallet.enigmalakecasino.com/get-balance
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/_next/static/chunks/pages/_app-e5b0e88ab0373ebc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.36.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-36-173.compute-1.amazonaws.com
Software
/ Express
Resource Hash
5d3eaf7280c218176574118f4741e8a1e5df4a2a29eb3896300da1110122bee0

Request headers

Authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJNblkzYkRFNFozaGpNVGhuZUdOdmJ3PT0ifQ.9JVv6QHVxwCm1AvZ6x5FKJeawmbhfnVVAxQAsbcSqRw
Referer
https://telegram-bot.getzoot.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

access-control-allow-origin
*
content-length
144
date
Wed, 27 Nov 2024 15:12:02 GMT
etag
W/"90-M/2xac4ySOw3D7rkkawUKUrhj2o"
content-type
application/json; charset=utf-8
x-powered-by
Express
get-balance
wallet.enigmalakecasino.com/ 		152 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wallet.enigmalakecasino.com/get-balance
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/_next/static/chunks/pages/_app-e5b0e88ab0373ebc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.36.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-36-173.compute-1.amazonaws.com
Software
/ Express
Resource Hash
ad41e725a7576861cc6ae4898092b7818c7b501e934e0823d4641ee448b89367

Request headers

Authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJNblkzYkRFNFozaGpNVGhuZUdOdmJ3PT0ifQ.9JVv6QHVxwCm1AvZ6x5FKJeawmbhfnVVAxQAsbcSqRw
Referer
https://telegram-bot.getzoot.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

access-control-allow-origin
*
content-length
152
date
Wed, 27 Nov 2024 15:11:59 GMT
etag
W/"98-eJVEUr4E7vM9QONLK454Ak4u3rc"
content-type
application/json; charset=utf-8
x-powered-by
Express
retrieve-play-limits-configuration
rgs.enigmalakecasino.com/ 		192 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rgs.enigmalakecasino.com/retrieve-play-limits-configuration
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/_next/static/chunks/pages/_app-e5b0e88ab0373ebc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.35.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-35-102.compute-1.amazonaws.com
Software
/ Express
Resource Hash
f2126f20a76cd97acc850e3ccf7b33177227c6525dc0055142aba84b144c7114

Request headers

User-Authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJNblkzYkRFNFozaGpNVGhuZUdOdmJ3PT0ifQ.9JVv6QHVxwCm1AvZ6x5FKJeawmbhfnVVAxQAsbcSqRw
Referer
https://telegram-bot.getzoot.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

access-control-allow-origin
*
content-length
192
date
Wed, 27 Nov 2024 15:11:59 GMT
etag
W/"c0-WvPMxIWz6uTLPs/fe7VMvi0Vcss"
content-type
application/json; charset=utf-8
x-powered-by
Express
56578
level-up.enigmalakecasino.com/user-overview/ 		341 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://level-up.enigmalakecasino.com/user-overview/56578
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/_next/static/chunks/pages/_app-e5b0e88ab0373ebc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.143.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-143-117.compute-1.amazonaws.com
Software
/ Express
Resource Hash
6e30ff29f6fb308f7cfd2c3dd57faea6b19d77c770e9a176f7a35eaa91c635a0

Request headers

Authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJNblkzYkRFNFozaGpNVGhuZUdOdmJ3PT0ifQ.9JVv6QHVxwCm1AvZ6x5FKJeawmbhfnVVAxQAsbcSqRw
Referer
https://telegram-bot.getzoot.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

access-control-allow-origin
*
content-length
341
date
Wed, 27 Nov 2024 15:11:59 GMT
etag
W/"155-448UCGmfTtx05RJI+OP5X7q+dkw"
content-type
application/json; charset=utf-8
x-powered-by
Express
56578
store.enigmalakecasino.com/transaction-history/ 		25 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://store.enigmalakecasino.com/transaction-history/56578
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/_next/static/chunks/pages/_app-e5b0e88ab0373ebc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.245.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-245-201.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e71c1499a3bd897b0ebe011fc9b4ede7e274b6187c54d01aa0118faa18a2ca54

Request headers

Authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJNblkzYkRFNFozaGpNVGhuZUdOdmJ3PT0ifQ.9JVv6QHVxwCm1AvZ6x5FKJeawmbhfnVVAxQAsbcSqRw
Referer
https://telegram-bot.getzoot.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

access-control-allow-origin
*
content-length
25
date
Wed, 27 Nov 2024 15:11:59 GMT
etag
W/"19-tflS4+o6nSajjS8LTblEWYqU91U"
content-type
application/json; charset=utf-8
x-powered-by
Express
56578
reward.enigmalakecasino.com/offers/get-by-user-id/ 		13 B
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://reward.enigmalakecasino.com/offers/get-by-user-id/56578
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/_next/static/chunks/pages/_app-e5b0e88ab0373ebc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.212.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-212-175.compute-1.amazonaws.com
Software
/ Express
Resource Hash
8acca811dd3b09305760bae81d90cc79ffc5f4592c605d5d3d56e0d8b9363520

Request headers

Authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJNblkzYkRFNFozaGpNVGhuZUdOdmJ3PT0ifQ.9JVv6QHVxwCm1AvZ6x5FKJeawmbhfnVVAxQAsbcSqRw
Referer
https://telegram-bot.getzoot.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

access-control-allow-origin
*
content-length
13
date
Wed, 27 Nov 2024 15:11:59 GMT
etag
W/"d-KgyGKpsvHfZLqby4ZS/d5XyKBpk"
content-type
application/json; charset=utf-8
x-powered-by
Express
56578
level-up.enigmalakecasino.com/user-overview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://level-up.enigmalakecasino.com/user-overview/56578
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.143.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-143-117.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://telegram-bot.getzoot.us
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
authorization
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Wed, 27 Nov 2024 15:11:59 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
56578
store.enigmalakecasino.com/transaction-history/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://store.enigmalakecasino.com/transaction-history/56578
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.245.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-245-201.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://telegram-bot.getzoot.us
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
authorization
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Wed, 27 Nov 2024 15:11:59 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
56578
reward.enigmalakecasino.com/offers/get-by-user-id/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://reward.enigmalakecasino.com/offers/get-by-user-id/56578
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.212.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-212-175.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://telegram-bot.getzoot.us
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
authorization
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Wed, 27 Nov 2024 15:11:59 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
httpapi
api2.amplitude.com/2/ 		94 B
218 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/_next/static/chunks/pages/_app-e5b0e88ab0373ebc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.191.83.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-191-83-64.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
5a9efec100431bc415873a79a4b2010f58dbc0df8d78389a3310b5fc4da03a6e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://telegram-bot.getzoot.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*/*
Content-Type
application/json

Response headers

strict-transport-security
max-age=15768000
access-control-allow-origin
*
content-length
94
date
Wed, 27 Nov 2024 15:11:59 GMT
content-type
application/json
httpapi
api2.amplitude.com/2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.191.83.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-191-83-64.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://telegram-bot.getzoot.us
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Wed, 27 Nov 2024 15:11:59 GMT
strict-transport-security
max-age=15768000
p
i.simpli.fi/ 		806 B
769 B 		Script
General
Check archive.org
Download Go to
Full URL
https://i.simpli.fi/p?cid=507130&cb=sifi_att_2304329797678._hp
Requested by
Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/cc7d24f2-d111-45a2-af07-dfe7db2424ea
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.86.110.8 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.110.86.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
8c324a50bd78108c7a50b82e840ac5afaf51b7d1aa0166ce13e11b69f1cb915e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding
gzip
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
date
Wed, 27 Nov 2024 15:11:59 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
openresty
auth-telegram
auth.enigmalakecasino.com/ 		227 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth.enigmalakecasino.com/auth-telegram
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/_next/static/chunks/pages/_app-e5b0e88ab0373ebc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.92.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-92-127.compute-1.amazonaws.com
Software
/ Express
Resource Hash
739a03b4c7ce43f6d6360f4529cb3f16aa3c1806e9bb3d86d88a22a8cefa33c6

Request headers

Referer
https://telegram-bot.getzoot.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

access-control-allow-origin
*
content-length
227
date
Wed, 27 Nov 2024 15:11:59 GMT
etag
W/"e3-UoKj48ge4+ogpK5iVq/0Enp49as"
content-type
application/json; charset=utf-8
x-powered-by
Express
auth-telegram
auth.enigmalakecasino.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://auth.enigmalakecasino.com/auth-telegram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.92.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-92-127.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://telegram-bot.getzoot.us
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Wed, 27 Nov 2024 15:11:59 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
favicon-32x32.png
telegram-bot.getzoot.us/favicon/ 		904 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://telegram-bot.getzoot.us/favicon/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
408d7ae0d335a7132c8040e06ff86dbb025d07e3404be4309ce16df4f47a8fc4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
max-age=5, stale-while-revalidate
etag
"961c38406e2fade68cd072520958e6d5"
via
1.1 8ca7450d970f904109dac7e068234b78.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
904
x-amz-cf-id
xfWMnS1GK8Chf-Rxh1GofJtkhzsafx51rT2yo8SHleUDs7x6XJFhqA==
date
Wed, 27 Nov 2024 15:11:59 GMT
content-type
image/png
last-modified
Wed, 27 Nov 2024 15:10:50 GMT
x-amz-cf-pop
JFK52-P3
dcm
s.amazon-adsystem.com/
Redirect Chain
  • https://um.simpli.fi/smaato
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=35CF1AFDCC2B491FA08E6907C197322C
  • https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=8c4e7df613&gdpr=0&gdpr_consent=
  • https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=8c4e7df613&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=8c4e7df613&gdpr=0&gdpr_consent=&dcc=t
Protocol
HTTP/1.1
Server
98.82.156.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-156-107.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
END2EFXJGT46AG38W112
Content-Length
43
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Wed, 27 Nov 2024 15:12:00 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server

Redirect headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Location
https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=8c4e7df613&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
016HWJ5M5FN2C5SCXGV9
Content-Length
0
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Wed, 27 Nov 2024 15:12:00 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
RX-c936eb4f-1f5f-4708-a57a-0ecb8aa7b3f4-005
sync.targeting.unrulymedia.com/csync/
Redirect Chain
  • https://um.simpli.fi/nexxen
  • https://sync.1rx.io/usersync/simplifi/35CF1AFDCC2B491FA08E6907C197322C
  • https://sync.1rx.io/usersync/simplifi/35CF1AFDCC2B491FA08E6907C197322C?zcc=1&cb=1732720326422
  • https://sync.targeting.unrulymedia.com/csync/RX-c936eb4f-1f5f-4708-a57a-0ecb8aa7b3f4-005
43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-c936eb4f-1f5f-4708-a57a-0ecb8aa7b3f4-005
Protocol
H2
Server
69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date
Wed, 27 Nov 2024 15:11:56 GMT
content-length
43

Redirect headers

expires
0
cache-control
no-store, no-cache, must-revalidate
location
https://sync.targeting.unrulymedia.com/csync/RX-c936eb4f-1f5f-4708-a57a-0ecb8aa7b3f4-005
date
Wed, 27 Nov 2024 15:12:01 GMT
pragma
no-cache
content-type
text/html
xuid
eb2.3lift.com/
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=35CF1AFDCC2B491FA08E6907C197322C&dongle=yf3
  • https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=35CF1AFDCC2B491FA08E6907C197322C&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
37 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=35CF1AFDCC2B491FA08E6907C197322C&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date
Wed, 27 Nov 2024 15:12:00 GMT
content-type
image/gif

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
/xuid?ld=1&mid=7969&xuid=35CF1AFDCC2B491FA08E6907C197322C&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date
Wed, 27 Nov 2024 15:12:00 GMT
sync
simplifi.partners.tremorhub.com/
Redirect Chain
  • https://um.simpli.fi/telaria_p
  • https://simplifi.partners.tremorhub.com/sync?UISF=35CF1AFDCC2B491FA08E6907C197322C
43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simplifi.partners.tremorhub.com/sync?UISF=35CF1AFDCC2B491FA08E6907C197322C
Protocol
H2
Server
2600:1f18:612b:4232:32bf:c12c:81c0:4994 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Wed, 27 Nov 2024 15:12:00 GMT
content-type
image/gif
server
nginx

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://simplifi.partners.tremorhub.com/sync?UISF=35CF1AFDCC2B491FA08E6907C197322C
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Tue, 26 Nov 2024 15:11:59 GMT
access-control-allow-origin
*
content-length
142
date
Wed, 27 Nov 2024 15:11:59 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://um.simpli.fi/tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=35CF1AFDCC2B491FA08E6907C197322C
95 B
761 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=35CF1AFDCC2B491FA08E6907C197322C
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
95
date
Wed, 27 Nov 2024 15:12:00 GMT
content-type
image/png
server
Jetty(11.0.13)

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=35CF1AFDCC2B491FA08E6907C197322C
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Tue, 26 Nov 2024 15:11:59 GMT
access-control-allow-origin
*
content-length
142
date
Wed, 27 Nov 2024 15:11:59 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
empty.gif
um.simpli.fi/
Redirect Chain
  • https://um.simpli.fi/ad_advisor
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=35CF1AFDCC2B491FA08E6907C197322C
  • https://d.agkn.com/pixel/10751/?che=1732720320190&ip=162.245.206.246&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D214190605079017970713
  • https://um.simpli.fi/aa_px?sk=214190605079017970713
  • https://um.simpli.fi/empty.gif
43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/empty.gif
Protocol
H2
Server
35.236.220.17 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
17.220.236.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
access-control-allow-origin
*
content-length
43
date
Wed, 27 Nov 2024 15:12:00 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
location
/empty.gif
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-length
142
date
Wed, 27 Nov 2024 15:12:00 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=35CF1AFDCC2B491FA08E6907C197322C
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=35CF1AFDCC2B491FA08E6907C197322C&ckls=true&ci=ScUcNTsO6c&nc=false&trid=341121643
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=35CF1AFDCC2B491FA08E6907C197322C&ckls=true&ci=ScUcNTsO6c&nc=false&trid=341121643
Protocol
H2
Server
2600:9000:2512:fa00:1b:6b7d:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 af81a253e57ed5b111fa0052bfc87f2e.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 27 Nov 2024 15:12:00 GMT
content-type
image/gif
x-amz-cf-pop
JFK50-P7
x-amz-cf-id
gNT5K0GKUmTaQ1rMmMzSV2G2dPyjNsqEaIj9FVSTa3xCZhcaDeTuYg==

Redirect headers

patent
https://www.almondnet.com/ip
cache-control
no-cache, no-store, must-revalidate
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=35CF1AFDCC2B491FA08E6907C197322C&ckls=true&ci=ScUcNTsO6c&nc=false&trid=341121643
pragma
no-cache
via
1.1 af81a253e57ed5b111fa0052bfc87f2e.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 27 Nov 2024 15:12:00 GMT
content-type
image/gif
x-amz-cf-pop
JFK50-P7
x-amz-cf-id
2NPJJUyr9pgvsbTu94I9B5-tvOPqEwWxA6tGUbLNOkx4Q0ZgTIlhYA==
Pug
image2.pubmatic.com/AdServer/
Redirect Chain
  • https://um.simpli.fi/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:35CF1AFDCC2B491FA08E6907C197322C
42 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:35CF1AFDCC2B491FA08E6907C197322C
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
no-store, no-cache, private
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 27 Nov 2024 15:11:58 GMT
content-type
image/gif; charset=utf-8
server
nginx

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:35CF1AFDCC2B491FA08E6907C197322C
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Tue, 26 Nov 2024 15:11:59 GMT
access-control-allow-origin
*
content-length
142
date
Wed, 27 Nov 2024 15:11:59 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
user-registering
ads.stickyadstv.com/
Redirect Chain
  • https://um.simpli.fi/freewheel
  • https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=35CF1AFDCC2B491FA08E6907C197322C
43 B
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=35CF1AFDCC2B491FA08E6907C197322C
Protocol
HTTP/1.1
Server
63.251.28.230 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache
Pragma
no-cache
x-sticky-vk
1732720320494067-290
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Date
Wed, 27 Nov 2024 15:12:00 GMT
Content-Type
image/gif
Server
nginx

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=35CF1AFDCC2B491FA08E6907C197322C
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Tue, 26 Nov 2024 15:11:59 GMT
access-control-allow-origin
*
content-length
142
date
Wed, 27 Nov 2024 15:11:59 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
engine
pbid.pro-market.net/
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=35CF1AFDCC2B491FA08E6907C197322C;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=35CF1AFDCC2B491FA08E6907C197322C;mimetype=img;sr
  • https://cms.analytics.yahoo.com/cms?partner_id=DATCS
  • https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS
  • https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-TDyyHrBE2pSfjSUDr_zJ8.AoIhPOQzYsXs4-~A
43 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-TDyyHrBE2pSfjSUDr_zJ8.AoIhPOQzYsXs4-~A
Protocol
H2
Server
2600:1901:0:8eee:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
anserver
gapp3.c.datonics-gcp-01.internal
expires
Mon, 1 Jan 1990 0:0:0 GMT
access-control-allow-origin
*
alt-svc
clear
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-length
43
date
Wed, 27 Nov 2024 15:12:00 GMT
content-type
image/gif
server
Apache-Coyote/1.1

Redirect headers

strict-transport-security
max-age=31536000
location
https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-TDyyHrBE2pSfjSUDr_zJ8.AoIhPOQzYsXs4-~A
age
0
referrer-policy
no-referrer-when-downgrade
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Wed, 27 Nov 2024 15:12:00 GMT
content-type
text/html
server
ATS
/
loadm.exelator.com/load/
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=35CF1AFDCC2B491FA08E6907C197322C&j=0
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=35CF1AFDCC2B491FA08E6907C197322C&j=0&xl8blockcheck=1
0
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=2191&simid=35CF1AFDCC2B491FA08E6907C197322C&j=0&xl8blockcheck=1
Protocol
H2
Server
50.16.197.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-197-56.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
no-cache
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date
Wed, 27 Nov 2024 15:12:00 GMT
x-powered-by
Undertow/1
server
nginx
access-control-allow-credentials
true

Redirect headers

cache-control
no-cache
location
https://loadm.exelator.com/load/?p=204&g=2191&simid=35CF1AFDCC2B491FA08E6907C197322C&j=0&xl8blockcheck=1
access-control-allow-credentials
true
content-length
0
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date
Wed, 27 Nov 2024 15:12:00 GMT
content-type
image/gif
x-powered-by
Undertow/1
server
nginx
sync
ups.analytics.yahoo.com/ups/55964/
Redirect Chain
  • https://um.simpli.fi/yahoo
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=35CF1AFDCC2B491FA08E6907C197322C
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=35CF1AFDCC2B491FA08E6907C197322C&verify=true
0
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55964/sync?uid=35CF1AFDCC2B491FA08E6907C197322C&verify=true
Protocol
H2
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Wed, 27 Nov 2024 15:12:00 GMT
age
0
content-type
text/html
server
ATS
referrer-policy
no-referrer-when-downgrade

Redirect headers

strict-transport-security
max-age=31536000
location
https://ups.analytics.yahoo.com/ups/55964/sync?uid=35CF1AFDCC2B491FA08E6907C197322C&verify=true
age
0
referrer-policy
no-referrer-when-downgrade
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Wed, 27 Nov 2024 15:12:00 GMT
content-type
text/html
server
ATS
sync
sync.bfmio.com/
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=35CF1AFDCC2B491FA08E6907C197322C
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=141&uid=35CF1AFDCC2B491FA08E6907C197322C
Protocol
HTTP/1.1
Server
3.213.29.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-29-127.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

Date
Wed, 27 Nov 2024 15:11:59 GMT
Connection
keep-alive

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://sync.bfmio.com/sync?pid=141&uid=35CF1AFDCC2B491FA08E6907C197322C
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Tue, 26 Nov 2024 15:11:59 GMT
access-control-allow-origin
*
content-length
142
date
Wed, 27 Nov 2024 15:11:59 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
29931
stags.bluekai.com/site/
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=35CF1AFDCC2B491FA08E6907C197322C
27 B
27 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/29931?id=35CF1AFDCC2B491FA08E6907C197322C
Protocol
HTTP/1.1
Server
23.47.69.85 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-69-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5607bc0b49036b5f13acf3f5767e0fb2fb947f5369bda253939e78e2b11f85b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Expires
Wed, 27 Nov 2024 15:12:00 GMT
Content-Length
27
Date
Wed, 27 Nov 2024 15:12:00 GMT
AK-GRN
0.bd02c417.1732720320.19b5d908
Content-Type
text/html

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://stags.bluekai.com/site/29931?id=35CF1AFDCC2B491FA08E6907C197322C
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Tue, 26 Nov 2024 15:11:59 GMT
access-control-allow-origin
*
content-length
142
date
Wed, 27 Nov 2024 15:11:59 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
tpid=35CF1AFDCC2B491FA08E6907C197322C
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=35CF1AFDCC2B491FA08E6907C197322C
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=35CF1AFDCC2B491FA08E6907C197322C
49 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=35CF1AFDCC2B491FA08E6907C197322C
Protocol
H2
Server
34.204.27.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-27-94.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
no-cache
pragma
no-cache
expires
0
access-control-allow-origin
*
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
49
date
Wed, 27 Nov 2024 15:12:00 GMT
content-type
image/gif
x-server
10.40.11.248
server
Jetty(9.4.38.v20210224)

Redirect headers

cache-control
no-cache
location
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=35CF1AFDCC2B491FA08E6907C197322C
pragma
no-cache
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
0
date
Wed, 27 Nov 2024 15:12:00 GMT
x-server
10.40.52.132
server
Jetty(9.4.38.v20210224)
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=35CF1AFDCC2B491FA08E6907C197322C
  • https://ce.lijit.com/merge?pid=2&3pid=35CF1AFDCC2B491FA08E6907C197322C&dnr=1
43 B
511 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=35CF1AFDCC2B491FA08E6907C197322C&dnr=1
Protocol
H2
Server
54.210.193.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-193-121.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
pragma
no-cache
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 27 Nov 2024 15:12:00 GMT
content-type
image/gif
vary
Accept-Encoding

Redirect headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
location
https://ce.lijit.com/merge?pid=2&3pid=35CF1AFDCC2B491FA08E6907C197322C&dnr=1
pragma
no-cache
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 27 Nov 2024 15:12:00 GMT
vary
Accept-Encoding
db_sync
px.ads.linkedin.com/
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=35CF1AFDCC2B491FA08E6907C197322C
  • https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogMzVDRjFBRkRDQzJCNDkxRkEwOEU2OTA3QzE5NzMyMkMQABoNCMDtnLoGEgUI6AcQAEIASgA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=f94e39d1763948dd0fcd7ffd0b0c6ddc9cba51de0d6b343561a58854e039607a791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=f94e39d1763948dd0fcd7ffd0b0c6ddc9cba51de0d6b343561a58854e039607a791426b5417dce21&rand=06967595
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=f94e39d1763948dd0fcd7ffd0b0c6ddc9cba51de0d6b343561a58854e039607a791426b5417dce21&rand=06967595&expected_cookie=0d070452-dcd9-496a-9c87-7ddb3f1e0a3b
0
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=f94e39d1763948dd0fcd7ffd0b0c6ddc9cba51de0d6b343561a58854e039607a791426b5417dce21&rand=06967595&expected_cookie=0d070452-dcd9-496a-9c87-7ddb3f1e0a3b
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 03812E9A46244135AA8EBED706A46A45 Ref B: LAXEDGE1614 Ref C: 2024-11-27T15:12:01Z
x-li-fabric
prod-lor1
x-li-uuid
AAYn5mM88dfO/JfUFBoqdg==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Wed, 27 Nov 2024 15:12:00 GMT

Redirect headers

linkedin-action
1
x-li-pop
afd-prod-lva1-x
location
/db_sync?pid=10339&puuid=f94e39d1763948dd0fcd7ffd0b0c6ddc9cba51de0d6b343561a58854e039607a791426b5417dce21&rand=06967595&expected_cookie=0d070452-dcd9-496a-9c87-7ddb3f1e0a3b
x-msedge-ref
Ref A: C44B677093334B4AAAF818EAFF78ECF0 Ref B: LAXEDGE1614 Ref C: 2024-11-27T15:12:00Z
x-li-fabric
prod-lor1
x-li-uuid
AAYn5mM49NBKvV3lvBjVAw==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
x-li-source-fabric
prod-lva1
date
Wed, 27 Nov 2024 15:12:00 GMT
/
www.google.com/pagead/1p-conversion/1026675585/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1732720319318&cv=7&fst=1732720319318&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=829510122&cv=7&fst=1732720319318&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHB...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=829510122&cv=7&fst=1732720319318&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi_yrECCLnBs...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/1026675585/?random=829510122&cv=7&fst=1732720319318&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi_yrECCLnBsQIIscOxAgiKxbECCMLJsQII68axAgjTxbECCKXGsQI&pscrd=IhMI3YeWmeb8iQMV4xOICR0r6DweMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiBodHRwczovL3RlbGVncmFtLWJvdC5nZXR6b290LnVzLw&is_vtc=1&cid=CAQSGwCa7L7d1589dh14AQ5DJkfpo2JBKp5Y7u9Siw&random=985026531
Protocol
H3
Server
172.217.165.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 27 Nov 2024 15:12:00 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://www.google.com/pagead/1p-conversion/1026675585/?random=829510122&cv=7&fst=1732720319318&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi_yrECCLnBsQIIscOxAgiKxbECCMLJsQII68axAgjTxbECCKXGsQI&pscrd=IhMI3YeWmeb8iQMV4xOICR0r6DweMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiBodHRwczovL3RlbGVncmFtLWJvdC5nZXR6b290LnVzLw&is_vtc=1&cid=CAQSGwCa7L7d1589dh14AQ5DJkfpo2JBKp5Y7u9Siw&random=985026531
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Wed, 27 Nov 2024 15:12:00 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
spotx_match
um.simpli.fi/ 		0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/spotx_match
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.236.220.17 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
17.220.236.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

access-control-allow-methods
GET, POST, OPTIONS
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-origin
*
date
Wed, 27 Nov 2024 15:11:59 GMT
x-content-type-options
nosniff
bounce
ib.adnxs.com/
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=35CF1AFDCC2B491FA08E6907C197322C
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D35CF1AFDCC2B491FA08E6907C197322C
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D35CF1AFDCC2B491FA08E6907C197322C
Protocol
H2
Server
68.67.160.114 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
162.245.206.246; 162.245.206.246; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
8c6bd81c-7eb0-48c4-9c74-4e18d57a802f
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Wed, 27 Nov 2024 15:12:00 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4

Redirect headers

cache-control
no-store, no-cache, private
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D35CF1AFDCC2B491FA08E6907C197322C
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
162.245.206.246; 162.245.206.246; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
ac685878-b695-4a64-949e-e8df582898cf
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Wed, 27 Nov 2024 15:12:00 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=35CF1AFDCC2B491FA08E6907C197322C&expires=365
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=35CF1AFDCC2B491FA08E6907C197322C&expires=365
Protocol
HTTP/1.1
Server
69.173.146.5 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
944e95ee0f10c9f2b2e7c77cc54a9a4a
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=35CF1AFDCC2B491FA08E6907C197322C&expires=365
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Tue, 26 Nov 2024 15:11:59 GMT
access-control-allow-origin
*
content-length
142
date
Wed, 27 Nov 2024 15:11:59 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=35CF1AFDCC2B491FA08E6907C197322C
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=35CF1AFDCC2B491FA08E6907C197322C&cc=1
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=35CF1AFDCC2B491FA08E6907C197322C&cc=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
x-forwarded-for
162.245.206.246
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 27 Nov 2024 15:12:00 GMT
content-type
image/gif
vary
Accept
server
OXGW/0.0.0

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=35CF1AFDCC2B491FA08E6907C197322C&cc=1
x-forwarded-for
162.245.206.246
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 27 Nov 2024 15:11:59 GMT
content-type
text/plain; charset=utf-8
vary
Origin
server
OXGW/0.0.0
g_match
um.simpli.fi/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
  • https://um.simpli.fi/g_match?id=&google_error=15
0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/g_match?id=&google_error=15
Protocol
H2
Server
35.236.220.17 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
17.220.236.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 15:12:00 GMT
access-control-allow-origin
*
date
Wed, 27 Nov 2024 15:12:00 GMT
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

cache-control
no-cache, must-revalidate
location
https://um.simpli.fi/g_match?id=&google_error=15
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
date
Wed, 27 Nov 2024 15:11:59 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
favicon-32x32.png
telegram-bot.getzoot.us/favicon/ 		904 B
0 		Other
General
Check archive.org
Download Go to
Full URL
https://telegram-bot.getzoot.us/favicon/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.49.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-50.jfk52.r.cloudfront.net
Software
/
Resource Hash
408d7ae0d335a7132c8040e06ff86dbb025d07e3404be4309ce16df4f47a8fc4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
max-age=5, stale-while-revalidate
etag
"961c38406e2fade68cd072520958e6d5"
via
1.1 8ca7450d970f904109dac7e068234b78.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
904
x-amz-cf-id
xfWMnS1GK8Chf-Rxh1GofJtkhzsafx51rT2yo8SHleUDs7x6XJFhqA==
date
Wed, 27 Nov 2024 15:11:59 GMT
content-type
image/png
last-modified
Wed, 27 Nov 2024 15:10:50 GMT
x-amz-cf-pop
JFK52-P3
56578
store.enigmalakecasino.com/store-packages/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://store.enigmalakecasino.com/store-packages/56578
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/_next/static/chunks/pages/_app-e5b0e88ab0373ebc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.245.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-245-201.compute-1.amazonaws.com
Software
/ Express
Resource Hash
a279da23c02524471b98f21af254922a5817ce4e173fb5767f9ee23ac1038119

Request headers

Authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJNblkzYkRFNFozaGpNVGhuZUdOdmJ3PT0ifQ.9JVv6QHVxwCm1AvZ6x5FKJeawmbhfnVVAxQAsbcSqRw
Referer
https://telegram-bot.getzoot.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

access-control-allow-origin
*
content-length
1289
date
Wed, 27 Nov 2024 15:12:00 GMT
etag
W/"509-xSh4NoLginTM8clW2cuJ5x5PHKw"
content-type
application/json; charset=utf-8
x-powered-by
Express
retrieve-play-limits-configuration
rgs.enigmalakecasino.com/ 		9 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rgs.enigmalakecasino.com/retrieve-play-limits-configuration
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/_next/static/chunks/pages/_app-e5b0e88ab0373ebc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.35.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-35-102.compute-1.amazonaws.com
Software
/ Express
Resource Hash
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

Request headers

User-Authorization
Bearer no-access-token
Referer
https://telegram-bot.getzoot.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

access-control-allow-origin
*
content-length
9
date
Wed, 27 Nov 2024 15:12:00 GMT
etag
W/"9-PatfYBLj4Um1qTm5zrukoLhNyPU"
content-type
text/plain; charset=utf-8
x-powered-by
Express
56578
store.enigmalakecasino.com/store-packages/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://store.enigmalakecasino.com/store-packages/56578
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.245.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-245-201.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://telegram-bot.getzoot.us
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
authorization
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Wed, 27 Nov 2024 15:11:59 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
httpapi
api2.amplitude.com/2/ 		94 B
218 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/_next/static/chunks/pages/_app-e5b0e88ab0373ebc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.191.83.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-191-83-64.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
3858942b79de8bd23d0c8e8c133c299c47ac19a82d3141ee82d8dc509a087624
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://telegram-bot.getzoot.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*/*
Content-Type
application/json

Response headers

strict-transport-security
max-age=15768000
access-control-allow-origin
*
content-length
94
date
Wed, 27 Nov 2024 15:12:00 GMT
content-type
application/json
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-303NNHXEN6&gtm=45je4bk0v9194103294za200&_p=1732720316177&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=323057854.1732720317&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1732720317&sct=1&seg=0&dl=https%3A%2F%2Ftelegram-bot.getzoot.us%2F&dt=ZOOT%3A%20Play%20Free%20Crash%2C%20Plinko%2C%20Mines%2C%20and%20Dice%20Games%20for%20Cash%20Prizes&en=scroll&epn.percent_scrolled=90&_et=12&tfd=6445
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-303NNHXEN6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://telegram-bot.getzoot.us/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://telegram-bot.getzoot.us
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 15:12:02 GMT
content-type
text/plain
server
Golfe2
retrieve-play-limits-configuration
rgs.enigmalakecasino.com/ 		9 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rgs.enigmalakecasino.com/retrieve-play-limits-configuration
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/_next/static/chunks/pages/_app-e5b0e88ab0373ebc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.35.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-35-102.compute-1.amazonaws.com
Software
/ Express
Resource Hash
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

Request headers

User-Authorization
Bearer no-access-token
Referer
https://telegram-bot.getzoot.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

access-control-allow-origin
*
content-length
9
date
Wed, 27 Nov 2024 15:12:02 GMT
etag
W/"9-PatfYBLj4Um1qTm5zrukoLhNyPU"
content-type
text/plain; charset=utf-8
x-powered-by
Express
retrieve-play-limits-configuration
rgs.enigmalakecasino.com/ 		9 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rgs.enigmalakecasino.com/retrieve-play-limits-configuration
Requested by
Host: telegram-bot.getzoot.us
URL: https://telegram-bot.getzoot.us/_next/static/chunks/pages/_app-e5b0e88ab0373ebc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.35.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-35-102.compute-1.amazonaws.com
Software
/ Express
Resource Hash
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

Request headers

User-Authorization
Bearer no-access-token
Referer
https://telegram-bot.getzoot.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

access-control-allow-origin
*
content-length
9
date
Wed, 27 Nov 2024 15:12:06 GMT
etag
W/"9-PatfYBLj4Um1qTm5zrukoLhNyPU"
content-type
text/plain; charset=utf-8
x-powered-by
Express
retrieve-play-limits-configuration
rgs.enigmalakecasino.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rgs.enigmalakecasino.com/retrieve-play-limits-configuration
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.35.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-35-102.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,user-authorization
Access-Control-Request-Method
POST
Origin
https://telegram-bot.getzoot.us
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,user-authorization
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Wed, 27 Nov 2024 15:12:06 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer function| snaptr object| r function| rdt string| TiktokAnalyticsObject object| ttq function| fbq function| _fbq function| redditNormalizeEmail object| _scPxHelper object| _scPxTeller object| webpackChunk_N_E function| __next_set_public_path__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks function| __NEXT_PRELOADREADY function| OneSignalDeferred function| HowlerGlobal object| Howler function| Howl function| Sound object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST object| analyticsConnectorInstances object| sifi_att_2304329797678 number| __oneSignalSdkLoadCount function| OneSignal object| Telegram function| TelegramGameProxy_receiveEvent object| TelegramGameProxy

74 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 669381af4a0f468cb95458c3b530b177
.getzoot.us/ Name: _rdt_uuid
Value: 1732720316428.af0b4a5a-3cea-49c2-a062-b9ea217c1b3c
.getzoot.us/ Name: _scid
Value: EJyrdnnolXHOwd9lUBBIB1ihZ_HkQ7gt
.getzoot.us/ Name: _scid_r
Value: EJyrdnnolXHOwd9lUBBIB1ihZ_HkQ7gt
.tiktok.com/ Name: _ttp
Value: 2pRE6yne25p5YTc0YGzdaXSxkwz
.getzoot.us/ Name: _ScCbts
Value: %5B%5D
.getzoot.us/ Name: _fbp
Value: fb.1.1732720316840.321949268294443379
.getzoot.us/ Name: _ga
Value: GA1.1.323057854.1732720317
.getzoot.us/ Name: _ga_303NNHXEN6
Value: GS1.1.1732720317.1.0.1732720317.0.0.0
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAE3GwRGAIAwEwIoykyOnOe0GIVZB8XzZ1+Iq9j+GaSiNMcs6H9gsOVUQvnuB/iKjZfNArqO+AQEOv1xAAAAA
.getzoot.us/ Name: _tt_enable_cookie
Value: 1
.getzoot.us/ Name: _ttp
Value: ul8L94egj3ZF6fFMllZGMciezNC.tt.1
.tapad.com/ Name: TapAd_TS
Value: 1732720317427
.tapad.com/ Name: TapAd_DID
Value: 5de668c4-140b-4b0a-8de3-4846b3f07778
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.getzoot.us/ Name: _sctr
Value: 1%7C1732701600000
.getzoot.us/ Name: AMP_MKTG_c7f5fce100
Value: JTdCJTdE
.onesignal.com/ Name: __cf_bm
Value: 3zMG0K_6n40UV0NYesOfqmu2YXrcGsM7hTzaXUpeNRY-1732720318-1.0.1.1-.MduiMSGJ2N60pmOpIL8J3jqyCL.mOmJhITL9brNfRTjFrqH6PsSYj218_72tiaYUlqzRqsmcPXezVkILvOLyQ
.simpli.fi/ Name: suid
Value: 35CF1AFDCC2B491FA08E6907C197322C
.simpli.fi/ Name: uid_syncd_secure
Value: true
.getzoot.us/ Name: AMP_c7f5fce100
Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjJmZGEwMjQxNC1jYzdjLTRhNGEtOTM3YS0zNWUzODE1ODA2YjYlMjIlMkMlMjJ1c2VySWQlMjIlM0ElMjJ1c2VyNTY1NzglMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNzMyNzIwMzE4MDYwJTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTczMjcyMDMxOTgxOCUyQyUyMmxhc3RFdmVudElkJTIyJTNBNCUyQyUyMnBhZ2VDb3VudGVyJTIyJTNBMSU3RA==
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.openx.net/ Name: i
Value: 955aea25-ed21-4cf9-b00f-60196b3f9b17|1732720320
.3lift.com/ Name: tluidp
Value: 2399254060999018195721
.3lift.com/ Name: tluid
Value: 2399254060999018195721
.rlcdn.com/ Name: rlas3
Value: xnxyJThz9cd9e/zs4fw4jYYvqTD2rEE78RNAxi0xK2o=
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-c936eb4f-1f5f-4708-a57a-0ecb8aa7b3f4-005%22%7D
.agkn.com/ Name: ab
Value: 0001%3AkOz6NlldckD8kOMQlnTUYUcSr3%2FKKS3C
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: ScUcNTsO6c
.smaato.net/ Name: SCM
Value: 8c4e7df613
.smaato.net/ Name: SCMaps
Value: 8c4e7df613
.smaato.net/ Name: SCM1001136
Value: 8c4e7df613
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:35CF1AFDCC2B491FA08E6907C197322C&KRTB&23486-uid:35CF1AFDCC2B491FA08E6907C197322C&KRTB&23489-uid:35CF1AFDCC2B491FA08E6907C197322C&KRTB&23539-uid:35CF1AFDCC2B491FA08E6907C197322C
.pubmatic.com/ Name: PugT
Value: 1732720318
.pro-market.net/ Name: anHistory
Value: "-vk8317swcmvq+2+!#7')%e!aNZ"
.yahoo.com/ Name: A3
Value: d=AQABBMA2R2cCEI-xHgjN5ABMPvr7VX5w-0kFEgEBAQGISGdRZ9wr0iMA_eMAAA&S=AQAAAlerqhdzuNvZNAM6iGOjHTw
.rlcdn.com/ Name: pxrc
Value: CMDtnLoGEgUI6AcQABIFCOhHEAA=
.lijit.com/ Name: ljt_reader
Value: JvMQAQZHdx_ZQayKQuOuNWGi
.rubiconproject.com/ Name: audit_p
Value: 1|V0pKrIlmLp3PZiue8CdNDjTPqIG6/1086Z1osg95B+MJD8deNwibMN2I+FcvSKcoGSvMXhyZNfgwHTRO1/p4iGfsp8ABdinMMf+s+oisr/6UhlEd8cDWDV4FSGqZmY8RjCLbLRCaUFhNbYPwswicUAITiw3EDom9deodiyl5GGjz2vDHqR/c6KfkLNxlFhbb
.rubiconproject.com/ Name: khaos
Value: M400XVT4-21-1F2P
.rubiconproject.com/ Name: khaos_p
Value: M400XVT4-21-1F2P
.rubiconproject.com/ Name: audit
Value: 1|V0pKrIlmLp3PZiue8CdNDjTPqIG6/1086Z1osg95B+MJD8deNwibMN2I+FcvSKcoGSvMXhyZNfgwHTRO1/p4iGfsp8ABdinMMf+s+oisr/6UhlEd8cDWDV4FSGqZmY8RjCLbLRCaUFhNbYPwswicUAITiw3EDom9deodiyl5GGjz2vDHqR/c6KfkLNxlFhbb
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.exelator.com/ Name: EE
Value: "d41aef9118ca75ad072148bc52909fd9"
.intentiq.com/ Name: IQPData
Value: 2734018294#1732720320349#0#1732720320349
.intentiq.com/ Name: intentIQCDate
Value: 1732720320350
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: CSDT
Value: UEQ6MTAwNDNfMCZVVkxCc2pC
.adnxs.com/ Name: XANDR_PANID
Value: vNxH7WgAH_ZWKpyOCJ4OSk7IofVFzeAfHZiMngYqcmp7_GKAlXZJ3UZ6sy1CKDQgBH3A9uHVyYLTcHgflImQbDI3iFvtfhnRF8B-WPbkCc8.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 926540749808321175
.bfmio.com/ Name: __141_cid
Value: 35CF1AFDCC2B491FA08E6907C197322C
.bfmio.com/ Name: __io_cid
Value: 09217872ca5935f7285aa7514ee3102f1c5dfa1e
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHFxDAxNc3S0NAiOdHcNDHFwNzI0MQiKdnUyNLAMi3FcnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDYcEl%252BUWb6otDgxUUpaQyLSopPBZ%252FcLg4Ap%252BEqTA%253D%253D"
.lijit.com/ Name: _ljtrtb_2
Value: 35CF1AFDCC2B491FA08E6907C197322C
.ads.stickyadstv.com/ Name: UID
Value: 761776ae7d61c47ae313fdf9ec68c3
.ads.stickyadstv.com/ Name: uid-bp-26865
Value: 35CF1AFDCC2B491FA08E6907C197322C
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 40b3cceb43aa5f28d4b038e13447cd9d
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2HaLLkq4i!@wnfH8KW.dG5<#Z0s0+qy8NJp5TeHoGHd9pnUTinK+yAD1'nIFq:eyoAK=1rD:Lz(j#iP(Md+>)fy*Kf?!vC
.pippio.com/ Name: did
Value: UY2wBrWTYhuJBh-s
.pippio.com/ Name: didts
Value: 1732720320
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CMDtnLoGEgYIgr0rEAA=
.agkn.com/ Name: u
Value: C|0AAAAAAAALtnzQAAAAAAA
.amazon-adsystem.com/ Name: ad-id
Value: A9Sy-qzQD0FTswa9Uyb1V5Q
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.analytics.yahoo.com/ Name: IDSYNC
Value: "176k~2m2f:19ba~2m2f"
.pro-market.net/ Name: anProfile
Value: "-vk8317swcmvq+1+1f=1+1g=1+1j=57:1+rs=s+rt=2A04C604061500010000000000000002+s2=(snm7k0)+vm=24-35CF1AFDCC2B491FA08E6907C197322C:81-y-TDyyHrBE2pSfjSUDr_zJ8.AoIhPOQzYsXs4-%7EA"
.linkedin.com/ Name: li_sugr
Value: 0d070452-dcd9-496a-9c87-7ddb3f1e0a3b
.linkedin.com/ Name: bcookie
Value: "v=2&6a3914d8-a878-4b6f-8785-0ad3a9cbadb1"
.linkedin.com/ Name: lidc
Value: "b=OGST07:s=O:r=O:a=O:p=O:g=3042:u=1:x=1:i=1732720321:t=1732806721:v=2:sig=AQGmLzit-sxWia78ASykk_1vNImU23yl"
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-c936eb4f-1f5f-4708-a57a-0ecb8aa7b3f4-005%22%7D

6 Console Messages

Source Level URL
Text
network error URL: https://rgs.enigmalakecasino.com/retrieve-play-limits-configuration
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://auth.enigmalakecasino.com/auth-telegram
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://rgs.enigmalakecasino.com/retrieve-play-limits-configuration
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://stags.bluekai.com/site/29931?id=35CF1AFDCC2B491FA08E6907C197322C
Message:
Failed to load resource: the server responded with a status of 500 (Internal Server Error)
network error URL: https://rgs.enigmalakecasino.com/retrieve-play-limits-configuration
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://rgs.enigmalakecasino.com/retrieve-play-limits-configuration
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ads.stickyadstv.com
alb.reddit.com
analytics.tiktok.com
api.radar.io
api2.amplitude.com
auth.enigmalakecasino.com
bcp.crwdcntrl.net
cdn.onesignal.com
ce.lijit.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
d.agkn.com
eb2.3lift.com
fei.pro-market.net
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
level-up.enigmalakecasino.com
loadm.exelator.com
pbid.pro-market.net
pippio.com
pixel-config.reddit.com
pixel.rubiconproject.com
pixel.tapad.com
px.ads.linkedin.com
reward.enigmalakecasino.com
rgs.enigmalakecasino.com
s.ad.smaato.net
s.amazon-adsystem.com
sc-static.net
simplifi.partners.tremorhub.com
sr-client-cfg.amplitude.com
stags.bluekai.com
store.enigmalakecasino.com
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.targeting.unrulymedia.com
tag.simpli.fi
telegram-bot.getzoot.us
telegram.org
tr.snapchat.com
tr6.snapchat.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
wallet.enigmalakecasino.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.redditstatic.com
107.178.254.65
108.138.128.29
108.138.128.83
142.250.65.162
142.250.80.98
142.251.40.226
151.101.129.140
151.101.65.140
172.217.165.132
18.233.92.127
18.238.49.50
2001:4998:14:800::1000
2001:4998:14:800::1001
2001:67c:4e8:f004::9
23.47.69.85
23.48.224.112
2600:1901:0:8eee::
2600:1f18:612b:4232:32bf:c12c:81c0:4994
2600:9000:21f9:7600:19:fc2c:a140:93a1
2600:9000:2512:fa00:1b:6b7d:2300:93a1
2600:9000:2840:a000:1b:5138:8a40:93a1
2606:4700::6810:a091
2606:4700::6811:2474
2607:f8b0:4006:809::200e
2607:f8b0:4006:821::2008
2620:1ec:21::14
2a04:4e42:400::396
3.163.245.4
3.213.29.127
31.13.80.12
31.13.80.36
34.111.113.62
34.204.27.94
34.86.110.8
35.190.43.134
35.236.220.17
35.244.154.8
35.244.159.8
35.71.139.29
44.195.212.175
50.16.197.56
52.207.36.173
52.23.143.117
52.73.245.201
54.191.83.64
54.210.193.121
54.87.35.102
63.251.28.230
68.67.160.114
69.173.146.5
69.194.240.13
8.28.7.83
98.82.156.107
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
10429db431cbd2fc042c7397c8f1e62996d636ddeef2702c912d9fb7fc650c35
1b8cdfd5b62b170ac1f489ba68c3d32e64d4908eed272afa94314a2b3a9b18e5
1c60acc794f88dab172d6f8db8d1c7e44ed07e1d9ab1d1ffdba1bfffcbb643f4
1d3d48e641ed1e4d66a36104e9019ef9c6efeded957e797751c8e393881f6b1d
1e2e6fcdd7f9ebb38ef2e0d2aa2281029760d1dd587484afe27d3232f312b95d
1e36b61e63a69448049579ae0cd7c53e9bd35f7aadf3a972b5ebc05849eaef68
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4
2e8ec3162b1764f923d783726ff27fc7087ac6ba116004ad3294a3d9f08a7057
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
32ad1e889151fb2eb23f1e0412879605fba2899fc01a3865388b99d1c1d96e6c
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
3606c679d28f0b91ff876c8648271304ae6d140b645f4e89fff5b7678b62d01d
370e921b36c8fc08a311d6260fce1282736cc2c70a25eb5ba288edfb41f3d344
3858942b79de8bd23d0c8e8c133c299c47ac19a82d3141ee82d8dc509a087624
3a7848afa1330d6c9bfa6c172365903838dc78069cd6329d42ccb7713eb8b40b
3ab59994e7fad6650796e799102a64bcd660dd1b421887c74989729fcea14efc
3b8ffb4c6aaab9251a7a4018446683bbee001efaca1ebd2e8a4741f9e3cdca0e
3ccd02d196dfd79d9e0450210cd6374ce60eb19f60ec982b784903d50f3b01da
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
408d7ae0d335a7132c8040e06ff86dbb025d07e3404be4309ce16df4f47a8fc4
41ab0f707a2bfab8133ccdfcdab52282f5f79e5751f43a264805451c7bb95fb8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dec061aef7fccabbb6fe5d6e351b0138a39518bb6536461518c5fd8ac8fa106
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
509c91550d95f660784edbbb99591dd3861aea5c7acc25a235b1c20583567a10
50fac7cc87557c0f41784f3bfac466a955ed92944da843c01a64af2f9ff83c77
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
5607bc0b49036b5f13acf3f5767e0fb2fb947f5369bda253939e78e2b11f85b4
57ce9b5a668b125901362c53e5cfdb4eb9dda721b609f6d71d2eb4b17a4e4e7c
5a9efec100431bc415873a79a4b2010f58dbc0df8d78389a3310b5fc4da03a6e
5b2c86852b771ada2a3e4e3246313b87062ca19a4917585d66f173b7223fbd3f
5ca5bab28b5e0ce04c1e3083ab3796f0a76421d169d5f67e9493148c1bc64403
5d3eaf7280c218176574118f4741e8a1e5df4a2a29eb3896300da1110122bee0
692e66cc3093d92a8f802a8a55b13ffba48f9ac3c19b965eed6cc66a7ca06933
6d38f3c2a9a566f74dfe985f5b0b737090548288da6ee06a160e5daef42b4d01
6e30ff29f6fb308f7cfd2c3dd57faea6b19d77c770e9a176f7a35eaa91c635a0
72632191ef37b7a2d65ce91a0305aec5d7f6b894d66ef622fb45b2f04c08147c
739a03b4c7ce43f6d6360f4529cb3f16aa3c1806e9bb3d86d88a22a8cefa33c6
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
78bc691b42eaff9ba2915265659313d172a9eb489f84ff6dd5910bf83d657d10
790c108befe859dac2ddbd20af3fbb6917c601b3d544c8a05761519f3b5508fe
7cbe2d6dafff1b040f1a1335e46d555381cbf0fd83046ba01dda237cd97a8e50
8396c93c04cbdb050f158c1ea59949a21b6397f976039e2b702335c9029dde40
85a4c1a3b0ee369def3c8744acb9c00f3ff5cc04bc215e4968a32b82d0da50c7
8745e48f7457acc518f4049989cdfc4b751c2f09c5b6b3b9367b0c927e3756e5
8acca811dd3b09305760bae81d90cc79ffc5f4592c605d5d3d56e0d8b9363520
8b35ff683f157c9dbbfc1f693dd38d97740ca1e2c8098faac0f1a147315a073a
8c324a50bd78108c7a50b82e840ac5afaf51b7d1aa0166ce13e11b69f1cb915e
909fd952ee2f8375f718dd7b1ea8cbfdde7d4db3b69a6866e3864cb65539aa9a
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a279da23c02524471b98f21af254922a5817ce4e173fb5767f9ee23ac1038119
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab1cfc28bff5790ae155d7f14de7db11abcf99b4167b919072168e80ed275528
abe2c7da56b1d8b19e47531c48dffbac0dd8d0cb29283fae667e18d6291b0d60
ad41e725a7576861cc6ae4898092b7818c7b501e934e0823d4641ee448b89367
b0f76feb5b2534b314fb4719ebc7b2b78dc899f5e460efdfc7acc242ef74740b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b181602adb198309c6adeab3134873eac9cc9d1bc0ad391de8b64696f8620b5b
b7cc0b2f938cd424fb4c8a4bc827c59db6560a1ea81b37f6a55a61bd21976401
ba8c86fb6b4989631cabc7ff653615e2e0bab4ff0be98e0dc8fdf8195947341a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be4eaa95508ddf91d45596739d725fe9154d199b5c0bdcef539f53495a15f4e1
c02cb17e42f5182e22904bae69d5adfd819b2c79184858ed0939cdfae14783a5
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c621d6faf0b6eadeffbae8461aa4068441e9b10c4dad24671214ed7dea673923
c83a23e3ab1464dfa7b486fd10aab39ab178e68f7bfe58ce36103d2d98805aab
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf6a5cfe750f2f9658cf02bf14b39715b9de116b58ef6c52bd6f56e19e7e2ce6
d02a0b7708cdbc110e185a2e5c82796aaa6649813de8201b796cda2329c3577f
d46203229ce89e35550e1e33ab09f05b8c7533c4b344f78650e27f2306fe2601
d50343fadf10c087a2cbb26c568d603de76992670797524c7b355fc485daa1b8
d6f020fec44443300143ec6714f483ed9b9e70ae647e4348cad5074f229d5fcb
d7e8162afe84150afdc33c01418664c6c70cb69fb0174139c64c028e9bfa12e8
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
df12e34512e4bafefe5e3955bc233f4de11893c75e0712fb062f7ae01748c261
e1c442afb55abed29331458a088295400e7eabb2dffa9689cad789419f2520eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e544b8a575a522084830de320d2c1f56bd9cad9b953000be157d28e88c1621a8
e71c1499a3bd897b0ebe011fc9b4ede7e274b6187c54d01aa0118faa18a2ca54
e8cbc2b88bc4268237ff5e251776d3c54edcb14e015a9e66e4883bde4b55f13f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01233b1b8116c4bd8a490b04e66fad094b6b1e741dc82dec537115ea102989d
f2126f20a76cd97acc850e3ccf7b33177227c6525dc0055142aba84b144c7114
f64e22c653d617519d1a432f82ff7441395b57e84e19a82179e8ae1c8000506c
fe5c9d09a31d5dd2a51bdf4b6119b38b72ece62b9be341e05033fb7fad9ae2cf