grandwin189ss.vip Open in urlscan Pro
162.0.222.252 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://grandwin189ss.vip/
Effective URL:
https://grandwin189ss.vip/dekstop/index.php
Submission: On August 04 via api (August 4th 2024, 12:18:32 pm UTC) from US — Scanned from US

Summary HTTP 261 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 25 domains to perform 261 HTTP transactions. The main IP is 162.0.222.252, located in Lebanon, United States and belongs to NAMECHEAP-NET, US. The main domain is grandwin189ss.vip.
TLS certificate: Issued by E6 on August 3rd 2024. Valid for: 3 months.

This is the only time grandwin189ss.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
40	162.0.222.252 162.0.222.252	22612 (NAMECHEAP...) (NAMECHEAP-NET)
150	2606:4700:440... 2606:4700:4400::ac40:9ac7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	18.238.80.114 18.238.80.114	16509 (AMAZON-02) (AMAZON-02)
2	91.195.240.123 91.195.240.123	47846 (SEDO-AS) (SEDO-AS)
1	2607:f8b0:400... 2607:f8b0:400d:c02::5f	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:400d:c1d::5e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:1247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.4.219.198 142.4.219.198	16276 (OVH) (OVH)
2	2606:4700:21:... 2606:4700:21::8d65:780b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:21:... 2606:4700:21::8d65:780a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.222.79.162 23.222.79.162	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	3.128.134.25 3.128.134.25	16509 (AMAZON-02) (AMAZON-02)
1	104.18.34.83 104.18.34.83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	67.202.105.32 67.202.105.32	32748 (STEADFAST) (STEADFAST)
3	108.138.85.101 108.138.85.101	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::ac43:4aba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	54.38.113.3 54.38.113.3	16276 (OVH) (OVH)
3 5	34.197.192.192 34.197.192.192	14618 (AMAZON-AES) (AMAZON-AES)
2 2	172.217.222.156 172.217.222.156	15169 (GOOGLE) (GOOGLE)
1	23.222.79.232 23.222.79.232	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.48.203.105 23.48.203.105	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	67.202.105.22 67.202.105.22	32748 (STEADFAST) (STEADFAST)
1	23.220.132.230 23.220.132.230	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	54.84.119.200 54.84.119.200	14618 (AMAZON-AES) (AMAZON-AES)
3 4	68.67.179.87 68.67.179.87	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.244.154.8 35.244.154.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	67.202.105.23 67.202.105.23	32748 (STEADFAST) (STEADFAST)
1	23.48.203.112 23.48.203.112	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.209.253.154 18.209.253.154	14618 (AMAZON-AES) (AMAZON-AES)
261	27

40 162.0.222.252 (Lebanon, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server1.trezor.page

grandwin189ss.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

150 2606:4700:4400::ac40:9ac7 (United States)

ASN13335 (CLOUDFLARENET, US)

images.linkcdn.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 18.238.80.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-80-114.jfk52.r.cloudfront.net

nh162r8lww.wudftnbdmd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.195.240.123 (Germany)

ASN47846 (SEDO-AS, DE)

kaisar303top.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c02::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:400d:c1d::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:1247 (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.4.219.198 (Canada)

ASN16276 (OVH, FR)
PTR: ns5000868.ip-142-4-219.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:21::8d65:780b (United States)

ASN13335 (CLOUDFLARENET, US)

e.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:21::8d65:780a (United States)

ASN13335 (CLOUDFLARENET, US)

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.222.79.162 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-222-79-162.deploy.static.akamaitechnologies.com

pxdrop.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.128.134.25 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-128-134-25.us-east-2.compute.amazonaws.com

pd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.34.83 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.85.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-85-101.iad12.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4aba (United States)

ASN13335 (CLOUDFLARENET, US)

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.38.113.3 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: falcon-6.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.197.192.192 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-192-192.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.222.156 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: qi-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.222.79.232 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-222-79-232.deploy.static.akamaitechnologies.com

pxdrop.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.48.203.105 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-203-105.deploy.static.akamaitechnologies.com

t.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.105.22 (United States) 2 redirects

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net

dp2.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.220.132.230 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-132-230.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.84.119.200 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-119-200.compute-1.amazonaws.com

map.go.affec.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.179.87 (North Bergen, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.23 (United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net

dp1.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.48.203.112 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-203-112.deploy.static.akamaitechnologies.com

t.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.209.253.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-253-154.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
150	linkcdn.cloud images.linkcdn.cloud — Cisco Umbrella Rank: 19249	2 MB
40	grandwin189ss.vip grandwin189ss.vip	2 MB
30	wudftnbdmd.net nh162r8lww.wudftnbdmd.net — Cisco Umbrella Rank: 323052	4 MB
5	eyeota.net 3 redirects ps.eyeota.net — Cisco Umbrella Rank: 1596	3 KB
4	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 764	4 KB
4	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1256 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1296	21 KB
4	sharethis.com pd.sharethis.com — Cisco Umbrella Rank: 30000 t.sharethis.com — Cisco Umbrella Rank: 7974	5 KB
4	gstatic.com fonts.gstatic.com	40 KB
3	affec.tv 2 redirects map.go.affec.tv — Cisco Umbrella Rank: 12931	2 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 505	2 KB
3	33across.com 3 redirects dp2.33across.com — Cisco Umbrella Rank: 23691 dp1.33across.com — Cisco Umbrella Rank: 7472	1 KB
3	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 18487 ic.tynt.com — Cisco Umbrella Rank: 15045 de.tynt.com — Cisco Umbrella Rank: 2349	9 KB
3	dtscout.com e.dtscout.com — Cisco Umbrella Rank: 8004 t.dtscout.com — Cisco Umbrella Rank: 6811	4 KB
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 669	879 B
2	doubleclick.net 2 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 363	2 KB
2	onaudience.com 2 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3463	800 B
2	lijit.com pxdrop.lijit.com — Cisco Umbrella Rank: 6153	2 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 6836 s4.histats.com — Cisco Umbrella Rank: 6819	5 KB
2	kaisar303top.top kaisar303top.top	67 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 689	439 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 1219
1	dtscdn.com t.dtscdn.com — Cisco Umbrella Rank: 7251	602 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
0	krxd.net Failed usermatch.krxd.net Failed
0	borneo138.xyz Failed borneo138.xyz Failed
261	25

	Domain	Requested by
150	images.linkcdn.cloud	grandwin189ss.vip
40	grandwin189ss.vip	grandwin189ss.vip
30	nh162r8lww.wudftnbdmd.net	grandwin189ss.vip
5	ps.eyeota.net	3 redirects grandwin189ss.vip
4	secure.adnxs.com	3 redirects grandwin189ss.vip
4	fonts.gstatic.com	fonts.googleapis.com
3	map.go.affec.tv	2 redirects grandwin189ss.vip
3	match.adsrvr.org	3 redirects
3	tags.crwdcntrl.net	e.dtscout.com tags.crwdcntrl.net
2	px.ads.linkedin.com	1 redirects grandwin189ss.vip
2	dp2.33across.com	2 redirects
2	t.sharethis.com	pd.sharethis.com t.sharethis.com
2	cm.g.doubleclick.net	2 redirects
2	pixel.onaudience.com	2 redirects
2	pd.sharethis.com	e.dtscout.com grandwin189ss.vip
2	pxdrop.lijit.com	e.dtscout.com pxdrop.lijit.com
2	t.dtscout.com	e.dtscout.com
2	kaisar303top.top	grandwin189ss.vip
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	dp1.33across.com	1 redirects
1	idsync.rlcdn.com	grandwin189ss.vip
1	tags.bluekai.com	de.tynt.com
1	de.tynt.com	cdn.tynt.com
1	t.dtscdn.com	e.dtscout.com
1	ic.tynt.com	grandwin189ss.vip
1	cdn.tynt.com	e.dtscout.com
1	e.dtscout.com	s4.histats.com
1	s4.histats.com	s10.histats.com
1	s10.histats.com	grandwin189ss.vip
1	fonts.googleapis.com	grandwin189ss.vip
0	usermatch.krxd.net Failed	grandwin189ss.vip
0	borneo138.xyz Failed	grandwin189ss.vip
261	32

This site contains links to these domains. Also see Links.

Domain
apps.freshapp.top
wa.me
direct.lc.chat
api.whatsapp.com

Subject Issuer	Validity	Valid
grandwin189ss.vip E6	`2024-08-03` - `2024-11-01`	3 months	crt.sh
linkcdn.cloud WE1	`2024-06-11` - `2024-09-09`	3 months	crt.sh
zcmixsinxu.net Amazon RSA 2048 M03	`2024-07-24` - `2025-08-22`	a year	crt.sh
kaisar303top.top Encryption Everywhere DV TLS CA - G2	`2024-05-25` - `2025-05-24`	a year	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
s10.histats.com E5	`2024-06-09` - `2024-09-07`	3 months	crt.sh
histats.com R3	`2024-05-13` - `2024-08-11`	3 months	crt.sh
dtscout.com WE1	`2024-07-13` - `2024-10-11`	3 months	crt.sh
cert2-prod.aut.a24365.net R11	`2024-07-26` - `2024-10-24`	3 months	crt.sh
sharethis.com Amazon RSA 2048 M03	`2024-04-21` - `2025-05-20`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-05` - `2024-09-30`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
dtscdn.com WE1	`2024-07-09` - `2024-10-07`	3 months	crt.sh
cert1-prod.aut.a24365.net R10	`2024-08-02` - `2024-10-31`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://grandwin189ss.vip/dekstop/index.php
Frame ID: B0FC461392BB11CB3A18296DED0F133B
Requests: 257 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=6D001722773902C5ADF6888CD5A3D280
Frame ID: 76F5C2668CFCFA4FEADEC28B3DED1836
Requests: 1 HTTP requests in this frame

Frame: https://pxdrop.lijit.com/a/t_.htm?ver=1.1497.794&cid=c026&cls=sync
Frame ID: D445828CB5A8FAEAF16EC8945D76E9F5
Requests: 1 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/27519?id=212748806079742&ret=html&random=1722773903
Frame ID: 5F88EBD5B5106EB88C17B302166DE109
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1497.23400&cid=c010&cls=C
Frame ID: 6BE495BE308C007FFC15F3EAE9155E3E
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 14F5A653D9893116D633C03C0F16AF09
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GRANDWIN189 Mainkan game terbaik yang di sediakan oleh slot thailand dengan permainan seru dan cashback, serta bonus 80% untuk new member. Nikmati game judi online slot gacor bersama situs slot thaila

Page URL History Show full URLs

https://grandwin189ss.vip/ Page URL
https://grandwin189ss.vip/dekstop/index.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

261
Requests

95 %
HTTPS

26 %
IPv6

25
Domains

32
Subdomains

27
IPs

5
Countries

9287 kB
Transfer

10654 kB
Size

100
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://apps.freshapp.top/KAISAR303.apk

Search URL Search Domain Scan URL

URL: https://wa.me/620
Title: 620

Search URL Search Domain Scan URL

URL: https://direct.lc.chat///
Title: Live Chat

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=&text=Hallo.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://grandwin189ss.vip/ Page URL
https://grandwin189ss.vip/dekstop/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 244

https://pixel.onaudience.com/?partner=137085098&mapped=6D001722773902C5ADF6888CD5A3D280 HTTP 302
https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m HTTP 302
https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=0926c32a5d118202 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Ml9DM1ZvQWVBM3JHNzVIelRmb3VjN2dlT3FaZUxxcDlQSmhOSlRzQzIyX1E&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=Ml9DM1ZvQWVBM3JHNzVIelRmb3VjN2dlT3FaZUxxcDlQSmhOSlRzQzIyX1E&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_tc= HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESEGn3Rsz5k2ptpN_hLRPGBO4&google_cver=1

Request Chain 249

https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1722773903293.6 HTTP 302
https://tags.bluekai.com/site/27519?id=212748806079742&ret=html&random=1722773903

Request Chain 250

https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1722773903293.1 HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=&us_privacy=&random=1722773903293.1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match?uid=41dcb0d9-2068-47aa-9f9b-7c57ebb0fa40&bid=1e2n4ou

Request Chain 251

https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKS2avcY9Z4ujjCqSXAg%3D%3D&us_privacy=&_rand=1722773903293.2 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKS2avcY9Z4ujjCqSXAg%3D%3D&us_privacy=&_rand=1722773903293.2&expected_cookie=aa210e72-0501-4cc4-86fc-f1350d66c58a

Request Chain 252

https://map.go.affec.tv/map/3a/?pid=CoIKS2avcY9Z4ujjCqSXAg%3D%3D&us_privacy=&ts=1722773903293.3 HTTP 303
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D66af718ffb1b0600017d330c%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent= HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D66af718ffb1b0600017d330c%2526chc%253Dtt%2526redirect_url%253D%2526gdpr%253D%2526gdpr_consent%253D%26gdpr%3D%26gdpr_consent%3D HTTP 302
https://map.go.affec.tv/map/an/6592763482150600026?ch=66af718ffb1b0600017d330c&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent= HTTP 303
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://map.go.affec.tv/map/ttd/a32b7d58-7c66-4c64-96f2-d1322fffcb81?ttd_puid=&gdpr=0&gdpr_consent=

Request Chain 253

https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKS2avcY9Z4ujjCqSXAg%3D%3D&us_privacy=&random=1722773903293.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKS2avcY9Z4ujjCqSXAg%3D%3D&us_privacy=&random=1722773903293.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=f62a81f1-e8fd-4a0d-84cc-d697bf7af123%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=f62a81f1-e8fd-4a0d-84cc-d697bf7af123%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a32b7d58-7c66-4c64-96f2-d1322fffcb81&ttd_puid=f62a81f1-e8fd-4a0d-84cc-d697bf7af123%2Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad%2C HTTP 302
https://usermatch.krxd.net/um/v2?partner=tapad

Request Chain 254

https://dp2.33across.com/ps/?pid=1205&rand=1722773903293.5 HTTP 302
https://idsync.rlcdn.com/405716.gif?partner_uid=212727678389025

Request Chain 255

https://dp1.33across.com/ps/?pid=669&uid=CoIKS2avcY9Z4ujjCqSXAg%3D%3D&us_privacy=&random=1722773903293.7&pu=https%3A%2F%2Fgrandwin189ss.vip%2Fdekstop%2Findex.php HTTP 302
https://secure.adnxs.com/mapuid?t=2&member=1001&user=212727652623561&seg_code=33x&random=1722773903 HTTP 307
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212727652623561%26seg_code%3D33x%26random%3D1722773903

261 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 /
grandwin189ss.vip/ 4 KB
2 KB 312ms
103ms Document
text/html 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://grandwin189ss.vip/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 1569
content-type: text/html; charset=UTF-8
date: Sun, 04 Aug 2024 12:18:20 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding

GET
H2 200 Primary Request index.php Show response
grandwin189ss.vip/dekstop/ 120 KB
13 KB 99ms
99ms Document
text/html 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://grandwin189ss.vip/dekstop/index.php
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: 86664a77da8b3ccad854b3a6bb20e20dbb02d6200df42c32d14ea6dd4326ed23

Request headers

Referer: https://grandwin189ss.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 04 Aug 2024 12:18:20 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding

GET
H3 200 fa-solid-900.woff2
grandwin189ss.vip/dekstop/themes/default/font/font-awesome/webfonts/ 78 KB
79 KB 96ms
96ms Font
font/woff2 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://grandwin189ss.vip/dekstop/themes/default/font/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: 6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
Origin: https://grandwin189ss.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:20 GMT
last-modified: Fri, 21 Jun 2024 07:15:52 GMT
server: LiteSpeed
etag: "139ac-667528a8-320cba;;;"
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 80300
expires: Sun, 11 Aug 2024 12:18:20 GMT

GET
H3 200 fa-brands-400.woff2
grandwin189ss.vip/dekstop/themes/default/font/font-awesome/webfonts/ 77 KB
77 KB 237ms
236ms Font
font/woff2 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://grandwin189ss.vip/dekstop/themes/default/font/font-awesome/webfonts/fa-brands-400.woff2
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: 71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
Origin: https://grandwin189ss.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:20 GMT
last-modified: Fri, 21 Jun 2024 07:15:52 GMT
server: LiteSpeed
etag: "1327c-667528a8-320cbb;;;"
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 78460
expires: Sun, 11 Aug 2024 12:18:20 GMT

GET
H3 200 global.css
grandwin189ss.vip/dekstop/themes/default/css/ 196 KB
27 KB 98ms
97ms Stylesheet
text/css 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://grandwin189ss.vip/dekstop/themes/default/css/global.css
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: 4adbd8db4c67b643fd261f8bbb37942f3328504cdbafc166cd95260609c22ab6

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:20 GMT
content-encoding: br
last-modified: Fri, 21 Jun 2024 07:15:52 GMT
server: LiteSpeed
etag: "30e7d-667528a8-320cae;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 27776
expires: Sun, 11 Aug 2024 12:18:20 GMT

GET
H3 200 all.min.css
grandwin189ss.vip/dekstop/themes/default/font/font-awesome/css/ 58 KB
12 KB 215ms
214ms Stylesheet
text/css 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://grandwin189ss.vip/dekstop/themes/default/font/font-awesome/css/all.min.css
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: c493875ea907c37e2ef7b9560f75ad5dd918121a0f42889eda351ccab0373eb1

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:20 GMT
content-encoding: br
last-modified: Tue, 25 Jun 2024 07:51:42 GMT
server: LiteSpeed
etag: "e7d4-667a770e-320cb7;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 12374
expires: Sun, 11 Aug 2024 12:18:20 GMT

GET
H3 200 w4nspoke.css
grandwin189ss.vip/dekstop/themes/default/css/ 3 KB
977 B 217ms
216ms Stylesheet
text/css 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://grandwin189ss.vip/dekstop/themes/default/css/w4nspoke.css
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: 2cda3e85cf85945a46d126c78bb51ab4832a2f2feb6e6e96b02d8d60acc85f0c

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:20 GMT
content-encoding: br
last-modified: Tue, 25 Jun 2024 19:20:52 GMT
server: LiteSpeed
etag: "dc3-667b1894-320cb0;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 911
expires: Sun, 11 Aug 2024 12:18:20 GMT

GET
H3 200 style.css
grandwin189ss.vip/dekstop/duka/costum/css/ 163 KB
18 KB 217ms
216ms Stylesheet
text/css 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://grandwin189ss.vip/dekstop/duka/costum/css/style.css
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: 456f48f55fb7c7b11ce3754c93240a7a293e5d2a1320a8f2fe1813a987531260

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:20 GMT
content-encoding: br
last-modified: Tue, 02 Jul 2024 14:42:52 GMT
server: LiteSpeed
etag: "28cf3-668411ec-320c13;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 18466
expires: Sun, 11 Aug 2024 12:18:20 GMT

GET
H3 200 custom.css
grandwin189ss.vip/dekstop/themes/default/sass/ 25 KB
4 KB 228ms
227ms Stylesheet
text/css 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://grandwin189ss.vip/dekstop/themes/default/sass/custom.css
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: edc8c41f712e07e786ab5fc9c11be270486a9a3d5d8235cbd174da15c608ec96

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:20 GMT
content-encoding: br
last-modified: Tue, 25 Jun 2024 07:51:22 GMT
server: LiteSpeed
etag: "62b0-667a76fa-341c01;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4507
expires: Sun, 11 Aug 2024 12:18:20 GMT

GET
H3 200 668c4af518401.png
grandwin189ss.vip/assets/img/ 35 KB
35 KB 399ms
398ms Image
image/png 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grandwin189ss.vip/assets/img/668c4af518401.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: 926e4c0bd035c11a249776f4331c0f06a4263131dda635e230c2bfc584e327e2

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:20 GMT
last-modified: Mon, 08 Jul 2024 20:24:21 GMT
server: LiteSpeed
etag: "8bc4-668c4af5-30138e;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 35780
expires: Sun, 11 Aug 2024 12:18:20 GMT

GET
H3 200 home.svg
grandwin189ss.vip/assets/img/navigation/ 82 KB
21 KB 399ms
398ms Image
image/svg+xml 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grandwin189ss.vip/assets/img/navigation/home.svg
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: 4d5dabc04915758eac5417b8dc6e57a570b9068e560f143423bcb972df740ea5

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:20 GMT
content-encoding: br
last-modified: Mon, 24 Jun 2024 20:55:30 GMT
server: LiteSpeed
etag: "14659-6679dd42-3013b8;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 20897
expires: Sun, 11 Aug 2024 12:18:20 GMT

GET
H3 200 slot.svg
grandwin189ss.vip/assets/img/navigation/ 20 KB
6 KB 384ms
382ms Image
image/svg+xml 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grandwin189ss.vip/assets/img/navigation/slot.svg
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: de73962d3088a790a69647f591075331eb8890299ebb0f0592776898ff37e929

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:20 GMT
content-encoding: br
last-modified: Mon, 24 Jun 2024 20:55:32 GMT
server: LiteSpeed
etag: "5003-6679dd44-3013c0;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 5897
expires: Sun, 11 Aug 2024 12:18:20 GMT

GET
H2 200 aisg.webp
images.linkcdn.cloud/global/game-skin1/navbar/slot/ 11 KB
11 KB 182ms
44ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/slot/aisg.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28e5bc851f8c1f0f11d244ed331972ed7ef11247ebb99300b3173bfb840212b8

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Thu, 16 May 2024 10:20:22 GMT
server: cloudflare
age: 6916955
etag: "2f2222022082f1ae7e983f7a2d60d99f"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d51ce3a961a-MIA
content-length: 10964
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 maintenance_logo.png
images.linkcdn.cloud/global/nav-addons/ 4 KB
5 KB 183ms
45ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/nav-addons/maintenance_logo.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62ecf7f9c0f111de3ee0a86b18ea7756c79bb7b67b871e9e03814420d94383fa

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 13717701
cf-polished: origFmt=png, origSize=5284
content-disposition: inline; filename="maintenance_logo.webp"
content-length: 4410
cf-bgj: imgq:100,h2pri
last-modified: Tue, 02 Mar 2021 10:16:34 GMT
server: cloudflare
etag: "447dd8b24767b5e623d5717fde197100"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d51ce3e961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 pra.webp
images.linkcdn.cloud/global/game-skin1/navbar/slot/ 10 KB
10 KB 182ms
44ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/slot/pra.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d95f05da1bb83176a8560dfc6de751b1346e9d99789aa10008d4d7a87696852a

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:09 GMT
server: cloudflare
age: 13717609
etag: "c50ec64af6b954f9a629f48ae64bbbc6"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d51ce3d961a-MIA
content-length: 9990
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 pgs.webp
images.linkcdn.cloud/global/game-skin1/navbar/slot/ 10 KB
10 KB 183ms
45ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/slot/pgs.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30d4a3e804403131de5d4943af9428f66431d702079f15b9f860fce84327a878

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Jun 2022 05:11:28 GMT
server: cloudflare
age: 13721745
etag: "5cb6170f3470be48b3853bc9c36df307"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d51ce3c961a-MIA
content-length: 9756
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 fsp.webp
images.linkcdn.cloud/global/game-skin1/navbar/slot/ 11 KB
11 KB 176ms
39ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/slot/fsp.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e1a6e61731f8404c41ce89bd29c19208536c9e41764c69370c8a11e6775eba2

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Sun, 26 Jun 2022 08:30:34 GMT
server: cloudflare
age: 13712148
etag: "dfa7cd15f4c4470a3bf28e3d3798cb8f"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d51ce3b961a-MIA
content-length: 11212
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 spd.webp
images.linkcdn.cloud/global/game-skin1/navbar/slot/ 9 KB
9 KB 180ms
43ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/slot/spd.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4635fb95f670026ef456ae440b235287e2293c64f0e544692cbf071fcb573f85

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:08 GMT
server: cloudflare
age: 13721745
etag: "8826ce40ef1f66c75c447e5aa6bae150"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d51ce3f961a-MIA
content-length: 9358
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 nlc.webp
images.linkcdn.cloud/global/game-skin1/navbar/slot/ 5 KB
5 KB 52ms
44ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/slot/nlc.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48d1695096030bfc6da1ef37199fe63f50c9ecceafbda93a6b6c4b5c6093c88b

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Mon, 13 Mar 2023 08:04:40 GMT
server: cloudflare
age: 2713996
etag: "c68ca49854b1ebe7c05486f1f6d65b61"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d522e5a961a-MIA
content-length: 5260
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 mic.webp
images.linkcdn.cloud/global/game-skin1/navbar/slot/ 9 KB
9 KB 47ms
39ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/slot/mic.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7652f22a85db4df8a3a85524a15ff9298abdb1204112f0b704b44d86ee73abe0

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:08 GMT
server: cloudflare
age: 2713996
etag: "8be236091b69cf2463e59f5916a7bb16"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d522e5b961a-MIA
content-length: 9308
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 nex.webp
images.linkcdn.cloud/global/game-skin1/navbar/slot/ 8 KB
8 KB 51ms
42ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/slot/nex.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c707f18d5e16477e924a21ab5fef6af47e7641894b470c726798a4f1b7106fd0

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Fri, 03 May 2024 06:32:16 GMT
server: cloudflare
age: 2713996
etag: "c3ad7438850522ad2f2acbb024b5f725"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d522e5c961a-MIA
content-length: 7720
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 new_icon.webp
images.linkcdn.cloud/global/nav-addons/ 2 KB
3 KB 48ms
40ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/nav-addons/new_icon.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 579317389d3028a5db0e25148c552c8eacb0603d9047d1fda8d2a6e0244abe5b

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 10:47:10 GMT
server: cloudflare
age: 1013078
etag: "ba53e66bc9f1739284324a3fe5e11df8"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d522e5d961a-MIA
content-length: 2504
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 pls.webp
images.linkcdn.cloud/global/game-skin1/navbar/slot/ 8 KB
8 KB 85ms
76ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/slot/pls.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfac2cbf35977c380a0a4d5b5ad1bf96149317cb65d23a7334f8e002466a1744

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Wed, 26 Jul 2023 11:26:11 GMT
server: cloudflare
age: 1455632
etag: "ac84987277e2eb5df2b23123f4a4c3d5"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d522e5f961a-MIA
content-length: 8066
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 jli.webp
images.linkcdn.cloud/global/game-skin1/navbar/slot/ 5 KB
5 KB 49ms
40ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/slot/jli.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a94e745d0611fcd224035b5b54a58c017de34677d3362ea364e365c9bd45d8e

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 03:15:41 GMT
server: cloudflare
age: 9458613
etag: "b984a5ac34788c64bf41a61e845d7016"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d522e60961a-MIA
content-length: 4628
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 hcg.webp
images.linkcdn.cloud/global/game-skin1/navbar/slot/ 11 KB
11 KB 49ms
41ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/slot/hcg.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d17326604cbfd27b5b1ef8e225d73ac04e1e226ad7bff14f68cde663f85d7b02

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 27 Feb 2024 09:00:36 GMT
server: cloudflare
age: 13676554
etag: "15d0dcd9c02c0d18591f52c9072edae7"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d522e61961a-MIA
content-length: 10782
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 adv.webp
images.linkcdn.cloud/global/game-skin1/navbar/slot/ 10 KB
10 KB 85ms
77ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/slot/adv.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd66527417013764301e965365cfd5beb84e589db57c69c99c63cbcdf4f1037f

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:08 GMT
server: cloudflare
age: 9407709
etag: "46240fd1384fbe925a2dd428e48ff862"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d522e62961a-MIA
content-length: 10070
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 jdb.webp
images.linkcdn.cloud/global/game-skin1/navbar/slot/ 9 KB
9 KB 50ms
43ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/slot/jdb.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68ccf2651610cac27c7c2dda1a8d4c31107f3d0128aae37a0a7f74efb42495a4

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Fri, 16 Jun 2023 15:04:25 GMT
server: cloudflare
age: 2713997
etag: "2995347944832651996124e939eec00f"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d522e63961a-MIA
content-length: 9448
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 jok.webp
images.linkcdn.cloud/global/game-skin1/navbar/slot/ 10 KB
10 KB 52ms
44ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/slot/jok.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b0ed5caa1dac6bc1c994e462f6b88d40b320fca07c349766634219da3858d44

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:08 GMT
server: cloudflare
age: 2713996
etag: "72985966dbcba9d7239f288ada0ab1b6"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d522e64961a-MIA
content-length: 9872
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 rtr.webp
images.linkcdn.cloud/global/game-skin1/navbar/slot/ 11 KB
11 KB 53ms
45ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/slot/rtr.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46e0597e30efae210e80019483b8f08e48c571005591566dffd3b2908ef94281

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 10:58:18 GMT
server: cloudflare
age: 2017459
etag: "0d3afd5a2fe617f18d63b896d17f5dd3"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d522e65961a-MIA
content-length: 11440
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 hbn.webp
images.linkcdn.cloud/global/game-skin1/navbar/slot/ 10 KB
10 KB 78ms
70ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/slot/hbn.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 602502c8732a4ad6eb4879726da9287f556733e3a0b0a6d3b2ef8b114811b263

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:09 GMT
server: cloudflare
age: 2713996
etag: "377b7c2d4c02dcdeacdb8c4372094b0d"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d522e68961a-MIA
content-length: 9752
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 afg.webp
images.linkcdn.cloud/global/game-skin1/navbar/slot/ 10 KB
11 KB 77ms
70ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/slot/afg.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f97fd35fbfa44f7ca4e4ddfb823b74283a3475ba6ad7402b04a1590644b47744

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:08 GMT
server: cloudflare
age: 2713997
etag: "afa985cc1883b60bf73f5fa43a6af694"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d522e6a961a-MIA
content-length: 10738
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 cq9.webp
images.linkcdn.cloud/global/game-skin1/navbar/slot/ 10 KB
10 KB 76ms
69ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/slot/cq9.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce97fe11b02e5dfa17303535879e288e4463c87d34e80bdc3b15dfa516cdbcaa

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Jun 2022 05:11:29 GMT
server: cloudflare
age: 2017457
etag: "a991d0700dda9c18df436de347cb257c"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d522e6b961a-MIA
content-length: 10616
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 vrt.webp
images.linkcdn.cloud/global/game-skin1/navbar/slot/ 13 KB
13 KB 83ms
76ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/slot/vrt.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f4d14ca277bb2d64aef1d7124cc68a10371989053e9eb74d012b5ba22cee26

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:08 GMT
server: cloudflare
age: 2713996
etag: "b875b7a93ae5475d2693a93c3421deb0"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d522e6c961a-MIA
content-length: 13038
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 ttg.webp
images.linkcdn.cloud/global/game-skin1/navbar/slot/ 8 KB
8 KB 84ms
77ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/slot/ttg.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7f8c8d65e7dcc7ca6bc1b3a7915051d48a606303d9bde76b2ca766a066997d8

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:07 GMT
server: cloudflare
age: 7539483
etag: "da206add4f0cb1f35724dc4d738b067d"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d522e6d961a-MIA
content-length: 8166
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 fac.webp
images.linkcdn.cloud/global/game-skin1/navbar/slot/ 7 KB
7 KB 84ms
77ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/slot/fac.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12078b3ccbf25b191d2635e89c1fce9ddca7e59db81a4dc3c73e32661e5e4556

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 30 May 2023 05:40:50 GMT
server: cloudflare
age: 2713997
etag: "f3e54df244c4016b5618f430949dd1f2"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d522e6e961a-MIA
content-length: 7018
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 pla.webp
images.linkcdn.cloud/global/game-skin1/navbar/slot/ 10 KB
10 KB 85ms
78ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/slot/pla.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3386d44d96b0f1e322726b3d8ce95a87504c58c1a1802b24aa3be96ebf7f092

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:08 GMT
server: cloudflare
age: 2017458
etag: "d01843c31b99d3124b4732892abc1596"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525e8a961a-MIA
content-length: 9908
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 hyd.webp
images.linkcdn.cloud/global/game-skin1/navbar/slot/ 9 KB
9 KB 86ms
79ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/slot/hyd.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66b4b0414012e1377d8cd0b31ae87072da545e8e4aa9db1ba64c42553dea4ce1

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:08 GMT
server: cloudflare
age: 13710734
etag: "fe9d4517d9b346f3e358173cd2542f19"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525e8b961a-MIA
content-length: 9128
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 hot_category.png
images.linkcdn.cloud/global/nav-addons/ 742 B
943 B 112ms
105ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/nav-addons/hot_category.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15a680d35919f0f62b69b363915d4170d2488f04b498a3896a4a4ec46580f977

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 3110157
cf-polished: origFmt=png, origSize=1036
content-disposition: inline; filename="hot_category.webp"
content-length: 742
cf-bgj: imgq:100,h2pri
last-modified: Thu, 14 Dec 2023 09:08:50 GMT
server: cloudflare
etag: "2414c9a1aed1163a8db96e76ba8bda58"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525e8c961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H3 200 livegames.svg
grandwin189ss.vip/assets/img/navigation/ 22 KB
7 KB 372ms
371ms Image
image/svg+xml 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grandwin189ss.vip/assets/img/navigation/livegames.svg
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: 70623a3dc1fe3ed080b5bb4b1da4929e0d70e100638e1d15152e5b90100d86a2

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
content-encoding: br
last-modified: Mon, 24 Jun 2024 21:02:46 GMT
server: LiteSpeed
etag: "571d-6679def6-3013cd;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 6871
expires: Sun, 11 Aug 2024 12:18:21 GMT

GET
H2 200 lvg.webp
images.linkcdn.cloud/global/game-skin1/navbar/other/ 3 KB
3 KB 86ms
79ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/other/lvg.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64d64c865b072963791c15c8d2f4548436f21c7962685f3a5a515136a227bcbf

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2023 09:57:18 GMT
server: cloudflare
age: 2713996
etag: "4d874118876c5f6715ba915ce8034c09"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525e8d961a-MIA
content-length: 2832
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 sv3.webp
images.linkcdn.cloud/global/game-skin1/navbar/other/ 10 KB
10 KB 87ms
80ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/other/sv3.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3dea08aa20f9e41f3baaf251309e5f1aae906e8db3b17edfcb0b9a1620e8e4f

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:10 GMT
server: cloudflare
age: 11841443
etag: "6553207a01fd243ab88a8647ff326ddd"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525e8e961a-MIA
content-length: 10072
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 ws1.webp
images.linkcdn.cloud/global/game-skin1/navbar/other/ 4 KB
4 KB 117ms
110ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/other/ws1.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13647fc7871f728aaed58c72feb1e23ccfb6be8b86cc780401ebaff323bbfd51

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Aug 2023 07:37:40 GMT
server: cloudflare
age: 2713996
etag: "561df40fb41298420682faea9156dd76"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525e8f961a-MIA
content-length: 4136
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 ga2.webp
images.linkcdn.cloud/global/game-skin1/navbar/other/ 11 KB
11 KB 87ms
80ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/other/ga2.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64dd7fb4cbb52916f608a36344a6be8490c3d8ec7eb10ed20ec2551ce5b94880

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Wed, 06 Mar 2024 07:23:58 GMT
server: cloudflare
age: 2713996
etag: "9f72b651bed0114e5606ea2d69ed8a98"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525e90961a-MIA
content-length: 11488
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 mki.webp
images.linkcdn.cloud/global/game-skin1/navbar/other/ 9 KB
9 KB 87ms
81ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/other/mki.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f14d371061bcd0e573cb6c8a8c5dd0f9e4eef00acb6ac6377f0d96cd10b314d1

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Wed, 31 May 2023 11:25:51 GMT
server: cloudflare
age: 13710734
etag: "e102b603009007ef98e83044431dc56e"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525e91961a-MIA
content-length: 9088
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H3 200 casino.svg
grandwin189ss.vip/assets/img/navigation/ 36 KB
10 KB 407ms
406ms Image
image/svg+xml 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grandwin189ss.vip/assets/img/navigation/casino.svg
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: 9c9040bf2c6b62cc1366ba767fd14ea43e971b3f669c3a12150e214bf43adbf6

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
content-encoding: br
last-modified: Mon, 24 Jun 2024 20:55:24 GMT
server: LiteSpeed
etag: "91f8-6679dd3c-3013b7;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 10175
expires: Sun, 11 Aug 2024 12:18:21 GMT

GET
H2 200 plc.webp
images.linkcdn.cloud/global/game-skin1/navbar/casino/ 10 KB
10 KB 88ms
81ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/casino/plc.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 480698c7b768d6dbb022f9e672d498519483bac29915d04472424a95454304dc

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:10 GMT
server: cloudflare
age: 13715636
etag: "40da86da7a098dfbdf1dde000bb1b364"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525e92961a-MIA
content-length: 10052
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 afc.webp
images.linkcdn.cloud/global/game-skin1/navbar/casino/ 10 KB
10 KB 88ms
82ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/casino/afc.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 490e26e9b8102a5ede334caf2db1af7221fc5df651aaee24624356acc4b6d89f

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Mon, 23 May 2022 06:19:57 GMT
server: cloudflare
age: 2713996
etag: "92965ea516fc9864c82acf9496a1f38c"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525e93961a-MIA
content-length: 10216
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 wec.webp
images.linkcdn.cloud/global/game-skin1/navbar/casino/ 11 KB
11 KB 114ms
107ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/casino/wec.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf311784b36d28cb713e242688e183f67a50009e78053c5c9750cf63ba1b5a3d

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 05:03:10 GMT
server: cloudflare
age: 9407711
etag: "51eadee4beb743d66e0faad294436f68"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525e94961a-MIA
content-length: 10910
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 wmc.webp
images.linkcdn.cloud/global/game-skin1/navbar/casino/ 10 KB
10 KB 88ms
82ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/casino/wmc.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ac1e88c61557472e190643d7ca8f4bd781c852ff1af9811af7a426ed96d0bbc

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:09 GMT
server: cloudflare
age: 13706945
etag: "29bdbfdaf8b0d90272af4990540c0f55"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525e95961a-MIA
content-length: 10316
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 ogs.webp
images.linkcdn.cloud/global/game-skin1/navbar/casino/ 10 KB
10 KB 88ms
82ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/casino/ogs.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f50e16b680d2a99552d25a877ba8e97d2ca95919012fce0b3c24fda1c48ea086

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:09 GMT
server: cloudflare
age: 2713996
etag: "19389f1e5b001eb65543036ae71daf82"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525e96961a-MIA
content-length: 10500
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 pca.webp
images.linkcdn.cloud/global/game-skin1/navbar/casino/ 8 KB
8 KB 113ms
107ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/casino/pca.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ecbb648adb42d576665dde9b420e4c582ddb81ee6bab5b4eac56e27ae464fd4

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Thu, 18 Jan 2024 04:47:47 GMT
server: cloudflare
age: 2713996
etag: "70761890d7a4cb2112ea11e927b3364b"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525e98961a-MIA
content-length: 7812
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 gd8.webp
images.linkcdn.cloud/global/game-skin1/navbar/casino/ 11 KB
11 KB 116ms
110ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/casino/gd8.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6466d3eb2ff093b21aa5e0975d06ced104fe03d3ee9693b75a693228c1be1fd

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:10 GMT
server: cloudflare
age: 13715636
etag: "ef9f499ce61b68d812d4f1340bef070d"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525e99961a-MIA
content-length: 11212
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 alb.webp
images.linkcdn.cloud/global/game-skin1/navbar/casino/ 8 KB
8 KB 89ms
83ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/casino/alb.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77e06b7be027a704a05b79538a85a2250df7f0047bfe3644107d75c2de49151c

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:09 GMT
server: cloudflare
age: 2017458
etag: "28072ca927ae2f76166d9d949e4a04f1"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525e9a961a-MIA
content-length: 8138
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 drg.webp
images.linkcdn.cloud/global/game-skin1/navbar/casino/ 9 KB
9 KB 89ms
83ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/casino/drg.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6cd0a20aa0beee8a3a8766e089221f7bcd2bae378a8db7ef93411347801b8e3

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:10 GMT
server: cloudflare
age: 13721026
etag: "e88acafbf1e1ee783da0b1ede177e672"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525e9c961a-MIA
content-length: 9432
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 agc.webp
images.linkcdn.cloud/global/game-skin1/navbar/casino/ 8 KB
9 KB 118ms
112ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/casino/agc.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39de4ee00869cadcfcc596597d49c1b0ab741981735d9c3d90821f4e80d9ae70

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:09 GMT
server: cloudflare
age: 9794940
etag: "812bf771663029e655c825ef75aac063"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525e9e961a-MIA
content-length: 8668
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 seg.webp
images.linkcdn.cloud/global/game-skin1/navbar/casino/ 5 KB
5 KB 89ms
83ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/casino/seg.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90f8a18f06ac8724ea14d28f14e7023518cdfc8581f6ce47ba8e4e353256ebd8

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 08:47:43 GMT
server: cloudflare
age: 2117574
etag: "40c2f95fd5f43fffacee436751fb0ab4"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525ea0961a-MIA
content-length: 4928
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 lg8.webp
images.linkcdn.cloud/global/game-skin1/navbar/casino/ 10 KB
10 KB 110ms
104ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/casino/lg8.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c937d55104be14583d63595551915e3505e4c7a4e062ea1a9a59acc698d28ab

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:10 GMT
server: cloudflare
age: 9183001
etag: "62571e4818f463e59c647bc2f58f5f04"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525ea1961a-MIA
content-length: 10030
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 evo.webp
images.linkcdn.cloud/global/game-skin1/navbar/casino/ 9 KB
9 KB 90ms
85ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/casino/evo.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 923b285caa0f09e0a12ec1b9af36a1aca2266a8f3b8a981dd41d437e91f0fd9e

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Jun 2022 06:20:00 GMT
server: cloudflare
age: 2117573
etag: "9c81ebb14a899d0238108f66f1579737"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525ea3961a-MIA
content-length: 8706
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H3 200 sport.svg
grandwin189ss.vip/assets/img/navigation/ 39 KB
10 KB 407ms
406ms Image
image/svg+xml 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grandwin189ss.vip/assets/img/navigation/sport.svg
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: faee04b44264c3341536ca8637e779391238a8974b46fd13a44c9abf2be0745b

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
content-encoding: br
last-modified: Mon, 24 Jun 2024 20:55:32 GMT
server: LiteSpeed
etag: "9d3f-6679dd44-3013d4;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 9982
expires: Sun, 11 Aug 2024 12:18:21 GMT

GET
H2 200 afb88.webp
images.linkcdn.cloud/global/game-skin1/navbar/sportbook/ 13 KB
14 KB 103ms
97ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/sportbook/afb88.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2372a2231c83bab6f163a3a2e07bde6d2d02c2a611a4621960b7f6519a46b657

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 16:19:42 GMT
server: cloudflare
age: 2724827
etag: "1b3482796279742e90a029fa23cee316"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525ea5961a-MIA
content-length: 13736
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 iae.webp
images.linkcdn.cloud/global/game-skin1/navbar/sportbook/ 10 KB
10 KB 105ms
99ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/sportbook/iae.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e55acbe1cf612660777de102013319f710e0b6821e8e699ff3dd7333125414ae

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Sun, 26 Jun 2022 09:54:48 GMT
server: cloudflare
age: 2723792
etag: "a9a6d3d44c52ab011d88dfbe134770de"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525ea7961a-MIA
content-length: 10538
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 cmd368.webp
images.linkcdn.cloud/global/game-skin1/navbar/sportbook/ 7 KB
7 KB 110ms
105ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/sportbook/cmd368.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4df67c702517552510526094f61626848282615dda2b0fa12ee2118ecba12998

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 16:19:41 GMT
server: cloudflare
age: 13716845
etag: "f0fb4d643d1e84937a8ed5bb82cf82cb"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525ea8961a-MIA
content-length: 7410
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 sbobet.webp
images.linkcdn.cloud/global/game-skin1/navbar/sportbook/ 8 KB
8 KB 105ms
99ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/sportbook/sbobet.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02ac63e86bef9c01268dc0c0be3ed1538cac41cb8cd94935b0a1aacb7c9fa1da

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 16:19:42 GMT
server: cloudflare
age: 2713996
etag: "a3656d1f17ef7d888ed124895083338f"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525ea9961a-MIA
content-length: 8222
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 m88.webp
images.linkcdn.cloud/global/game-skin1/navbar/sportbook/ 10 KB
10 KB 124ms
119ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/sportbook/m88.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1c7341974c11eaa3be169869f9e2fae9467be1f629b9e6af14778b60ca21028

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Jul 2022 11:59:04 GMT
server: cloudflare
age: 2017459
etag: "89074b7dab86bf844e10c49424448286"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525eaa961a-MIA
content-length: 10038
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H3 200 lottery.svg
grandwin189ss.vip/assets/img/navigation/ 12 KB
3 KB 407ms
406ms Image
image/svg+xml 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grandwin189ss.vip/assets/img/navigation/lottery.svg
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: 2f4e8a937802ba30ad17b56f3eeae94c093cafa3905e7f80549121d8a842d7d5

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
content-encoding: br
last-modified: Mon, 24 Jun 2024 20:55:30 GMT
server: LiteSpeed
etag: "2e0a-6679dd42-3013ca;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 2819
expires: Sun, 11 Aug 2024 12:18:21 GMT

GET
H2 200 tog.webp
images.linkcdn.cloud/global/game-skin1/navbar/lottery/ 6 KB
7 KB 109ms
104ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/lottery/tog.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8d5991c7497473ea91cfe27dfaa054534c69e64905c12e888d028183aae99bc

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Thu, 01 Jun 2023 07:49:44 GMT
server: cloudflare
age: 2017459
etag: "b26f2d05dc66441d172f481f6f87d14b"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525eab961a-MIA
content-length: 6580
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H3 200 poker.svg
grandwin189ss.vip/assets/img/navigation/ 33 KB
9 KB 407ms
406ms Image
image/svg+xml 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grandwin189ss.vip/assets/img/navigation/poker.svg
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: b6175ddc30db417ad2a5b16cefcd92467ca9ca4d19757e360981b4373af70d7f

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
content-encoding: br
last-modified: Mon, 24 Jun 2024 20:55:32 GMT
server: LiteSpeed
etag: "8283-6679dd44-3013bc;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 9329
expires: Sun, 11 Aug 2024 12:18:21 GMT

GET
H2 200 we1.webp
images.linkcdn.cloud/global/game-skin1/navbar/poker/ 8 KB
8 KB 109ms
104ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/poker/we1.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b1af413d1f2566f7d20914a80c5a837af218cfe62731ab9a677e3877cec92cd

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:07 GMT
server: cloudflare
age: 10583555
etag: "af900ab337bbb0110c2eded8b4a553d5"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525eac961a-MIA
content-length: 7842
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H3 200 arcade.svg
grandwin189ss.vip/assets/img/navigation/ 4 KB
1 KB 407ms
405ms Image
image/svg+xml 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grandwin189ss.vip/assets/img/navigation/arcade.svg
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: 93130714a3c7e498382a893dde3f5a94efbb9e6100ee33322c7b0dfe76ec771b

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
content-encoding: br
last-modified: Mon, 24 Jun 2024 20:55:24 GMT
server: LiteSpeed
etag: "103a-6679dd3c-3013bb;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1270
expires: Sun, 11 Aug 2024 12:18:21 GMT

GET
H2 200 spr.webp
images.linkcdn.cloud/global/game-skin1/navbar/slot/ 3 KB
3 KB 122ms
117ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/slot/spr.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5bcd5728ba56790980ede52b45072d10f98de7fc6cbd7ae1d03906f858303ad

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Thu, 11 May 2023 05:26:18 GMT
server: cloudflare
age: 13706945
etag: "92dc8b3b306435c14f434e4fcf360a5b"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525eae961a-MIA
content-length: 3358
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 jdb.webp
images.linkcdn.cloud/global/game-skin1/navbar/fishing/ 9 KB
9 KB 114ms
109ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/fishing/jdb.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad858a379977cbe2994ccb47bf5cb3899691ee775435e89b6f1a7555b304382b

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Fri, 16 Jun 2023 15:31:34 GMT
server: cloudflare
age: 13715636
etag: "918914c7a96ee4b0a106b8c865f7813c"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525eaf961a-MIA
content-length: 9330
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 jok.webp
images.linkcdn.cloud/global/game-skin1/navbar/fishing/ 9 KB
9 KB 111ms
107ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/fishing/jok.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f1ef95939d17dd212093792c87398f37c37cf30e83f2c1e45062cc6e82af348

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:07 GMT
server: cloudflare
age: 13715636
etag: "d562cc957a5a8265ee91cdb8bc8d9dcd"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525eb0961a-MIA
content-length: 9330
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 spa.webp
images.linkcdn.cloud/global/game-skin1/navbar/other/ 8 KB
8 KB 124ms
119ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/other/spa.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28b479e0cf236b2a5d3404526b672b441dd76f59a65ebe5fba4904e8130bbe6d

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 04 Apr 2023 11:12:24 GMT
server: cloudflare
age: 996361
etag: "748457434e87ad2c5bd4c986d2f81e7a"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525eb1961a-MIA
content-length: 7704
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 spd.webp
images.linkcdn.cloud/global/game-skin1/navbar/fishing/ 12 KB
12 KB 126ms
121ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/fishing/spd.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3ac45a9b34c24e7757cc8d0d09620fe35dd34287c135248119baf3b29d32c78

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:07 GMT
server: cloudflare
age: 2747412
etag: "f2d8ba496283e070523e438a3e6037ad"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525eb2961a-MIA
content-length: 12026
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 pls.webp
images.linkcdn.cloud/global/game-skin1/navbar/fishing/ 8 KB
8 KB 108ms
103ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/fishing/pls.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79f69f4a4182edee4f71d231e837935360c7cc24541a2e8d4987cf89290b9ddc

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Wed, 26 Jul 2023 11:31:05 GMT
server: cloudflare
age: 13715497
etag: "ae094328abc90281067fa89aab2d2dea"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525eb3961a-MIA
content-length: 8512
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 cq9.webp
images.linkcdn.cloud/global/game-skin1/navbar/fishing/ 10 KB
10 KB 118ms
114ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/fishing/cq9.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3722a6635d2efd7be6b68c38ab1e5f2b1a95ee98dbb66858c015b9a55b893f9e

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:07 GMT
server: cloudflare
age: 2713996
etag: "5170cb7257d07a0bed6aae9215cef222"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525eb5961a-MIA
content-length: 9854
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 jli.webp
images.linkcdn.cloud/global/game-skin1/navbar/fishing/ 5 KB
5 KB 112ms
108ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/fishing/jli.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a94e745d0611fcd224035b5b54a58c017de34677d3362ea364e365c9bd45d8e

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 03:29:49 GMT
server: cloudflare
age: 13719919
etag: "b984a5ac34788c64bf41a61e845d7016"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525eb7961a-MIA
content-length: 4628
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 fac.webp
images.linkcdn.cloud/global/game-skin1/navbar/fishing/ 5 KB
5 KB 110ms
106ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/navbar/fishing/fac.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 976ec43c7a26910ec33842d4cc44a2b2de741737ed0bc53c0911983ad8d4c11a

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jun 2023 05:00:24 GMT
server: cloudflare
age: 13710734
etag: "85b6e0f2fbcf9ced108c2798bffdc177"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525eb8961a-MIA
content-length: 4610
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H3 200 news.svg
grandwin189ss.vip/assets/img/navigation/ 22 KB
6 KB 406ms
404ms Image
image/svg+xml 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grandwin189ss.vip/assets/img/navigation/news.svg
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: 2c430522ff8b34a86d2a21e5210c31ae65c50da7c1f6f0c72584fe066d619577

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
content-encoding: br
last-modified: Mon, 24 Jun 2024 20:55:30 GMT
server: LiteSpeed
etag: "5997-6679dd42-3013d0;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 5755
expires: Sun, 11 Aug 2024 12:18:21 GMT

GET
H3 200 promotion.svg
grandwin189ss.vip/assets/img/navigation/ 44 KB
12 KB 410ms
406ms Image
image/svg+xml 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grandwin189ss.vip/assets/img/navigation/promotion.svg
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: 4c26de07b29b8110e68993e0eb5c45632fc8c41445910c5e76fd583724972835

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
content-encoding: br
last-modified: Mon, 24 Jun 2024 20:55:32 GMT
server: LiteSpeed
etag: "aefe-6679dd44-3013c3;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 12491
expires: Sun, 11 Aug 2024 12:18:21 GMT

GET
H3 200 event.svg
grandwin189ss.vip/assets/img/navigation/ 184 KB
47 KB 412ms
407ms Image
image/svg+xml 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grandwin189ss.vip/assets/img/navigation/event.svg
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: 062267448e378fb056aeb9e8fb8199cedb093cf9ffc1c4ef8da9c725e0b96bad

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
content-encoding: br
last-modified: Mon, 24 Jun 2024 20:55:28 GMT
server: LiteSpeed
etag: "2e0d3-6679dd40-3013b5;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 47597
expires: Sun, 11 Aug 2024 12:18:21 GMT

GET
H2 200 indonesia.png
images.linkcdn.cloud/global/default/icon/lang/ 154 B
324 B 114ms
109ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/default/icon/lang/indonesia.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82f9f3cef4264a3d2a8c58e68462a667472a6e4701c3700163542d096af5c5b7

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 3189805
cf-polished: origFmt=png, origSize=2884
content-disposition: inline; filename="indonesia.webp"
content-length: 154
cf-bgj: imgq:100,h2pri
last-modified: Thu, 27 Jan 2022 14:39:47 GMT
server: cloudflare
etag: "c8d72954db81d0bd3cba74b579f5d77c"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525eb9961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H3 200 1.jpg
grandwin189ss.vip/uploads/fotobanner/ 88 KB
89 KB 412ms
407ms Image
image/jpeg 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grandwin189ss.vip/uploads/fotobanner/1.jpg
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: 66fe63165b7775b6159a4118722a0a2802219312d74ee7f07238caabde26fa66

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
last-modified: Sat, 03 Aug 2024 21:01:56 GMT
server: LiteSpeed
etag: "161fd-66ae9ac4-1c92;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 90621
expires: Sun, 11 Aug 2024 12:18:21 GMT

GET
H3 200 2.jpg
grandwin189ss.vip/uploads/fotobanner/ 90 KB
90 KB 413ms
407ms Image
image/jpeg 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grandwin189ss.vip/uploads/fotobanner/2.jpg
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: b4ea8bfa7b3455e61a574a4f6fcbebb87f18fb167157cab6f4b52fda8451d780

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
last-modified: Sat, 03 Aug 2024 21:02:02 GMT
server: LiteSpeed
etag: "16662-66ae9aca-1c93;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 91746
expires: Sun, 11 Aug 2024 12:18:21 GMT

GET
H3 200 3.jpg
grandwin189ss.vip/uploads/fotobanner/ 95 KB
95 KB 415ms
409ms Image
image/jpeg 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grandwin189ss.vip/uploads/fotobanner/3.jpg
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: 20c33c7280b825a9b5b580c7fe43e2f7ab3368e62edfc46341363d4bc63194be

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
last-modified: Sat, 03 Aug 2024 21:02:08 GMT
server: LiteSpeed
etag: "17b98-66ae9ad0-1c94;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 97176
expires: Sun, 11 Aug 2024 12:18:21 GMT

GET
H3 200 4.jpg
grandwin189ss.vip/uploads/fotobanner/ 101 KB
101 KB 416ms
409ms Image
image/jpeg 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grandwin189ss.vip/uploads/fotobanner/4.jpg
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: 1511ad90cbb14cdbe980681722971c9f6abd38cf73d9979957acd43b8f5f638d

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
last-modified: Sat, 03 Aug 2024 21:02:16 GMT
server: LiteSpeed
etag: "192eb-66ae9ad8-1c95;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 103147
expires: Sun, 11 Aug 2024 12:18:21 GMT

GET
H3 200 5.jpg
grandwin189ss.vip/uploads/fotobanner/ 94 KB
94 KB 416ms
409ms Image
image/jpeg 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grandwin189ss.vip/uploads/fotobanner/5.jpg
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: 728f415b66dccfc201cbb991096768ecfe35fffa6c782582103d5dd8b00019fc

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
last-modified: Sat, 03 Aug 2024 21:02:24 GMT
server: LiteSpeed
etag: "17887-66ae9ae0-1c96;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 96391
expires: Sun, 11 Aug 2024 12:18:21 GMT

GET
H3 200 6.jpg
grandwin189ss.vip/uploads/fotobanner/ 103 KB
104 KB 419ms
412ms Image
image/jpeg 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grandwin189ss.vip/uploads/fotobanner/6.jpg
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: 3a4cc90d682d513fc9ff399800e9863716f1e0a857519e066073edc9d393db20

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
last-modified: Sat, 03 Aug 2024 21:02:31 GMT
server: LiteSpeed
etag: "19dbf-66ae9ae7-1c97;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 105919
expires: Sun, 11 Aug 2024 12:18:21 GMT

GET
H3 200 7.jpg
grandwin189ss.vip/uploads/fotobanner/ 82 KB
82 KB 420ms
413ms Image
image/jpeg 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grandwin189ss.vip/uploads/fotobanner/7.jpg
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: 263c35df46ef8d220ccc7247cdaba68bfce04f9a33f36bcc242bd2926b22dbbd

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
last-modified: Sat, 03 Aug 2024 21:02:40 GMT
server: LiteSpeed
etag: "14930-66ae9af0-1c98;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 84272
expires: Sun, 11 Aug 2024 12:18:21 GMT

GET
H3 200 8.jpg
grandwin189ss.vip/uploads/fotobanner/ 84 KB
84 KB 425ms
417ms Image
image/jpeg 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grandwin189ss.vip/uploads/fotobanner/8.jpg
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: 258558c0a4964c4bc9e36c3541a950651c7787904fac6176ac3e671b6aaf2c51

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
last-modified: Sat, 03 Aug 2024 21:02:49 GMT
server: LiteSpeed
etag: "15075-66ae9af9-1c99;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 86133
expires: Sun, 11 Aug 2024 12:18:21 GMT

GET
H3 200 9.jpg
grandwin189ss.vip/uploads/fotobanner/ 102 KB
102 KB 425ms
417ms Image
image/jpeg 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grandwin189ss.vip/uploads/fotobanner/9.jpg
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: 57271e358c60ce2987e5a72a0193ad45a3af953aa0b9387e7fe3241b948fcf65

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
last-modified: Sat, 03 Aug 2024 21:02:54 GMT
server: LiteSpeed
etag: "19640-66ae9afe-1c9a;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 104000
expires: Sun, 11 Aug 2024 12:18:21 GMT

GET
H3 200 10.jpg
grandwin189ss.vip/uploads/fotobanner/ 97 KB
97 KB 428ms
420ms Image
image/jpeg 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grandwin189ss.vip/uploads/fotobanner/10.jpg
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: 89226cea0bf28282ee807a780fbfc7c82a9584de1dd32fd7d2136e1e0b024129

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
last-modified: Sat, 03 Aug 2024 21:03:02 GMT
server: LiteSpeed
etag: "1854e-66ae9b06-1c9b;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 99662
expires: Sun, 11 Aug 2024 12:18:21 GMT

GET
H3 200 11.jpg
grandwin189ss.vip/uploads/fotobanner/ 92 KB
93 KB 428ms
420ms Image
image/jpeg 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grandwin189ss.vip/uploads/fotobanner/11.jpg
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: 1122b9a86580fef04de80a5f6ada631aa87c6a28290656249b4fb8a4a7aeb3f9

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
last-modified: Sat, 03 Aug 2024 21:03:08 GMT
server: LiteSpeed
etag: "17190-66ae9b0c-1c9c;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 94608
expires: Sun, 11 Aug 2024 12:18:21 GMT

GET
H3 200 12.jpg
grandwin189ss.vip/uploads/fotobanner/ 101 KB
101 KB 429ms
421ms Image
image/jpeg 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grandwin189ss.vip/uploads/fotobanner/12.jpg
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: 4f91c351a8a9d7a3b5d793d98e30abc1e7c6c3bd44b1cfb275e033aa9b2032e2

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
last-modified: Sat, 03 Aug 2024 21:03:15 GMT
server: LiteSpeed
etag: "19250-66ae9b13-1c9d;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 102992
expires: Sun, 11 Aug 2024 12:18:21 GMT

GET popular.svg
borneo138.xyz//assets/img/navigation/ 0
0

GET
H2 200 vs20olympgate.png
nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/ 130 KB
130 KB 415ms
220ms Image
image/png 18.238.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/vs20olympgate.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-114.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a7729b60630a85fe7db815573a8b13ce9fc492e3535e939f2cf5520c8f5bfacc

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
via: 1.1 7d7f6eb601e45c772b8fdc4924fedb26.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jun 2024 13:37:28 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
age: 323
x-amz-server-side-encryption: AES256
etag: "add07d756b735a569522adf9029376b3"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 132896
x-amz-cf-id: 4EAljPuATXZEBpUqRBNhpV1vT0Md0mfLztCFt2onrPlCrEyWVP5l0A==

GET
H2 200 vs20olympx.png
nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/ 162 KB
163 KB 273ms
78ms Image
image/png 18.238.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/vs20olympx.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-114.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 09011ccb854e721c42a976c72353e9197a3f5c03f75a4ded5c403dd3da0db5bb

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
via: 1.1 7d7f6eb601e45c772b8fdc4924fedb26.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jun 2024 13:37:28 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
age: 323
x-amz-server-side-encryption: AES256
etag: "9846315baf0dc564c6006c9ff5e464ab"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 166108
x-amz-cf-id: FomITzys8hhUeIwoDcBh9zU31YXeQoEzr1lXaOu9aGzlTzy2Aogm3g==

GET
H2 200 vs20sugarrush.png
nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/ 152 KB
153 KB 594ms
399ms Image
image/png 18.238.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/vs20sugarrush.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-114.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c2623133622f804d73391532c8741808c49b3e97425eb675d662ba31a3260864

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:22 GMT
via: 1.1 7d7f6eb601e45c772b8fdc4924fedb26.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jun 2024 13:37:29 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
etag: "c0f936ed69c64238d222eda5a2dd3614"
vary: Accept-Encoding, Origin
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 155980
x-amz-cf-id: 9IEKwOwtS6QE6G72MTGw08aXyQIQgOnpOfVWU4kRzredq469WilUbg==

GET
H2 200 vswayslions.png
nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/ 171 KB
172 KB 380ms
360ms Image
image/png 18.238.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/vswayslions.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-114.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 69319b865e54827cf6d71d2c30cf3465056311bc9ddf9637ac5dd7db0d883ed8

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:22 GMT
via: 1.1 7d7f6eb601e45c772b8fdc4924fedb26.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jul 2024 06:23:10 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
etag: "de0e49962d546ef6dd2b3a46eb40839f"
vary: Accept-Encoding, Origin
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 175315
x-amz-cf-id: bl3Jk_soUBwTcraMAGfwcQ6Q4TH-ZeZd6Clx3RNShfMQbZfuPHk69w==

GET
H2 200 vs20gatotx.png
nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/ 175 KB
175 KB 421ms
408ms Image
image/png 18.238.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/vs20gatotx.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-114.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 409dc44bd16130430d25ad5cd2af52600c2461e2225573b8d78e87c8c3280e47

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:22 GMT
via: 1.1 7d7f6eb601e45c772b8fdc4924fedb26.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jun 2024 13:37:27 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
etag: "be93e3eee0461c61204e112eabeb7159"
vary: Accept-Encoding, Origin
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 179011
x-amz-cf-id: UERvcitgwWucynQQqygOLJ8ZeP1Ou4aerbJwc7UkQl5RxOKRtHBXCA==

GET
H2 200 vs20fruitsw.png
nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/ 139 KB
140 KB 405ms
392ms Image
image/png 18.238.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/vs20fruitsw.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-114.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4fa9f9fe1caa690f332655136280d9aa687c10f2e81d06b9fc72ee5799c9fcbb

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:22 GMT
via: 1.1 7d7f6eb601e45c772b8fdc4924fedb26.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jul 2024 06:23:06 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
etag: "7a8baf2a9136d004dc27636462425740"
vary: Accept-Encoding, Origin
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 142564
x-amz-cf-id: rIujYm2OpuqLG1MFjroUZ4R6DIaIpgy4-fNOPJyB4w6XN3M_xkiRlg==

GET
H2 200 vswaysdogs.png
nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/ 144 KB
145 KB 385ms
381ms Image
image/png 18.238.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/vswaysdogs.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-114.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ebb170e5bcbb28e354146bc337b97b60de5fad6a43b9bdd7479c8cae31a9fa3a

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:22 GMT
via: 1.1 7d7f6eb601e45c772b8fdc4924fedb26.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jun 2024 13:37:31 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
etag: "bafaacbfed57e89423c1af16e3a72e88"
vary: Accept-Encoding, Origin
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 147958
x-amz-cf-id: l29E9L2hw15zRRYt8EotEwwiphWogRTEuNjT4ncpKT8BlYMYAEm4lg==

GET
H2 200 vs20starlight.png
nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/ 143 KB
144 KB 372ms
368ms Image
image/png 18.238.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/vs20starlight.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-114.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 95d21f583d318534c4664ff2ce428a0e88fc71f20db861abb5703217adaadda4

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:22 GMT
via: 1.1 7d7f6eb601e45c772b8fdc4924fedb26.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jul 2024 06:23:08 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
etag: "6d3cacb033dffaa34e12949f2e955aaf"
vary: Accept-Encoding, Origin
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 146625
x-amz-cf-id: CrcMUWJ8lsUJipkgZ5YHZS_CVwWeBHxqzIZsVhgBohja5u3KbRhIwg==

GET
H2 200 vs20starlightx.png
nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/ 169 KB
169 KB 263ms
259ms Image
image/png 18.238.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/vs20starlightx.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-114.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6361deec410014f61d4eb4303f7e695085a25f8109111746aafd5560f5ba0b4e

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
via: 1.1 7d7f6eb601e45c772b8fdc4924fedb26.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jul 2024 06:23:08 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
age: 317
x-amz-server-side-encryption: AES256
etag: "756ebe26a91a098a4dd8d26eb2f4ea39"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 172836
x-amz-cf-id: dB2n3u8beyPIH7PRuFXFst4PvytyZCryuv18HEj8KeScWvPGaOXZ1w==

GET
H2 200 vs20ninjapower.png
nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/ 160 KB
160 KB 433ms
428ms Image
image/png 18.238.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/vs20ninjapower.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-114.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb2fbf011a65f2b4d36cb99125da3fca8f55abb506312e1173f68c49823e1aa4

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:22 GMT
via: 1.1 7d7f6eb601e45c772b8fdc4924fedb26.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jul 2024 06:23:07 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
etag: "314506f5735b8a80a99eef215da49c89"
vary: Accept-Encoding, Origin
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 163628
x-amz-cf-id: eFfKH9Dk76UK2GzmYIqY6zZYN9hUVDdOLzboTwbwr9NyZyLc-CLJwg==

GET
H2 200 vs20olympdice.png
nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/ 139 KB
140 KB 530ms
526ms Image
image/png 18.238.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/vs20olympdice.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-114.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5326f4353a5b67cc76a52a1af49c9e52fb7d14cb4c29aeb9ea265b197f48f8f3

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:22 GMT
via: 1.1 7d7f6eb601e45c772b8fdc4924fedb26.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jun 2024 13:37:28 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
etag: "164b20db2bde01e269e9e886e89eb9bb"
vary: Accept-Encoding, Origin
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 142752
x-amz-cf-id: Ipfi9YzlaG3cEgQiwASf_ZMreL84pEKlDZPSkC74a9kIPJlH7cLIZg==

GET
H2 200 vs20sbxmas.png
nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/ 123 KB
123 KB 432ms
428ms Image
image/png 18.238.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/vs20sbxmas.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-114.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f4729fa35b03a50aef2c4b8d1df5df9df7a843c4ee6e6d16aa473a08e9563306

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:22 GMT
via: 1.1 7d7f6eb601e45c772b8fdc4924fedb26.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jul 2024 06:23:07 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
etag: "6e89c9167cd07d26f0dadf754837f42b"
vary: Accept-Encoding, Origin
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 125445
x-amz-cf-id: PjrNIEeEw1hB8mVJy9droheo8FrupEVKT4w8HgjeuqAYr3sfPDaEsw==

GET
H2 200 vs20sugrux.png
nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/ 140 KB
140 KB 431ms
427ms Image
image/png 18.238.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/vs20sugrux.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-114.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b5ff4f7d310f76293b084338a89e7ffe17670a12860300b64ca9e014a39b306

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:22 GMT
via: 1.1 7d7f6eb601e45c772b8fdc4924fedb26.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jul 2024 06:23:08 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
etag: "9992af7a0945ac647c41476832bf027d"
vary: Accept-Encoding, Origin
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 142997
x-amz-cf-id: VCYKMqclfR0o98Y2zpI0bvofK8QhOcDi5nTujX-eBXKNe8AVrf9R7w==

GET
H2 200 vswaysrabbits.png
nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/ 151 KB
152 KB 425ms
421ms Image
image/png 18.238.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/vswaysrabbits.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-114.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e2d096f241b155cf6fbcf86fea31747be90871851ad281af8eaef09a9d000ce

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:22 GMT
via: 1.1 7d7f6eb601e45c772b8fdc4924fedb26.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jul 2024 06:23:10 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
etag: "ba5fab24d23344f5132d5d8baffba430"
vary: Accept-Encoding, Origin
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 154569
x-amz-cf-id: Iq69ZlHMRckRpMp01UcOcWxw11kvrQjlob-TkDvPgcEfeE-V-cX6DQ==

GET
H2 200 vs15samurai4.png
nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/ 142 KB
143 KB 323ms
319ms Image
image/png 18.238.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/vs15samurai4.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-114.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a4f3714d52c2a68c1c9b0fcd216a56432ac30e3cb5b0e39777d075e4dcf4f49

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:22 GMT
via: 1.1 7d7f6eb601e45c772b8fdc4924fedb26.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jul 2024 06:23:04 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
etag: "62181262b849b42bf2d54d5fd9a056d6"
vary: Accept-Encoding, Origin
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 145631
x-amz-cf-id: JvLcV5WEQSHO--BIgHCcHHiOPmTYtnq-2k-yf9jnYeM3Z5KpMhJZmA==

GET
H2 200 vs20clustext.png
nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/ 160 KB
160 KB 430ms
427ms Image
image/png 18.238.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/vs20clustext.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-114.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9da7c0c8ebdfd2230e25d1fc14d9e5814d4cc9457666e86b9abd581e15a18f6d

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:22 GMT
via: 1.1 7d7f6eb601e45c772b8fdc4924fedb26.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jul 2024 06:23:05 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
etag: "2f0489727463d85c7bedb050adcd0118"
vary: Accept-Encoding, Origin
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 163406
x-amz-cf-id: xLsVu_xdWfyn7x9tKHkQ1_Q2XswvEwFcd6CSY4zKpYkCV0qbhLWxpQ==

GET
H2 200 vs20gatotgates.png
nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/ 178 KB
178 KB 522ms
519ms Image
image/png 18.238.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/vs20gatotgates.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-114.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf6d975b72859fce895140f11d8b854a256a82370dd9fce02b074b3b6dbbf75e

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:22 GMT
via: 1.1 7d7f6eb601e45c772b8fdc4924fedb26.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jul 2024 06:23:06 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
etag: "7959a5866c9be6d868c6ad01aec2c5b8"
vary: Accept-Encoding, Origin
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 181841
x-amz-cf-id: tYlVM7pXtF9VhgmyVeBzaMvrxZ-in8kgZ0soS3xx0JNc_WwMzxOB8w==

GET
H2 200 vs15godsofwar.png
nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/ 150 KB
150 KB 296ms
293ms Image
image/png 18.238.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/vs15godsofwar.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-114.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 211aa4d1467e9b3e99fe533cd80954a0653e0bb05976d73fff01697cf87324e5

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
via: 1.1 7d7f6eb601e45c772b8fdc4924fedb26.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jul 2024 06:23:04 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
age: 323
x-amz-server-side-encryption: AES256
etag: "f4abe85da2171dc482e7e07a702a3721"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 153269
x-amz-cf-id: BOfWMWcq0y5DaeLUhX6Oxxm9f7htlI55lIDi1l54L_hKM4SQ_5Uqcw==

GET
H2 200 vswayspowzeus.png
nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/ 175 KB
176 KB 529ms
526ms Image
image/png 18.238.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/vswayspowzeus.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-114.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 87a7d2a278c30a56bdce22deb28b4bd379887f0920f121c207867a7a5e71d58d

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:22 GMT
via: 1.1 7d7f6eb601e45c772b8fdc4924fedb26.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jun 2024 13:37:32 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
etag: "4b735669e6a9b3a281df11bfb029973a"
vary: Accept-Encoding, Origin
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 179388
x-amz-cf-id: _6VXSvp2HCuHFkkHHeQPwzpXLOKXGMtpwYD5hJaGfD1xkarrkEEc8g==

GET
H2 200 vs40wildwest.png
nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/ 153 KB
153 KB 659ms
656ms Image
image/png 18.238.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/vs40wildwest.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-114.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 46e51d05e46509ee9766ab642242af6fac72524d5b9b3aaa41603ecd37039c34

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:22 GMT
via: 1.1 7d7f6eb601e45c772b8fdc4924fedb26.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jun 2024 13:37:30 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
etag: "33efb59f1c4bebdffd2934986f07693c"
vary: Accept-Encoding, Origin
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 156567
x-amz-cf-id: IIV5HEioKK88TowY4z8qmWwrjvoVvc0KmsSNKGQvBK8bsJT40HrlWA==

GET
H2 200 vswaysbewaretd.png
nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/ 167 KB
167 KB 431ms
428ms Image
image/png 18.238.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/vswaysbewaretd.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-114.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e4ce0149e02818859e4d67c8d72969185663c06d37f3d823b8a36a3f3a32b8b8

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:22 GMT
via: 1.1 7d7f6eb601e45c772b8fdc4924fedb26.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jun 2024 13:37:31 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
etag: "9f7a6495eb34ede6de16c6f2506a2bb9"
vary: Accept-Encoding, Origin
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 170510
x-amz-cf-id: b79-wab2Dh1EsKpelD88kBs9BQkpYb66_kpb6JFOZ41X7i3SqfXNXw==

GET
H2 200 vs25pandagold.png
nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/ 109 KB
110 KB 429ms
426ms Image
image/png 18.238.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/vs25pandagold.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-114.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 692bc8ec90079a39812d48bdb78f998b12148fbeef41326212c2f305a44c03f2

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:22 GMT
via: 1.1 7d7f6eb601e45c772b8fdc4924fedb26.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jun 2024 13:37:30 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
etag: "3914622b40301eb3e755b29b5b25ccea"
vary: Accept-Encoding, Origin
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 111963
x-amz-cf-id: WOvZIVtRx0qNIMbtu3TdUKQmmb4M1ShqncO0eodG_cMcs5E3IWg4-A==

GET
H2 200 vs20tweethouse.png
nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/ 171 KB
172 KB 428ms
425ms Image
image/png 18.238.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/vs20tweethouse.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-114.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a425a6bb0ce62bbf1dff7b2633420076f93dbef719a9abafca6650aff52dd4b6

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:22 GMT
via: 1.1 7d7f6eb601e45c772b8fdc4924fedb26.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jun 2024 13:37:29 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
etag: "905f76a117835fdd9ae76b1091bce425"
vary: Accept-Encoding, Origin
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 175286
x-amz-cf-id: d19hDGc1PhSH1a41aa2Y43pEWcwTP1__WqgZku8Rq9ahyBvf6fexRw==

GET
H2 200 vs20pbonanza.png
nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/ 161 KB
161 KB 651ms
648ms Image
image/png 18.238.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/vs20pbonanza.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-114.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1bddb45ca1a6e41a3c5f60ac9593efce2af76790e73f993453c0e48aba0ea26c

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:22 GMT
via: 1.1 7d7f6eb601e45c772b8fdc4924fedb26.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jun 2024 13:37:28 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
etag: "111bb9887df59cb7f7437b71c8a0306e"
vary: Accept-Encoding, Origin
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 164579
x-amz-cf-id: Gi0zYiGkF3dJR7gzVyx124NXfhlxbZ8gY4Y9i6QZoCpwHyN8NAjzLg==

GET
H2 200 vswaysbufking.png
nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/ 153 KB
154 KB 521ms
518ms Image
image/png 18.238.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/vswaysbufking.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-114.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a82eeaa3fb2d53e2790c9401fe9a63f173091caac608aaf847a5a88b36c6d8e

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:22 GMT
via: 1.1 7d7f6eb601e45c772b8fdc4924fedb26.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jun 2024 13:37:31 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
etag: "f19adf211a62fa98db7247ba6096d36a"
vary: Accept-Encoding, Origin
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 157027
x-amz-cf-id: asdnwi9KX7mEE4d140beB8n2LQFEz2_CYxG5Ja3kbN_Sr4nG-XQMqw==

GET
H2 200 vs20bonzgold.png
nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/ 157 KB
158 KB 637ms
635ms Image
image/png 18.238.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/vs20bonzgold.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-114.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 67da6dda2e141164c191a754b5a58e358f7478c0ac0fbbe38ece80e23e45405b

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:22 GMT
via: 1.1 7d7f6eb601e45c772b8fdc4924fedb26.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jun 2024 13:37:26 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
etag: "9abf82914156a79f5ecc11c6ee644768"
vary: Accept-Encoding, Origin
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 160897
x-amz-cf-id: 3Inu35VRBUa7bhstHEgO76eo0i7eDa9zGU-dQ34o_RbiBpDEYjqb9A==

GET
H2 200 vs5aztecgems.png
nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/ 137 KB
137 KB 551ms
548ms Image
image/png 18.238.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/vs5aztecgems.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-114.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92b7f4cb9efce299e53fa8d7ba09c48290a91ed47cafd25def307a13c4bf0e3e

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:22 GMT
via: 1.1 7d7f6eb601e45c772b8fdc4924fedb26.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jun 2024 13:37:30 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
etag: "41a9102645dd1afb8cbb6d1be6d75e2e"
vary: Accept-Encoding, Origin
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 140079
x-amz-cf-id: Ld5PEeeT14j73KXsLYLr5TPQpISBmDAi1cOxnqMzH7os5V_w6UBiDw==

GET
H2 200 vs20fruitparty.png
nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/ 101 KB
102 KB 520ms
518ms Image
image/png 18.238.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/vs20fruitparty.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-114.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e4855fea2017b227faa386ff3a8cd3e85eaaac3d7320c375caeaa5757a7e243b

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:22 GMT
via: 1.1 7d7f6eb601e45c772b8fdc4924fedb26.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jul 2024 06:23:06 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
etag: "0d81977972e268eb71e8ca38aad23293"
vary: Accept-Encoding, Origin
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 103448
x-amz-cf-id: kOBVHN9f6zprypoCYyK-F1Mz1tZkabMy3CMX8q-TxoP7_BMBFYYziw==

GET
H2 200 vswayshammthor.png
nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/ 170 KB
170 KB 662ms
660ms Image
image/png 18.238.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/vswayshammthor.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-114.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 91f328f280dac341fcc4094e8b1d3b628624cf68b2d26896f058874da85d0803

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:22 GMT
via: 1.1 7d7f6eb601e45c772b8fdc4924fedb26.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jul 2024 06:23:10 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
etag: "cce296036cdf385a5016499311533778"
vary: Accept-Encoding, Origin
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 173676
x-amz-cf-id: QVYrXzJL0hI-mssu4Lt1edDZ6EssQRn7Bw4bTp-9YCUVZOMOvvZktg==

GET
H2 200 vs20stckwldsc.png
nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/ 168 KB
168 KB 665ms
663ms Image
image/png 18.238.80.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nh162r8lww.wudftnbdmd.net/gs2c/common/game_pic/rec/325/vs20stckwldsc.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-114.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b1e414e8f559bf08f7fa5a8ce5edee0bd8fb8fd06d1ef98c27c41ae0aeddf29

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:22 GMT
via: 1.1 7d7f6eb601e45c772b8fdc4924fedb26.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jul 2024 06:23:08 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
etag: "b3b68f7c65a3fcd07e92dd9a2ab91dbb"
vary: Accept-Encoding, Origin
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 171678
x-amz-cf-id: N2a_45JC6bJGWxb_reIrmwmbyN6JpPgLWpqh8yhjkbfG6_l9Y3JoFQ==

GET slot.svg
borneo138.xyz//assets/img/navigation/ 0
0

GET
H2 200 aisg.webp
images.linkcdn.cloud/global/game-skin1/banner/slot/ 77 KB
77 KB 105ms
100ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/banner/slot/aisg.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 856d9a6980e6c0374351da22ca8e2384afbb824c1b39a2b9d8f6aa6536df1d5d

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Apr 2024 09:34:35 GMT
server: cloudflare
age: 2023160
etag: "6cf7c213ef6cba848aff3b404fbd6fee"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525eba961a-MIA
content-length: 78708
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 pra.webp
images.linkcdn.cloud/global/game-skin1/banner/slot/ 73 KB
74 KB 107ms
103ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/banner/slot/pra.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67de06848bdd4c9dbff62b42e6b7a3450c4325b1bea77b4d5f888fb1d84e2b70

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:13 GMT
server: cloudflare
age: 5679351
etag: "0c844ad510d75a0065de3b123019a6bd"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525ebb961a-MIA
content-length: 75188
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 pgs.webp
images.linkcdn.cloud/global/game-skin1/banner/slot/ 65 KB
66 KB 109ms
104ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/banner/slot/pgs.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17601f1b1378cadf9e4f7a5b80733a08b445eab126832ef3561cba635a931cac

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:12 GMT
server: cloudflare
age: 13712131
etag: "7c57bb758262c3a6935455bc05d26a32"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525ebc961a-MIA
content-length: 66982
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 spd.webp
images.linkcdn.cloud/global/game-skin1/banner/slot/ 60 KB
60 KB 105ms
101ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/banner/slot/spd.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3147d36eee667354929c20b50b4868bab56d35152b9e3a0942dadb243321de18

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:11 GMT
server: cloudflare
age: 2741858
etag: "149403e4326dddf07b5759243a683c75"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525ebd961a-MIA
content-length: 61632
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 nlc.webp
images.linkcdn.cloud/global/game-skin1/banner/slot/ 60 KB
61 KB 108ms
104ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/banner/slot/nlc.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 803d4c132f1d89a296a18787ddb284c83126ec0ac9f0639d2a71c104973d72e6

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Mon, 13 Mar 2023 08:04:19 GMT
server: cloudflare
age: 9416532
etag: "6108fc24f26c5e79178944338eadf7fe"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525ebe961a-MIA
content-length: 61820
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 mic.webp
images.linkcdn.cloud/global/game-skin1/banner/slot/ 61 KB
61 KB 109ms
104ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/banner/slot/mic.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db62b02b9fe5ee90bbfc0d3ba0ccd109bc02944a6d9e9718eec10d36abece699

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:12 GMT
server: cloudflare
age: 2023165
etag: "3acaf31ac38afce13810209766a8e0e1"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525ebf961a-MIA
content-length: 62242
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 pls.webp
images.linkcdn.cloud/global/game-skin1/banner/slot/ 63 KB
63 KB 109ms
105ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/banner/slot/pls.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f46d7dae9f7618ffd2342f6bbda67496af1b8a520d74ae40b55e1e83e79d3064

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Wed, 26 Jul 2023 11:27:28 GMT
server: cloudflare
age: 10580539
etag: "a4a0207f3efb21da2f218b1a9d7b0629"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525ec0961a-MIA
content-length: 64448
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 jli.webp
images.linkcdn.cloud/global/game-skin1/banner/slot/ 58 KB
58 KB 108ms
104ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/banner/slot/jli.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4d01e94e99ec79c91cf51e775cb5087a10d2aacacc7ed597ddafb4c30a00761

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 03:15:17 GMT
server: cloudflare
age: 9416532
etag: "34acb3afbf0b664349df9a2bba9148bd"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525ec1961a-MIA
content-length: 58996
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 adv.webp
images.linkcdn.cloud/global/game-skin1/banner/slot/ 64 KB
64 KB 109ms
105ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/banner/slot/adv.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f890f8b23b53566520a7b86d07cce96c5f5abb5d79c4d8a4130be61cb5cb9767

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:12 GMT
server: cloudflare
age: 2023161
etag: "aa527b577bf236301d98f919ea9361b7"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525ec2961a-MIA
content-length: 65774
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 jdb.webp
images.linkcdn.cloud/global/game-skin1/banner/slot/ 68 KB
68 KB 109ms
106ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/banner/slot/jdb.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18235ac53f747e7faa83476a79aa4e5da5826897fa288c4bbd6ea711f7777df3

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Fri, 16 Jun 2023 15:02:09 GMT
server: cloudflare
age: 13712131
etag: "ab8f42014b001ebe174380a385699f93"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525ec4961a-MIA
content-length: 69684
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 jok.webp
images.linkcdn.cloud/global/game-skin1/banner/slot/ 70 KB
70 KB 110ms
106ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/banner/slot/jok.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dd7a0ade87ca4ba308f52f775d8db1cbb22c5a9f671a96ad86dbeb6258dd95e

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:11 GMT
server: cloudflare
age: 13712131
etag: "ff7ec7bbdc6634a131a6bd7b8fc338f4"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525ec5961a-MIA
content-length: 71194
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 hbn.webp
images.linkcdn.cloud/global/game-skin1/banner/slot/ 64 KB
64 KB 107ms
103ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/banner/slot/hbn.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e29fe498101f2534f2c49044a3c7faaecba2e213d4e148b2246617e1a6141c09

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:12 GMT
server: cloudflare
age: 10580538
etag: "f5ede05d552102dc38a4c778645cf9bb"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525ec6961a-MIA
content-length: 65386
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 cq9.webp
images.linkcdn.cloud/global/game-skin1/banner/slot/ 73 KB
73 KB 112ms
109ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/banner/slot/cq9.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3bfe9de0a5fb603c05637081b984edb1c54998ab999404b939ac047455e0e53

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Jun 2022 04:03:56 GMT
server: cloudflare
age: 2799393
etag: "512a06fea08bccb74988ba9d2ef6311b"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525ec7961a-MIA
content-length: 75060
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 png.webp
images.linkcdn.cloud/global/game-skin1/banner/slot/ 55 KB
55 KB 113ms
110ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/banner/slot/png.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00f872571e04dba010d513681304a0b33c333ec7b84d510a90572dbc02eb609e

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:11 GMT
server: cloudflare
age: 13712130
etag: "936a98d438f627b7c3dc0421dfd1469a"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525ec8961a-MIA
content-length: 55996
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 hyd.webp
images.linkcdn.cloud/global/game-skin1/banner/slot/ 66 KB
66 KB 109ms
106ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/banner/slot/hyd.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e9ed54f3d93502a7e5dbe97feb270ea2b62a56ec4cb522a929e014e67fd9ecb

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:12 GMT
server: cloudflare
age: 13721129
etag: "8d18857c722b139827333a1bda9a661d"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525ec9961a-MIA
content-length: 67576
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET sport.svg
borneo138.xyz//assets/img/navigation/ 0
0

GET
H2 200 afb.webp
images.linkcdn.cloud/global/game-skin1/banner/sportbook/ 64 KB
64 KB 109ms
108ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/banner/sportbook/afb.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d1b39e974a4e016481b9420e0422ec53e8a39ba3941d2ce590e5edbd7fbe0ca

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:14 GMT
server: cloudflare
age: 2017459
etag: "5076701ed4985109de1f05eb9a1d88c7"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525ecb961a-MIA
content-length: 65638
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 sbo.webp
images.linkcdn.cloud/global/game-skin1/banner/sportbook/ 68 KB
68 KB 112ms
110ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/banner/sportbook/sbo.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6ab3c4fe6345190964e4ca5db480f634204d9a3054c67044535fafaed3ea479

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:14 GMT
server: cloudflare
age: 9794940
etag: "741425bec239082dfc94d1cf26536dee"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525ecc961a-MIA
content-length: 69700
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 m88.webp
images.linkcdn.cloud/global/game-skin1/banner/sportbook/ 115 KB
116 KB 111ms
109ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/banner/sportbook/m88.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83d993c3ad58de7e2d63e957daa786f149050cf22ec22f5a84c1ad2ee9f17706

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Jul 2022 11:59:35 GMT
server: cloudflare
age: 10561475
etag: "6fb6ab140e5db59a911fa95c02a641d4"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525ecd961a-MIA
content-length: 117956
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET casino.svg
borneo138.xyz//assets/img/navigation/ 0
0

GET
H2 200 plc.webp
images.linkcdn.cloud/global/game-skin1/banner/casino/ 13 KB
13 KB 97ms
95ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/banner/casino/plc.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5950a3127d0b893373ba927ba605b91b8d7341a3c011cff48c7f6b3329eabc5

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:13 GMT
server: cloudflare
age: 10580798
etag: "27a35000e89a7dcdb9a8b74ad08a368c"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525ece961a-MIA
content-length: 13274
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 lg8.webp
images.linkcdn.cloud/global/game-skin1/banner/casino/ 12 KB
12 KB 97ms
95ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/banner/casino/lg8.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 573f70fbe63df1a3f48f70489ad0cd55f287c5fa8997aa869634bf406e90c331

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 04:10:13 GMT
server: cloudflare
age: 13715636
etag: "49680e6a8201104ecb2353b1fa3e00ed"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525ed0961a-MIA
content-length: 12542
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 evo.webp
images.linkcdn.cloud/global/game-skin1/banner/casino/ 19 KB
20 KB 100ms
98ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/banner/casino/evo.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe7ccc99fe4bcb7ca43695ca7a0fd7594de267e7602bafadc3bbc834b40d144d

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Jun 2022 02:50:11 GMT
server: cloudflare
age: 13712148
etag: "e4d879f9171f77802f74bf9c1dc00ed3"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d525ed1961a-MIA
content-length: 19884
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET arcade.svg
borneo138.xyz//assets/img/navigation/ 0
0

GET
H2 200 spr.webp
images.linkcdn.cloud/global/game-skin1/banner/slot/ 31 KB
31 KB 64ms
61ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/banner/slot/spr.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 530d407b18282c698c8a31919b0e1b5b35001f55d444ec6dfbe90a6c99a02eda

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Thu, 11 May 2023 05:25:57 GMT
server: cloudflare
age: 2017458
etag: "9951b4f7358718bbc6bddbd14193dfff"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d52bf01961a-MIA
content-length: 32046
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 jdb.webp
images.linkcdn.cloud/global/game-skin1/banner/fishing/ 81 KB
82 KB 62ms
60ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/banner/fishing/jdb.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 579f936be1e0e7d97aad8e0de3588eba82e4a906eb8664e9f4a3c5dda57a16bd

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Fri, 16 Jun 2023 15:33:30 GMT
server: cloudflare
age: 10561476
etag: "db08c8cf1dc0b0c7d0fd1e9423fccfbe"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d52bf02961a-MIA
content-length: 83418
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 cq9.webp
images.linkcdn.cloud/global/game-skin1/banner/fishing/ 56 KB
56 KB 63ms
61ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/banner/fishing/cq9.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49b20d34280657bde689d28818cb0dab7e9290c4a19f8ac21d7cb503afafa67e

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Jun 2022 04:04:26 GMT
server: cloudflare
age: 2739009
etag: "e64af5c1e5769865517f0a99cc0471ef"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d52bf03961a-MIA
content-length: 57412
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 jli.webp
images.linkcdn.cloud/global/game-skin1/banner/fishing/ 58 KB
58 KB 62ms
61ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/banner/fishing/jli.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4d01e94e99ec79c91cf51e775cb5087a10d2aacacc7ed597ddafb4c30a00761

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 03:29:25 GMT
server: cloudflare
age: 2117575
etag: "34acb3afbf0b664349df9a2bba9148bd"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d52bf04961a-MIA
content-length: 58996
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 fac.webp
images.linkcdn.cloud/global/game-skin1/banner/fishing/ 59 KB
59 KB 62ms
60ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/game-skin1/banner/fishing/fac.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 001164cf4a5dd3034ad9d1f36129d62ca9786bb7a103020210aefc89d8bb50b2

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jun 2023 05:00:49 GMT
server: cloudflare
age: 13706945
etag: "2fe35f2e32cf77bb89fae82a273cd8e1"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d52bf05961a-MIA
content-length: 60144
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET download-apps.svg
borneo138.xyz//assets/img/navigation/ 0
0

GET
H2 441 gameapp.png
kaisar303top.top/custom/img/header/ 0
54 B 1167ms
145ms Image
text/plain 91.195.240.123
SEDO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kaisar303top.top/custom/img/header/gameapp.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.195.240.123 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software: Parking/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:22 GMT
content-length: 0
server: Parking/1.0

GET
H2 441 playstore.png
kaisar303top.top/custom/img/header/ 0
13 B 1128ms
147ms Image
text/plain 91.195.240.123
SEDO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kaisar303top.top/custom/img/header/playstore.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.195.240.123 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software: Parking/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:22 GMT
content-length: 0
server: Parking/1.0

GET
H2 200 servicemeter.svg
images.linkcdn.cloud/global/default/icon/ 28 KB
9 KB 109ms
80ms Image
image/svg+xml 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/default/icon/servicemeter.svg
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 040da3dcbf3ef2ec002fcb0ef03a68ad08e837638ad00c788850efcde83f32fa

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Jan 2022 14:39:06 GMT
server: cloudflare
age: 13717290
etag: W/"2f51bd3d83a25356d0059d24f55d63cf"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8ade7d553889961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 payment.svg
images.linkcdn.cloud/global/default/icon/ 44 KB
10 KB 104ms
75ms Image
image/svg+xml 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/default/icon/payment.svg
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb4e86505c11cc824a8aa369944ad9f8c91a22ef6fd9bef2935df5455a80dee9

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Jan 2022 14:39:05 GMT
server: cloudflare
age: 2799237
etag: W/"631a9c1df53fd584e29b102cb6e47dec"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8ade7d55388a961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET support.svg
kaisar303top.top/themes/1/img/header/ 0
0

GET
H2 200 whatsapp.png
images.linkcdn.cloud/global/default/contact/ 956 B
1 KB 103ms
74ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/default/contact/whatsapp.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a73cba1243e93a6fbcb7c1ef942eff5c12a934d3de1d98c306faed6198167d

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 2735823
cf-polished: origFmt=png, origSize=1034
content-disposition: inline; filename="whatsapp.webp"
content-length: 956
cf-bgj: imgq:100,h2pri
last-modified: Thu, 27 Jan 2022 14:40:35 GMT
server: cloudflare
etag: "e4ba1ae4931e72e12408403e6cb15bd5"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d55388b961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 vider2.png
images.linkcdn.cloud/global/default/contact/ 4 KB
4 KB 102ms
74ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/default/contact/vider2.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1e3ca49e3d9ddefa9eeb57be26071df2189fb32a1f4c0b4b823c71747087905

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 2732217
cf-polished: origFmt=png, origSize=6996
content-disposition: inline; filename="vider2.webp"
content-length: 4386
cf-bgj: imgq:100,h2pri
last-modified: Mon, 04 Dec 2023 03:14:57 GMT
server: cloudflare
etag: "78e7bdbba563d6df4af5e89b32e542ee"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d55388c961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 Slot.png
images.linkcdn.cloud/global/icon-footer/ 492 B
659 B 103ms
75ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/icon-footer/Slot.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fb5e217573a652b196c6e3502fcef5bf28b58a26573e70183ef5b8af0926829

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 13711927
cf-polished: origFmt=png, origSize=711
content-disposition: inline; filename="Slot.webp"
content-length: 492
cf-bgj: imgq:100,h2pri
last-modified: Sun, 21 Mar 2021 10:35:58 GMT
server: cloudflare
etag: "07ba53b61266935d322bf16bf4a4d4f2"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d55388d961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 pra_footer.png
images.linkcdn.cloud/global/logo-footer/slot/ 4 KB
4 KB 103ms
74ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/slot/pra_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64d12530cd5078164fbe4c0978c71a463fcb27ccc70f0921807da1c22e4f5112

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 2732930
cf-polished: origFmt=png, origSize=5769
content-disposition: inline; filename="pra_footer.webp"
content-length: 3732
cf-bgj: imgq:100,h2pri
last-modified: Sat, 20 Feb 2021 10:03:18 GMT
server: cloudflare
etag: "853671ac4884e69a7ce2e3f19c8b979f"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d55388e961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 spd_footer.png
images.linkcdn.cloud/global/logo-footer/slot/ 3 KB
3 KB 110ms
82ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/slot/spd_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a632ad85bf3cdcb5f2282479c16e285b420190b183560cf936253af24e7f155

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 2750887
cf-polished: origFmt=png, origSize=3205
content-disposition: inline; filename="spd_footer.webp"
content-length: 2848
cf-bgj: imgq:100,h2pri
last-modified: Sat, 20 Feb 2021 10:03:18 GMT
server: cloudflare
etag: "18db6e72b8512169d7090034c7d27cfd"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d55388f961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 pgs_footer.png
images.linkcdn.cloud/global/logo-footer/slot/ 2 KB
2 KB 109ms
81ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/slot/pgs_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc5e1028756507d77de5a77f0e02a91ff666ad2b6c7c49b3905be254c908872f

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 10581849
cf-polished: origFmt=png, origSize=3279
content-disposition: inline; filename="pgs_footer.webp"
content-length: 2072
cf-bgj: imgq:100,h2pri
last-modified: Sat, 20 Feb 2021 10:03:17 GMT
server: cloudflare
etag: "ca11cec2bc67a399c32086f10f42542c"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d553891961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 aisg_footer.webp
images.linkcdn.cloud/global/logo-footer/slot/ 2 KB
3 KB 109ms
81ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/slot/aisg_footer.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aee0e7fc3b5a53a241da33c55022b47b909f8efaad6cf15c893b58f554dd1055

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Apr 2024 05:34:35 GMT
server: cloudflare
age: 10046425
etag: "a19e6a5553effd13a7e6cdf0ecef19e3"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d553893961a-MIA
content-length: 2472
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 fac_footer.webp
images.linkcdn.cloud/global/logo-footer/slot/ 3 KB
3 KB 120ms
93ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/slot/fac_footer.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6bcfbb97bf77fda07de2e20374b6e24eee2971cce4f56a33d376c32f117cb35

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Wed, 24 May 2023 09:26:48 GMT
server: cloudflare
age: 13707077
etag: "95bf50c06c989468cbd5651e11e211a1"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d553894961a-MIA
content-length: 2996
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 rtr_footer.webp
images.linkcdn.cloud/global/logo-footer/slot/ 3 KB
4 KB 106ms
78ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/slot/rtr_footer.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e15e4c677b5ef9a141d3573c34ced20ea3457432e151d573cd671c4ae9eee76

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 10:59:20 GMT
server: cloudflare
age: 3394945
etag: "955e70b4899e2220198193c10558a481"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d553896961a-MIA
content-length: 3582
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 fastspin_footer.png
images.linkcdn.cloud/global/logo-footer/slot/ 3 KB
3 KB 120ms
93ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/slot/fastspin_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f2a3d4a15e76fc4d83b20e174b073c89720c78d53c8accc5ffa1bd838e0d15d

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 2030484
cf-polished: origFmt=png, origSize=5398
content-disposition: inline; filename="fastspin_footer.webp"
content-length: 2992
cf-bgj: imgq:100,h2pri
last-modified: Fri, 24 Jun 2022 08:15:58 GMT
server: cloudflare
etag: "7eb6219a6b0a63a38e44f6c831632ddb"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d553897961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 jli_footer.webp
images.linkcdn.cloud/global/logo-footer/slot/ 3 KB
3 KB 121ms
94ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/slot/jli_footer.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4eed0ce40b2edf71e2dd5993ab087940c9bbbe22a69d134bc24b611b0197a34

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 03:13:53 GMT
server: cloudflare
age: 9417068
etag: "dddb8989601d541da2d836491f54ee72"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d553898961a-MIA
content-length: 3268
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 hcg_footer.png
images.linkcdn.cloud/global/logo-footer/slot/ 3 KB
3 KB 107ms
80ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/slot/hcg_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79f9cbae983d8025b0667e42eb98e8623d80b0484b3e8407471eb352239e0125

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 2030484
cf-polished: origFmt=png, origSize=6751
content-disposition: inline; filename="hcg_footer.webp"
content-length: 3296
cf-bgj: imgq:100,h2pri
last-modified: Wed, 28 Feb 2024 04:17:26 GMT
server: cloudflare
etag: "ab44a593d352b46a9de4c1fc1aec3f55"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d553899961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 adv_footer.png
images.linkcdn.cloud/global/logo-footer/slot/ 3 KB
3 KB 111ms
84ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/slot/adv_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b15dea0e62ffe7c7ae1517afbe07f60f781f7d1de398405b6c76c05f8809c78b

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 2741858
cf-polished: origFmt=png, origSize=6234
content-disposition: inline; filename="adv_footer.webp"
content-length: 3188
cf-bgj: imgq:100,h2pri
last-modified: Sun, 20 Mar 2022 11:22:59 GMT
server: cloudflare
etag: "ef58c5427bc8455c8db0e641ad499083"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d55389a961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 nlc_footer.png
images.linkcdn.cloud/global/logo-footer/slot/ 2 KB
2 KB 107ms
80ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/slot/nlc_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 417e6857524e6577f7d71ed58dcd71b6b26c2f6e96ca20df40dd2604437d547d

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 2753876
cf-polished: origFmt=png, origSize=4108
content-disposition: inline; filename="nlc_footer.webp"
content-length: 1914
cf-bgj: imgq:100,h2pri
last-modified: Sun, 26 Feb 2023 11:07:49 GMT
server: cloudflare
etag: "932f21493e2fc71c6d0038438c7bdf87"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d55389c961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 jdb_footer.webp
images.linkcdn.cloud/global/logo-footer/slot/ 4 KB
4 KB 106ms
79ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/slot/jdb_footer.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 150be84d781aca57db4c9047304279462e06451a48af734c207059f90b871f4a

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Thu, 15 Jun 2023 09:00:23 GMT
server: cloudflare
age: 13707077
etag: "a52df6f465e5d9fcedb06af09861204c"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d55389d961a-MIA
content-length: 4102
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 pls_footer.png
images.linkcdn.cloud/global/logo-footer/slot/ 2 KB
2 KB 120ms
93ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/slot/pls_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 007cf112c44010ac30602a7dbf0bb15ca9f8e8685149dfe8f5c84e5ea4d62631

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 13711927
cf-polished: origFmt=png, origSize=3759
content-disposition: inline; filename="pls_footer.webp"
content-length: 1712
cf-bgj: imgq:100,h2pri
last-modified: Wed, 26 Jul 2023 11:01:29 GMT
server: cloudflare
etag: "e60a38963901df4b3b3e14fbaf73a670"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d55389f961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 viva_footer.webp
images.linkcdn.cloud/global/logo-footer/slot/ 3 KB
3 KB 107ms
81ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/slot/viva_footer.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba1cb2b72866690c29a00ccac1926d509096d537ce07c8ce2ec879238487b29b

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Apr 2023 04:36:05 GMT
server: cloudflare
age: 2703345
etag: "e62bdfc5cf4f5685621db8598790a95c"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5538a1961a-MIA
content-length: 3104
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 jok_footer.png
images.linkcdn.cloud/global/logo-footer/slot/ 3 KB
3 KB 111ms
85ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/slot/jok_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ebbbe3af2d3030998aef4e6476012f8d4567c8565f1483b061ec84c26e73a8b

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 13711927
cf-polished: origFmt=png, origSize=4281
content-disposition: inline; filename="jok_footer.webp"
content-length: 3220
cf-bgj: imgq:100,h2pri
last-modified: Sat, 20 Feb 2021 10:03:18 GMT
server: cloudflare
etag: "3eba39e1b8f5db613029b4e969c5d78d"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5538a2961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 hbn_footer.png
images.linkcdn.cloud/global/logo-footer/slot/ 2 KB
2 KB 121ms
95ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/slot/hbn_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2482cf898b4f41373215d05896fe173ddc03b8d93944a04d85655aa955bddf6

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 11765223
cf-polished: origFmt=png, origSize=2825
content-disposition: inline; filename="hbn_footer.webp"
content-length: 1818
cf-bgj: imgq:100,h2pri
last-modified: Sat, 20 Feb 2021 10:03:18 GMT
server: cloudflare
etag: "5925e20e7e20b958005ac24c32b230db"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568b7961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 afg_footer.png
images.linkcdn.cloud/global/logo-footer/slot/ 2 KB
2 KB 114ms
88ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/slot/afg_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74d1ca64889128aefac01f6248df5f8f71e189fc5cee0df6430d83e48d933acf

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 10581123
cf-polished: origFmt=png, origSize=4641
content-disposition: inline; filename="afg_footer.webp"
content-length: 2214
cf-bgj: imgq:100,h2pri
last-modified: Tue, 01 Jun 2021 14:17:16 GMT
server: cloudflare
etag: "d9a8a10c3bbba7a99030ac51a696dc16"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568b8961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 cq9_footer.png
images.linkcdn.cloud/global/logo-footer/slot/ 2 KB
2 KB 121ms
95ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/slot/cq9_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf234fdb133f21a8647c5b3aea6a833a95dd3492928995e9f8d43bac459c5568

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 2758148
cf-polished: origFmt=png, origSize=2661
content-disposition: inline; filename="cq9_footer.webp"
content-length: 1654
cf-bgj: imgq:100,h2pri
last-modified: Sat, 20 Feb 2021 10:03:17 GMT
server: cloudflare
etag: "4068f9c18d9f515111ea72a15cfe4c17"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568b9961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 vrt_footer.png
images.linkcdn.cloud/global/logo-footer/slot/ 4 KB
4 KB 121ms
95ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/slot/vrt_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c718a4bdc445eb69aff777ed2a17b7ea0fee507ff89860dfe17d484b491182d

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 149838
cf-polished: origFmt=png, origSize=5583
content-disposition: inline; filename="vrt_footer.webp"
content-length: 4134
cf-bgj: imgq:100,h2pri
last-modified: Sat, 20 Feb 2021 10:03:17 GMT
server: cloudflare
etag: "ced0428cdc7957c0daaed26db7081470"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568ba961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 amb_footer.png
images.linkcdn.cloud/global/logo-footer/slot/ 4 KB
4 KB 114ms
88ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/slot/amb_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 173e40054a57f47d798163a8fd8913ce17b403092fa8db30480a685828ca3e3f

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 2703344
cf-polished: origFmt=png, origSize=5595
content-disposition: inline; filename="amb_footer.webp"
content-length: 3848
cf-bgj: imgq:100,h2pri
last-modified: Sat, 20 Feb 2021 10:03:18 GMT
server: cloudflare
etag: "75c61feddb3c64b88c2fb39ae00a0704"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568bb961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 ttg_footer.png
images.linkcdn.cloud/global/logo-footer/slot/ 2 KB
2 KB 115ms
89ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/slot/ttg_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5870bac93f382c6d61160d1e1e9b5a69756c3b058425319b81fdf86ae61869ab

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 4259304
cf-polished: origFmt=png, origSize=2996
content-disposition: inline; filename="ttg_footer.webp"
content-length: 1822
cf-bgj: imgq:100,h2pri
last-modified: Sat, 20 Feb 2021 10:03:18 GMT
server: cloudflare
etag: "4a698e1e5b48da8eddf31ce38dad3b6f"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568bc961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 micro_logo.png
images.linkcdn.cloud/global/logo-footer/slot/ 3 KB
4 KB 112ms
87ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/slot/micro_logo.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 480103ab66052164334090b1562873a9274503b07ef8581715bc1deb00fbfccb

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 13707077
cf-polished: origFmt=png, origSize=5862
content-disposition: inline; filename="micro_logo.webp"
content-length: 3574
cf-bgj: imgq:100,h2pri
last-modified: Sat, 20 Feb 2021 10:03:17 GMT
server: cloudflare
etag: "c63c5e39cbbb9e4b42f83f6af415ccf0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568bd961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 pla_footer.png
images.linkcdn.cloud/global/logo-footer/slot/ 1 KB
1 KB 121ms
96ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/slot/pla_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 756a637be72f34226188ca97e1efc96e50e0b36708b4999d46ec9a4d4439b584

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 9250304
cf-polished: origFmt=png, origSize=2354
content-disposition: inline; filename="pla_footer.webp"
content-length: 1230
cf-bgj: imgq:100,h2pri
last-modified: Sat, 20 Feb 2021 10:03:17 GMT
server: cloudflare
etag: "9344e04e5b8b567d3441abfb0302976e"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568be961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 png_footer.png
images.linkcdn.cloud/global/logo-footer/slot/ 3 KB
3 KB 116ms
91ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/slot/png_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91daae17502efb0644acce2f1e50bae9e51f9158e1f7512dcbd6b51f932325f3

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 10585899
cf-polished: origFmt=png, origSize=3613
content-disposition: inline; filename="png_footer.webp"
content-length: 2962
cf-bgj: imgq:100,h2pri
last-modified: Sat, 20 Feb 2021 10:03:17 GMT
server: cloudflare
etag: "b943431b661f361ab29e6c07415a188e"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568bf961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 hyd_footer.png
images.linkcdn.cloud/global/logo-footer/slot/ 4 KB
4 KB 121ms
97ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/slot/hyd_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b1bbc49d387cd2e8b818a62860d19dbe2ffb2d53700b824713c6ad8478c5aac

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 3504694
cf-polished: origFmt=png, origSize=19329
content-disposition: inline; filename="hyd_footer.webp"
content-length: 3958
cf-bgj: imgq:100,h2pri
last-modified: Sat, 20 Feb 2021 10:03:17 GMT
server: cloudflare
etag: "1848e24d0181263cf93eef12c499ac7b"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568c0961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 nli_footer.png
images.linkcdn.cloud/global/logo-footer/casino/ 2 KB
2 KB 129ms
105ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/casino/nli_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8ec68868f12b962b684584c7f94ff834d4ecc754d1a5852b3c421946126b237

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 13717700
cf-polished: origFmt=png, origSize=2179
content-disposition: inline; filename="nli_footer.webp"
content-length: 1706
cf-bgj: imgq:100,h2pri
last-modified: Sat, 20 Feb 2021 10:03:16 GMT
server: cloudflare
etag: "ad2a601520dc9d9e0b59d9093301d240"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568c2961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 Casino.png
images.linkcdn.cloud/global/icon-footer/ 842 B
1008 B 121ms
97ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/icon-footer/Casino.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 351e16b8d32a4043be1ec126f8d844e4ae4a5fedcaff6a8f899b6a1b9f4f87e2

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 212673
cf-polished: origFmt=png, origSize=1023
content-disposition: inline; filename="Casino.webp"
content-length: 842
cf-bgj: imgq:100,h2pri
last-modified: Sun, 21 Mar 2021 10:35:57 GMT
server: cloudflare
etag: "62d2d03005392ba42e42736774eb1095"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568c3961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 afc_footer.webp
images.linkcdn.cloud/global/logo-footer/casino/ 5 KB
5 KB 114ms
90ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/casino/afc_footer.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f82e7c60ae88a0c9441ce61f562a96b36f492846044e579cbd43d1568a96260

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Mon, 23 May 2022 04:06:01 GMT
server: cloudflare
age: 13721882
etag: "f0e4c269a5fea68b84c7fc9687da321b"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568c4961a-MIA
content-length: 5242
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 plc_footer.png
images.linkcdn.cloud/global/logo-footer/casino/ 4 KB
4 KB 121ms
97ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/casino/plc_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64d12530cd5078164fbe4c0978c71a463fcb27ccc70f0921807da1c22e4f5112

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 2741858
cf-polished: origFmt=png, origSize=5769
content-disposition: inline; filename="plc_footer.webp"
content-length: 3732
cf-bgj: imgq:100,h2pri
last-modified: Sat, 20 Feb 2021 10:03:15 GMT
server: cloudflare
etag: "853671ac4884e69a7ce2e3f19c8b979f"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568c5961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 gd8_footer.png
images.linkcdn.cloud/global/logo-footer/casino/ 3 KB
3 KB 129ms
106ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/casino/gd8_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31e949a90e2201478a888cf4a289e241169d4c3288d1bc3cbb151a96ea72aad9

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 13721882
cf-polished: origFmt=png, origSize=5745
content-disposition: inline; filename="gd8_footer.webp"
content-length: 3282
cf-bgj: imgq:100,h2pri
last-modified: Sat, 20 Feb 2021 10:03:15 GMT
server: cloudflare
etag: "8f0900d1e988d01e9e4dd3a042a5b388"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568c6961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 wmc_footer.png
images.linkcdn.cloud/global/logo-footer/casino/ 4 KB
4 KB 109ms
86ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/casino/wmc_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04b922fce507ed8ed7281c94ca61e8e682806600f48a1aa4bcbf76cbf8eaa74a

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 6370736
cf-polished: origFmt=png, origSize=4573
content-disposition: inline; filename="wmc_footer.webp"
content-length: 3958
cf-bgj: imgq:100,h2pri
last-modified: Sat, 20 Feb 2021 10:03:16 GMT
server: cloudflare
etag: "760cf0ef12ff31207e0776cde6100b71"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568c7961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 ogs_footer.png
images.linkcdn.cloud/global/logo-footer/casino/ 3 KB
3 KB 115ms
92ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/casino/ogs_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 479187ad7983a4cfc66b9680d5bf5d235dae6299d74661aa5de5ebc58f6b86e4

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 13707076
cf-polished: origFmt=png, origSize=4207
content-disposition: inline; filename="ogs_footer.webp"
content-length: 2768
cf-bgj: imgq:100,h2pri
last-modified: Sat, 20 Feb 2021 10:03:15 GMT
server: cloudflare
etag: "f1911055033cb321f68cb137189983b8"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568c9961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 evolution_footer.webp
images.linkcdn.cloud/global/logo-footer/casino/ 4 KB
4 KB 147ms
124ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/casino/evolution_footer.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef2989d4bfdc27fa66d65ef3c4c78a4bdb1def9a86470569ed2c62073639056f

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 09 Nov 2021 06:46:57 GMT
server: cloudflare
age: 13711927
etag: "efff111ac679b0ba28d4585679b8a09f"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568ca961a-MIA
content-length: 4016
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 alb_footer.png
images.linkcdn.cloud/global/logo-footer/casino/ 3 KB
3 KB 112ms
89ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/casino/alb_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23b1eeea42a2cb90b1b0b59ab5003b8b3dc9a8dbb2c258220b3f2dda88a2c1bf

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 3602636
cf-polished: origFmt=png, origSize=3618
content-disposition: inline; filename="alb_footer.webp"
content-length: 3396
cf-bgj: imgq:100,h2pri
last-modified: Sat, 20 Feb 2021 10:03:15 GMT
server: cloudflare
etag: "acf621b9cd59fd56fac8b5d7ef68eee6"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568cb961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 drg_footer.png
images.linkcdn.cloud/global/logo-footer/casino/ 4 KB
4 KB 114ms
91ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/casino/drg_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaba44cb5c322513f0d0b364cab4cde0b300997852e9556ab7bc7a72956c9dd9

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 6191147
cf-polished: origFmt=png, origSize=5147
content-disposition: inline; filename="drg_footer.webp"
content-length: 4356
cf-bgj: imgq:100,h2pri
last-modified: Sat, 20 Feb 2021 10:03:16 GMT
server: cloudflare
etag: "402e5931433b2e8187778f9ed473c9cc"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568cc961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 agc_footer.png
images.linkcdn.cloud/global/logo-footer/casino/ 2 KB
2 KB 111ms
89ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/casino/agc_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b4cb6c63c422e25546bf6417f17c5824a02919fa8af072382bdbb93c296b2fb

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 2735825
cf-polished: origFmt=png, origSize=3031
content-disposition: inline; filename="agc_footer.webp"
content-length: 2390
cf-bgj: imgq:100,h2pri
last-modified: Sat, 20 Feb 2021 10:03:16 GMT
server: cloudflare
etag: "78938e22a482d37e0c73a5a4235a8737"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568cd961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 seg_footer.png
images.linkcdn.cloud/global/logo-footer/casino/ 4 KB
4 KB 113ms
90ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/casino/seg_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f1e1301f75e8a72fecc51369f7e9f30769047d06056c9b033ca65a4dc9367c3

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 21438531
cf-polished: origFmt=png, origSize=7647
content-disposition: inline; filename="seg_footer.webp"
content-length: 4068
cf-bgj: imgq:100,h2pri
last-modified: Thu, 31 Aug 2023 06:51:25 GMT
server: cloudflare
etag: "fecba7bfbcb5bd395cba116805baf2ff"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568ce961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 wec_footer.png
images.linkcdn.cloud/global/logo-footer/casino/ 4 KB
4 KB 148ms
126ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/casino/wec_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ab98d7f0f468c5c43588ad3b455f72483f2dfb74e846f7d4ff1adafa84e11a3

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 378279
cf-polished: origFmt=png, origSize=8660
content-disposition: inline; filename="wec_footer.webp"
content-length: 3818
cf-bgj: imgq:100,h2pri
last-modified: Mon, 09 Oct 2023 09:25:04 GMT
server: cloudflare
etag: "ae66395234b9207d95f76cb644a2071b"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568cf961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 lg8_footer.png
images.linkcdn.cloud/global/logo-footer/casino/ 5 KB
5 KB 146ms
124ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/casino/lg8_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60e78d707f8f38d42a019aa67aa6f8249f44a7ffde90bab99f47181fdee5e3fc

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 9907717
cf-polished: origFmt=png, origSize=21444
content-disposition: inline; filename="lg8_footer.webp"
content-length: 4698
cf-bgj: imgq:100,h2pri
last-modified: Sat, 20 Feb 2021 10:03:15 GMT
server: cloudflare
etag: "7fa83794024c2b216a7401e039382294"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568d0961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 Sport.png
images.linkcdn.cloud/global/icon-footer/ 432 B
597 B 112ms
90ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/icon-footer/Sport.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92704194fea55dcd36b9f45d7e48d4a0d4be2b8c45135e2cf82d6970e216816c

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 2758147
cf-polished: origFmt=png, origSize=632
content-disposition: inline; filename="Sport.webp"
content-length: 432
cf-bgj: imgq:100,h2pri
last-modified: Tue, 15 Feb 2022 05:35:55 GMT
server: cloudflare
etag: "fef5defa74a57ccf04f50b7524026721"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568d1961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 afb_footer.png
images.linkcdn.cloud/global/logo-footer/sports/ 6 KB
6 KB 114ms
92ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/sports/afb_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8182ff2937a1da5a487a85a36a7ae8200cdb821dc5ad539d20983d16b724e24

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 9417065
cf-polished: origFmt=png, origSize=9252
content-disposition: inline; filename="afb_footer.webp"
content-length: 5870
cf-bgj: imgq:100,h2pri
last-modified: Sat, 20 Feb 2021 10:03:17 GMT
server: cloudflare
etag: "02cd1a26472a85d9a671b9405f72dbaa"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568d2961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 iae_footer.png
images.linkcdn.cloud/global/logo-footer/sports/ 5 KB
5 KB 128ms
106ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/sports/iae_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4b7cd8f1f5a77c825bc0847d9398ccdc5ccad87b7b433b7a40cc17f91d2e877

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 8781709
cf-polished: origFmt=png, origSize=6862
content-disposition: inline; filename="iae_footer.webp"
content-length: 4674
cf-bgj: imgq:100,h2pri
last-modified: Sat, 20 Feb 2021 10:03:17 GMT
server: cloudflare
etag: "1e395734ba3707c8ed049e41c92b8adc"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568d3961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 sbo_footer.png
images.linkcdn.cloud/global/logo-footer/sports/ 3 KB
3 KB 145ms
123ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/sports/sbo_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cce7aaec78fa1982e6e29e1dcf3d877be41a52ef5d1f294cb34f7f307f06720

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 2770395
cf-polished: origFmt=png, origSize=4134
content-disposition: inline; filename="sbo_footer.webp"
content-length: 2888
cf-bgj: imgq:100,h2pri
last-modified: Sat, 20 Feb 2021 10:03:17 GMT
server: cloudflare
etag: "288d8a291020cb63d1810ff549ff51c4"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568d4961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 cmd_footer.png
images.linkcdn.cloud/global/logo-footer/sports/ 5 KB
5 KB 132ms
111ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/sports/cmd_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34a64e8baab683ef9a4708e3072e4a139084b9297f6bf9462093a0120cd0fa85

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 3508289
cf-polished: origFmt=png, origSize=6500
content-disposition: inline; filename="cmd_footer.webp"
content-length: 4756
cf-bgj: imgq:100,h2pri
last-modified: Sat, 20 Feb 2021 10:03:17 GMT
server: cloudflare
etag: "7a086b5c4debb199f7328c5cdd011593"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568d5961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 m88_footer.webp
images.linkcdn.cloud/global/logo-footer/sports/ 4 KB
4 KB 146ms
125ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/sports/m88_footer.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1211d4bf1bccbede91eb5eb169a3c046614210089c2e80d9127f5e4ef36992a1

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Jul 2022 11:58:20 GMT
server: cloudflare
age: 2030484
etag: "3006c0fb288e43d53116d4de9aaa11e1"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568d6961a-MIA
content-length: 4152
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 Arcade.png
images.linkcdn.cloud/global/icon-footer/ 258 B
425 B 150ms
130ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/icon-footer/Arcade.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d00eca9a381a9771a0ab7e757cf9677cb54aaba48704aca33713b289dc06a9c7

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 2124068
cf-polished: origFmt=png, origSize=363
content-disposition: inline; filename="Arcade.webp"
content-length: 258
cf-bgj: imgq:100,h2pri
last-modified: Sun, 04 Jun 2023 05:37:53 GMT
server: cloudflare
etag: "d6630a9d015bb15e65636154aa32becc"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568d8961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 spaceman_footer.webp
images.linkcdn.cloud/global/logo-footer/casino/ 3 KB
3 KB 147ms
127ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/casino/spaceman_footer.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b7fffb2eded56aaa473d66e4521f67818eb54f12288a9be02588fb561e7957c

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Mon, 23 May 2022 09:50:20 GMT
server: cloudflare
age: 13721882
etag: "911c57940ed7fedf898710bd7f7b2174"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568d9961a-MIA
content-length: 2706
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 spr_footer.webp
images.linkcdn.cloud/global/logo-footer/slot/ 4 KB
4 KB 149ms
129ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/slot/spr_footer.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dde1eec803b275a3aefbc0087b145ebf2584a17349e91b7cd32edd44599b1c4

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Thu, 13 Apr 2023 04:47:06 GMT
server: cloudflare
age: 2741858
etag: "e62549f16b0dfef5adc33abece658834"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568da961a-MIA
content-length: 3628
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 Game%20Lain.png
images.linkcdn.cloud/global/icon-footer/ 578 B
750 B 145ms
125ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/icon-footer/Game%20Lain.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d75f175950bdbadd30c42f0c4e79d2f0026c55c7ce3a70105cd3d0d3ad517a8

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 3156593
cf-polished: origFmt=png, origSize=773
content-disposition: inline; filename="Game%20Lain.webp"
content-length: 578
cf-bgj: imgq:100,h2pri
last-modified: Sun, 21 Mar 2021 10:35:57 GMT
server: cloudflare
etag: "48e3846862095d3a9eee2dfed80fd593"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568dc961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 lvg_footer.png
images.linkcdn.cloud/global/logo-footer/others/ 2 KB
2 KB 147ms
127ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/others/lvg_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63bd73c29d3b55538b0d3090a8eb8bc235e278a8db7e01dee4fdfdd3fed00de1

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 1701821
cf-polished: origFmt=png, origSize=4013
content-disposition: inline; filename="lvg_footer.webp"
content-length: 1582
cf-bgj: imgq:100,h2pri
last-modified: Thu, 08 Jun 2023 07:43:10 GMT
server: cloudflare
etag: "22975b1ad09f5fcd4b7a38c2fe550391"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568dd961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 ws1_footer.webp
images.linkcdn.cloud/global/logo-footer/others/ 3 KB
3 KB 148ms
128ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/others/ws1_footer.webp
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65ef5a414a33366eeba58a96bace5d8ffc2ab9db301837e787ae1374589aff30

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Aug 2023 05:07:45 GMT
server: cloudflare
age: 2759713
etag: "07da4e817e197e313effb777b7dfb177"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568de961a-MIA
content-length: 3030
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 mki_footer.png
images.linkcdn.cloud/global/logo-footer/others/ 3 KB
3 KB 149ms
129ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/others/mki_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b887bac65099ac4291eacdc318edd55fcd663f4de6dff380257a7c4de1a80d0b

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 2740430
cf-polished: origFmt=png, origSize=2967
content-disposition: inline; filename="mki_footer.webp"
content-length: 2600
cf-bgj: imgq:100,h2pri
last-modified: Sat, 20 Feb 2021 10:03:16 GMT
server: cloudflare
etag: "3f1df131d990223b70e5ffafa57b028e"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568e0961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 sv3_footer.png
images.linkcdn.cloud/global/logo-footer/others/ 5 KB
5 KB 160ms
140ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/others/sv3_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 445b50612612f6c95a49ebfb73da2640227721158d1e008fd70c77e73a60d7b3

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 13717700
cf-polished: origFmt=png, origSize=6291
content-disposition: inline; filename="sv3_footer.webp"
content-length: 4814
cf-bgj: imgq:100,h2pri
last-modified: Sat, 20 Feb 2021 10:03:16 GMT
server: cloudflare
etag: "8eee5d77270c2ad7cd5c9ab7e26492c9"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568e2961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 Lottery.png
images.linkcdn.cloud/global/icon-footer/ 690 B
834 B 150ms
130ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/icon-footer/Lottery.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d422216d4021968d8261fb5e1c8d74c7975bc5dd5b020e9bc6d2446c53943811

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 2118382
cf-polished: origFmt=png, origSize=866
content-disposition: inline; filename="Lottery.webp"
content-length: 690
cf-bgj: imgq:100,h2pri
last-modified: Sun, 21 Mar 2021 10:35:57 GMT
server: cloudflare
etag: "40d46b7055fd2611b32d4630e2ac72f3"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568e4961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 togel_footer.png
images.linkcdn.cloud/global/logo-footer/lottery/ 2 KB
2 KB 156ms
137ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/lottery/togel_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31034da610bbcdf580521984eb78c5e60bd4a280e55dcca0f82c03fd0cf096a2

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 1983105
cf-polished: origFmt=png, origSize=1984
content-disposition: inline; filename="togel_footer.webp"
content-length: 1584
cf-bgj: imgq:100,h2pri
last-modified: Thu, 01 Sep 2022 03:26:45 GMT
server: cloudflare
etag: "8906a8d654f07064870fa89ea7dbd411"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568e6961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 Poker.png
images.linkcdn.cloud/global/icon-footer/ 282 B
552 B 157ms
138ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/icon-footer/Poker.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 567a2ea12bbaede565dd622bc1dca5314788f8d84d21b03bab448706d0d186f4

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 2721127
cf-polished: origFmt=png, origSize=413
content-disposition: inline; filename="Poker.webp"
content-length: 282
cf-bgj: imgq:100,h2pri
last-modified: Sun, 21 Mar 2021 10:35:58 GMT
server: cloudflare
etag: "3d903a7f9502368da9ffaddbeb15dc28"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568e7961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H2 200 we1_footer.png
images.linkcdn.cloud/global/logo-footer/poker/ 3 KB
3 KB 160ms
141ms Image
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.linkcdn.cloud/global/logo-footer/poker/we1_footer.png
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6543063f1956b2cd2734b469f7959559866bb328be469c5469ef79b19d89e28d

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
cf-cache-status: HIT
age: 2928814
cf-polished: origFmt=png, origSize=3685
content-disposition: inline; filename="we1_footer.webp"
content-length: 2652
cf-bgj: imgq:100,h2pri
last-modified: Sat, 20 Feb 2021 10:03:15 GMT
server: cloudflare
etag: "59a95e2fc0b52ae7e47c4d79e8d9f00c"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d5568e8961a-MIA
expires: Mon, 04 Aug 2025 12:18:21 GMT

GET
H3 200 rtpslot.gif
grandwin189ss.vip/assets/img/ 102 KB
103 KB 369ms
368ms Image
image/gif 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grandwin189ss.vip/assets/img/rtpslot.gif
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: abe647cb32ed4cb23f1898121d423c82c4a2446b2d4f72d3ce466fb461ceff17

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
last-modified: Fri, 21 Jun 2024 07:15:52 GMT
server: LiteSpeed
etag: "199c9-667528a8-3013a0;;;"
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 104905
expires: Sun, 11 Aug 2024 12:18:21 GMT

GET
H3 200 wa.gif
grandwin189ss.vip/assets/img/img/ 568 KB
569 KB 373ms
371ms Image
image/gif 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grandwin189ss.vip/assets/img/img/wa.gif
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: 0c536f68eb981a55c85ddcddd921dff830b8fda186dba4999ab15c389fb311fd

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
last-modified: Fri, 21 Jun 2024 07:15:52 GMT
server: LiteSpeed
etag: "8e1f2-667528a8-3013a6;;;"
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 582130
expires: Sun, 11 Aug 2024 12:18:21 GMT

GET
H3 200 vendor.js Show response
grandwin189ss.vip/dekstop/themes/default/js/ 548 KB
145 KB 240ms
239ms Script
text/javascript 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://grandwin189ss.vip/dekstop/themes/default/js/vendor.js
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: 90607332cf52e54c8ada047ef01464e8f906a0cd018d8b4d9ea62e008390abb5

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
content-encoding: br
last-modified: Fri, 21 Jun 2024 07:15:52 GMT
server: LiteSpeed
etag: "88ee7-667528a8-320cbd;br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 148239

GET
H3 200 global.js Show response
grandwin189ss.vip/dekstop/themes/default/js/ 16 KB
3 KB 295ms
293ms Script
text/javascript 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://grandwin189ss.vip/dekstop/themes/default/js/global.js?v=2.0.1445
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: 4fbb075a41f9cd0046692c9690cd709436ee936f71b8d2036c0ce06dd09e2d02

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
content-encoding: br
last-modified: Fri, 21 Jun 2024 07:15:52 GMT
server: LiteSpeed
etag: "3ebf-667528a8-320cbf;br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 2656

GET
H3 200 index.js Show response
grandwin189ss.vip/dekstop/themes/default/js/ 1 KB
501 B 295ms
294ms Script
text/javascript 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://grandwin189ss.vip/dekstop/themes/default/js/index.js?v=2.0.1445
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: 3be7f4e8814541b7830943c8f8b1bb4bbf9bcdc13eb87104d26645d0bc7a9a24

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
content-encoding: br
last-modified: Fri, 21 Jun 2024 07:15:52 GMT
server: LiteSpeed
etag: "5ac-667528a8-320cc0;br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 459

GET
H3 200 jquery.validate.min.js Show response
grandwin189ss.vip/dekstop/themes/default/vendor/jquery-validate/ 24 KB
7 KB 295ms
294ms Script
text/javascript 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://grandwin189ss.vip/dekstop/themes/default/vendor/jquery-validate/jquery.validate.min.js
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: 93c2af91a0986f3262c875d979ff5d50e85b5ac81418951d9b2b7fe3eb76a2fd

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:21 GMT
content-encoding: br
last-modified: Fri, 21 Jun 2024 07:15:52 GMT
server: LiteSpeed
etag: "5f80-667528a8-320caa;br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 7568

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 246ms
127ms Stylesheet
text/css 2607:f8b0:400d:c02::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Chakra+Petch:wght@300;400;500;600;700&display=swap

Requested by

Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/duka/costum/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

536fd20c8bafa2723e13150c9c97b47dcd121eead4ca3e416ab2c4cebe7447d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 04 Aug 2024 12:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 04 Aug 2024 12:18:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Aug 2024 12:18:21 GMT

GET
H2 200 cIflMapbsEk7TDLdtEz1BwkeJI91R5_F.woff2
fonts.gstatic.com/s/chakrapetch/v11/ 10 KB
10 KB 264ms
97ms Font
font/woff2 2607:f8b0:400d:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/chakrapetch/v11/cIflMapbsEk7TDLdtEz1BwkeJI91R5_F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Chakra+Petch:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c1d::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04324f621defc72007c4e635cfd12903161b5f8aa1067ad5f619314fc153be56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grandwin189ss.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 10:15:40 GMT
x-content-type-options: nosniff
age: 266561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9896
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 17:55:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 10:15:40 GMT

GET
H2 200 cIflMapbsEk7TDLdtEz1BwkeQI51R5_F.woff2
fonts.gstatic.com/s/chakrapetch/v11/ 10 KB
10 KB 232ms
65ms Font
font/woff2 2607:f8b0:400d:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/chakrapetch/v11/cIflMapbsEk7TDLdtEz1BwkeQI51R5_F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Chakra+Petch:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c1d::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

406c2b0cf20e0f7a831f2955b12b27947e5032827c3735c8b15d8bb4213086d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grandwin189ss.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 17:13:02 GMT
x-content-type-options: nosniff
age: 327919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10040
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 17:51:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Jul 2025 17:13:02 GMT

GET
H2 200 cIflMapbsEk7TDLdtEz1BwkebIl1R5_F.woff2
fonts.gstatic.com/s/chakrapetch/v11/ 10 KB
10 KB 287ms
121ms Font
font/woff2 2607:f8b0:400d:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/chakrapetch/v11/cIflMapbsEk7TDLdtEz1BwkebIl1R5_F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Chakra+Petch:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c1d::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a0c3882f90b8879eeb874f3d91adab02b88b46088d264eebb16910c8daf4792

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grandwin189ss.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 12:13:48 GMT
x-content-type-options: nosniff
age: 345873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10012
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 18:09:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Jul 2025 12:13:48 GMT

GET
H2 200 cIf6MapbsEk7TDLdtEz1BwkWn6pg.woff2
fonts.gstatic.com/s/chakrapetch/v11/ 10 KB
10 KB 223ms
57ms Font
font/woff2 2607:f8b0:400d:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/chakrapetch/v11/cIf6MapbsEk7TDLdtEz1BwkWn6pg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Chakra+Petch:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c1d::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a83115d983bb1324c79a41db6d60d85583835c268939115a41025b4d388f3fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grandwin189ss.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 14:22:45 GMT
x-content-type-options: nosniff
age: 251736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9748
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 17:51:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 14:22:45 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f

Request headers

Referer
Origin: https://grandwin189ss.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

POST
H3 200 getBalances.php Show response
grandwin189ss.vip/dekstop/function/ 0
53 B 100ms
95ms XHR
text/html 162.0.222.252
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://grandwin189ss.vip/dekstop/function/getBalances.php
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/themes/default/js/vendor.js
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 162.0.222.252 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.trezor.page
Software: LiteSpeed /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://grandwin189ss.vip/dekstop/index.php
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 04 Aug 2024 12:18:22 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 140ms
67ms Script
text/javascript 2606:4700:10::6814:1247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 43807
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8ade7d58efe331ea-MIA
content-length: 4547

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 379 B
514 B 242ms
68ms Script
text/html 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4867736&@f16&@g1&@h1&@i1&@j1722773902318&@k0&@l1&@mGRANDWIN189%20Mainkan%20game%20terbaik%20yang%20di%20sediakan%20oleh%20slot%20thailand%20dengan%20permainan%20seru%20dan%20cashback%2C%20serta%20bonus%2080%25%20untuk%20new%20member.%20Nikmati%20game%20judi%20online%20slot%20gacor%20bersama%20situs%20slot%20thailand%2C%20dapatkan%20pola%20RTP%20terbaru%2C%20Bonus%20melimpah%2C%20Serta%20layanan%2024%20jam%20tanpa%20henti.&@n0&@ohttps%3A%2F%2Fgrandwin189ss.vip%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-47384043&@b3:1722773902&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fgrandwin189ss.vip%2Fdekstop%2Findex.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: 94bfbe689251a6fdf44a787cf4bc4eab4b01f8ce1e962776237e4e02979c43eb

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 12:18:22 GMT
Connection: close
Content-Length: 379
Content-Type: text/html;charset=UTF-8

GET
H2 200 / Show response
e.dtscout.com/e/ 8 KB
4 KB 203ms
132ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fgrandwin189ss.vip%2Fdekstop%2Findex.php&j=https%3A%2F%2Fgrandwin189ss.vip%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4867736&@f16&@g1&@h1&@i1&@j1722773902318&@k0&@l1&@mGRANDWIN189%20Mainkan%20game%20terbaik%20yang%20di%20sediakan%20oleh%20slot%20thailand%20dengan%20permainan%20seru%20dan%20cashback%2C%20serta%20bonus%2080%25%20untuk%20new%20member.%20Nikmati%20game%20judi%20online%20slot%20gacor%20bersama%20situs%20slot%20thailand%2C%20dapatkan%20pola%20RTP%20terbaru%2C%20Bonus%20melimpah%2C%20Serta%20layanan%2024%20jam%20tanpa%20henti.&@n0&@ohttps%3A%2F%2Fgrandwin189ss.vip%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-47384043&@b3:1722773902&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fgrandwin189ss.vip%2Fdekstop%2Findex.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3900672b1827f63f6c3746b7aa067bee3c35c169c4fcf44ea56df81bdd4ed88

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:22 GMT
x-t: 0.266
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yLVxxi347HYwRlFoiJDkBD5DNDkHbzripFmIaNasu8HorSahPs1nzDJxCZhcO7Wv534vNmn7s1Et86BSXqexdkJse9o5dMpqa4pK%2FXi6Cp8PYv1WDt3kbRpmMhrHVPaU8DVULmc0EvD%2FV7M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl1
cf-ray: 8ade7d5b9af4da13-MIA
expires: Sun, 04 Aug 2024 12:18:21 GMT

GET
H2 200 /
t.dtscout.com/idg/ Frame 76F5 0
0 205ms
134ms Document
text/html 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=6D001722773902C5ADF6888CD5A3D280
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fgrandwin189ss.vip%2Fdekstop%2Findex.php&j=https%3A%2F%2Fgrandwin189ss.vip%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://grandwin189ss.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8ade7d5cfb74a53f-MIA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 04 Aug 2024 12:18:22 GMT
expires: Sun, 04 Aug 2024 12:18:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CF10QWMkOZ1Iy18wM7W6pzAz2EdkFyjIfehtVwaecRsiZDLnCFVrKDQ53Ohpp1X6OJWhzvz0eosOA%2Bavv04kg%2F1QDkM8as%2FZoZOCAF0mwz6inUypxLsI9GDS9nUNMSUq8WQXNpdw7qBKfDs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1 200
OK t.dhj Show response
pxdrop.lijit.com/1/d/ 2 KB
2 KB 239ms
57ms Script
application/javascript 23.222.79.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://pxdrop.lijit.com/1/d/t.dhj?cls=sync&dmn=grandwin189ss.vip&GDPR_v2=&us_privacy=&pubid=dt_scout&gpp=&gpp_sid=

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fgrandwin189ss.vip%2Fdekstop%2Findex.php&j=https%3A%2F%2Fgrandwin189ss.vip%2F

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.222.79.162 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-222-79-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

78c2411761b1b4aceedb38874763a58a02714100252d9b7bfd896c8b57cc6a12

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 12:18:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1397
Expires: Sun, 04 Aug 2024 13:18:22 GMT

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ 2 KB
3 KB 324ms
68ms Script
application/javascript 3.128.134.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fgrandwin189ss.vip%2Fdekstop%2Findex.php&j=https%3A%2F%2Fgrandwin189ss.vip%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.128.134.25 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-128-134-25.us-east-2.compute.amazonaws.com

Software

Resource Hash

9507e9b9e7a3f71b8f8902bc492d028f362a34819835790347fcb155dd522f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 12:18:23 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 afwu.js Show response
cdn.tynt.com/ 19 KB
6 KB 152ms
39ms Script
application/javascript 104.18.34.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/afwu.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fgrandwin189ss.vip%2Fdekstop%2Findex.php&j=https%3A%2F%2Fgrandwin189ss.vip%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 15:09:01 GMT
server: cloudflare
age: 98972
etag: W/"651ed18d-4c00"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8ade7d5d2804031c-MIA
expires: Wed, 07 Aug 2024 12:18:22 GMT

GET
H2 200 / Show response
t.dtscout.com/pv/ 51 B
348 B 124ms
122ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=grandwin189ss.vip&_ss=4pff7ekmr3&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=53pp&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fgrandwin189ss.vip%2Fdekstop%2Findex.php&j=https%3A%2F%2Fgrandwin189ss.vip%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3edd40ba36613c0229d5b4a454d917ad6a147ca726997ed72f6ccd970009c9c

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:22 GMT
x-t: 0.189
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lxwhHXSR%2FMu4GFcNR7ANCdo5%2FTyRHbMrkZGbYlmZ5aonhIeEBA90iSMkoktcGvJgAt3nDBeteQil2a1pK%2FExh%2FZZGrxpFaFEup%2BPwzt7YP3HaudAj0QoLCrAMF80bJfLi%2BHBDPb%2FtkPLG7s%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 8ade7d5c8ba1da13-MIA
expires: Sun, 04 Aug 2024 12:18:21 GMT

GET
H2 200 p
ic.tynt.com/b/ 35 B
648 B 225ms
63ms Image
image/gif 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1722773902996&dn=AFWU&iso=0&pu=https%3A%2F%2Fgrandwin189ss.vip%2Fdekstop%2Findex.php&r=https%3A%2F%2Fgrandwin189ss.vip%2F&t=GRANDWIN189%20Mainkan%20game%20terbaik%20yang%20di%20sediakan%20oleh%20slot%20thailand%20dengan%20permainan%20seru%20dan%20cashback%2C%20serta%20bonus%2080%25%20untuk%20new%20member.%20Nikmati%20game%20judi%20online%20slot%20gacor%20bersama%20situs%20slot%20thaila&chmob=0
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:23 GMT
last-modified: Fri, 16 Apr 2010 15:38:20 GMT
server: nginx/1.16.1
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
etag: "4bc8846c-23"
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges: bytes
content-length: 35
expires: "Sat, 26 Jul 1997 05:00:00 GMT"

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ 61 KB
19 KB 226ms
60ms Script
text/javascript 108.138.85.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fgrandwin189ss.vip%2Fdekstop%2Findex.php&j=https%3A%2F%2Fgrandwin189ss.vip%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.85.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-85-101.iad12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb487c970b6a254eab7ea2ef8c3392d91856ea1c7192e80c52c512acec38c9aa

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 20:00:10 GMT
content-encoding: gzip
via: 1.1 c6bba20dc3ec8526b729f039a2fdf7ae.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jul 2024 18:45:07 GMT
server: AmazonS3
x-amz-cf-pop: IAD12-P2
age: 58694
x-amz-server-side-encryption: AES256
etag: W/"6d5f005a10a94879ca0081a13ed411b9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: xdUoVj5j-s-8j7aWqjwyL7XlUY4AZceiwkwPC-ApXadpFUyfhMXCaA==

GET
H2 200 / Show response
t.dtscdn.com/widget/ 0
602 B 200ms
81ms Script
application/javascript 2606:4700:20::ac43:4aba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=6D001722773902C5ADF6888CD5A3D280&nid=300&p=2114454483&t=600&s=1600x1200x24&u=https%3A%2F%2Fgrandwin189ss.vip%2Fdekstop%2Findex.php&r=https%3A%2F%2Fgrandwin189ss.vip%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fgrandwin189ss.vip%2Fdekstop%2Findex.php&j=https%3A%2F%2Fgrandwin189ss.vip%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:23 GMT
x-t: 1.39
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ygrF%2BOzONQ67BfrZkQg6MJPP454ADmVPbDqjvsr4nqRXpz2rju%2B7kuKLMUBWYoq0ZNMJ8ARMsg3teDfCoHFQp%2FRlMYatmlLm%2BHGpxqhIr8xyQMP14%2BGqu3OOfoEXNNov6PFty%2BSn0LdyJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web4.ny1.dtscdn.com
cf-ray: 8ade7d5eae30a4c7-MIA
expires: Sun, 04 Aug 2024 12:21:29 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=6D001722773902C5ADF6888CD5A3D280
https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m
https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=0926c32a5d118202
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Ml9DM1ZvQWVBM3JHNzVIelRmb3VjN2dlT3FaZUxxcDlQSmhOSlRzQzIyX1E&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=Ml9DM1ZvQWVBM3JHNzVIelRmb3VjN2dlT3FaZUxxcDlQSmhOSlRzQzIyX1E&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referr...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESEGn3Rsz5k2ptpN_hLRPGBO4&google_cver=1

70 B
440 B

60ms
60ms

Image
image/gif

34.197.192.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESEGn3Rsz5k2ptpN_hLRPGBO4&google_cver=1
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: HTTP/1.1
Server: 34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-192-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Date: Sun, 04 Aug 2024 12:18:24 GMT
Content-Length: 70
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 04 Aug 2024 12:18:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESEGn3Rsz5k2ptpN_hLRPGBO4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 375
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK t_.htm
pxdrop.lijit.com/a/ Frame D445 0
0 238ms
56ms Document
text/html 23.222.79.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxdrop.lijit.com/a/t_.htm?ver=1.1497.794&cid=c026&cls=sync
Requested by: Host: pxdrop.lijit.com
URL: https://pxdrop.lijit.com/1/d/t.dhj?cls=sync&dmn=grandwin189ss.vip&GDPR_v2=&us_privacy=&pubid=dt_scout&gpp=&gpp_sid=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.79.232 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-222-79-232.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://grandwin189ss.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1174
Content-Type: text/html
Date: Sun, 04 Aug 2024 12:18:23 GMT
Expires: Sun, 11 Aug 2024 12:18:23 GMT
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/k/ 2 KB
2 KB 298ms
55ms Script
application/javascript 23.48.203.105
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=C&rnd=0.8609341177112897&stid=ZGAACmavcY8AAAAIQRaIAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.203.105 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-203-105.deploy.static.akamaitechnologies.com

Software

Resource Hash

369da6745b69f7d648396019215562fafd494ad452bfaaddc3b1e09b6a632914

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 12:18:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1384
Expires: Sun, 04 Aug 2024 13:18:23 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ 42 B
265 B 68ms
68ms Image
image/gif 3.128.134.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fgrandwin189ss.vip%2Fdekstop%2Findex.php&event_source=dtscout&rnd=0.8609341177112897&exptid=ZGAACmavcY8AAAAIQRaIAw%3D%3D&fcmp=false

Requested by

Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.128.134.25 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-128-134-25.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 12:18:23 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 v2 Show response
de.tynt.com/deb/ 1 KB
2 KB 75ms
65ms Script
application/javascript 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chmob=0&r=https%3A%2F%2Fgrandwin189ss.vip%2F&pu=https%3A%2F%2Fgrandwin189ss.vip%2Fdekstop%2Findex.php
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: f553b0e550c94c3a5033feae5cece66da823c0f4f5fbd68ad9a94f5931c5ae55

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Sun, 04 Aug 2024 12:18:23 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length: 1369
content-type: application/javascript

GET
H2

200

27519
tags.bluekai.com/site/ Frame 5F88
Redirect Chain

https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1722773903293.6
https://tags.bluekai.com/site/27519?id=212748806079742&ret=html&random=1722773903

0
0

245ms
120ms

Document
text/html

23.220.132.230
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/27519?id=212748806079742&ret=html&random=1722773903
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chmob=0&r=https%3A%2F%2Fgrandwin189ss.vip%2F&pu=https%3A%2F%2Fgrandwin189ss.vip%2Fdekstop%2Findex.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.220.132.230 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-220-132-230.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

bk-server: 8ed3
content-length: 71
content-type: text/html
date: Sun, 04 Aug 2024 12:18:23 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
x-request-id: d86f5d2473aeb29eb065b19b08937516

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
date: Sun, 04 Aug 2024 12:18:23 GMT
expires: Thu, 01-Jan-70 00:00:01 GMT
location: https://tags.bluekai.com/site/27519?id=212748806079742&ret=html&random=1722773903
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma: no-cache
referrer-policy: unsafe-url
server: 33XP006
x-33x-status: 400000000040080C

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1722773903293.1
https://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=&us_privacy=&random=1722773903293.1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match?uid=41dcb0d9-2068-47aa-9f9b-7c57ebb0fa40&bid=1e2n4ou

70 B
440 B

57ms
57ms

Image
image/gif

34.197.192.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=41dcb0d9-2068-47aa-9f9b-7c57ebb0fa40&bid=1e2n4ou
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: HTTP/1.1
Server: 34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-192-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Date: Sun, 04 Aug 2024 12:18:23 GMT
Content-Length: 70
Content-Type: image/gif

Redirect headers

location: https://ps.eyeota.net/match?uid=41dcb0d9-2068-47aa-9f9b-7c57ebb0fa40&bid=1e2n4ou
date: Sun, 04 Aug 2024 12:18:23 GMT
server: Kestrel
content-length: 191

GET
H2

200

db_sync
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKS2avcY9Z4ujjCqSXAg%3D%3D&us_privacy=&_rand=1722773903293.2
https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKS2avcY9Z4ujjCqSXAg%3D%3D&us_privacy=&_rand=1722773903293.2&expected_cookie=aa210e72-0501-4cc4-86fc-f1350d66c58a

0
142 B

81ms
80ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKS2avcY9Z4ujjCqSXAg%3D%3D&us_privacy=&_rand=1722773903293.2&expected_cookie=aa210e72-0501-4cc4-86fc-f1350d66c58a
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:23 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 9199187108544CF0B99E628DEB8AEB40 Ref B: MIAEDGE2511 Ref C: 2024-08-04T12:18:23Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYe2o6NXKDwLGzcYZWVJw==

Redirect headers

date: Sun, 04 Aug 2024 12:18:23 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 4B8C4946488B46E19D8027880D6F3A8B Ref B: MIAEDGE2511 Ref C: 2024-08-04T12:18:23Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: /db_sync?pid=15927&puuid=CoIKS2avcY9Z4ujjCqSXAg%3D%3D&us_privacy=&_rand=1722773903293.2&expected_cookie=aa210e72-0501-4cc4-86fc-f1350d66c58a
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYe2o6LV/7mClxky+TViQ==

GET
H2

204

a32b7d58-7c66-4c64-96f2-d1322fffcb81
map.go.affec.tv/map/ttd/
Redirect Chain

https://map.go.affec.tv/map/3a/?pid=CoIKS2avcY9Z4ujjCqSXAg%3D%3D&us_privacy=&ts=1722773903293.3
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D66af718ffb1b0600017d330c%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent=
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D66af718ffb1b0600017d330c%2526chc%253Dtt%2526redirect_url%253D%2526gdpr%253D%25...
https://map.go.affec.tv/map/an/6592763482150600026?ch=66af718ffb1b0600017d330c&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent=
https://map.go.affec.tv/map/ttd/a32b7d58-7c66-4c64-96f2-d1322fffcb81?ttd_puid=&gdpr=0&gdpr_consent=

0
562 B

64ms
63ms

Image
text/plain

54.84.119.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://map.go.affec.tv/map/ttd/a32b7d58-7c66-4c64-96f2-d1322fffcb81?ttd_puid=&gdpr=0&gdpr_consent=
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Server: 54.84.119.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-119-200.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:24 GMT
content-encoding: gzip
vary: Accept-Encoding

Redirect headers

location: https://map.go.affec.tv/map/ttd/a32b7d58-7c66-4c64-96f2-d1322fffcb81?ttd_puid=&gdpr=0&gdpr_consent=
date: Sun, 04 Aug 2024 12:18:23 GMT
server: Kestrel
content-length: 229

GET

v2
usermatch.krxd.net/um/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKS2avcY9Z4ujjCqSXAg%3D%3D&us_privacy=&random=1722773903293.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKS2avcY9Z4ujjCqSXAg%3D%3D&us_privacy=&random=1722773903293.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=f62a81f1-e8fd-4a0d-84cc-d697bf7af123%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%252...
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=f62a81f1-e8fd-4a0d-84cc-d697bf7af123%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%252...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a32b7d58-7c66-4c64-96f2-d1322fffcb81&ttd_puid=f62a81f1-e8fd-4a0d-84cc-d697bf7af123%2Chttps%253A%252F%252Fusermatch.krxd.n...
https://usermatch.krxd.net/um/v2?partner=tapad

0
0

GET
H2

200

405716.gif
idsync.rlcdn.com/
Redirect Chain

https://dp2.33across.com/ps/?pid=1205&rand=1722773903293.5
https://idsync.rlcdn.com/405716.gif?partner_uid=212727678389025

42 B
439 B

165ms
69ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/405716.gif?partner_uid=212727678389025
Requested by: Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php
Protocol: H2
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:23 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 04 Aug 2024 12:18:23 GMT
referrer-policy: unsafe-url
server: 33XP007
x-33x-status: 4000000000004000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://idsync.rlcdn.com/405716.gif?partner_uid=212727678389025
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2

200

bounce
secure.adnxs.com/
Redirect Chain

https://dp1.33across.com/ps/?pid=669&uid=CoIKS2avcY9Z4ujjCqSXAg%3D%3D&us_privacy=&random=1722773903293.7&pu=https%3A%2F%2Fgrandwin189ss.vip%2Fdekstop%2Findex.php
https://secure.adnxs.com/mapuid?t=2&member=1001&user=212727652623561&seg_code=33x&random=1722773903
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212727652623561%26seg_code%3D33x%26random%3D1722773903

43 B
1 KB

65ms
65ms

Image
image/gif

68.67.179.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212727652623561%26seg_code%3D33x%26random%3D1722773903

Requested by

Host: grandwin189ss.vip
URL: https://grandwin189ss.vip/dekstop/index.php

Protocol

Server

68.67.179.87 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://grandwin189ss.vip/dekstop/index.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 12:18:23 GMT
an-x-request-uuid: ccb23a49-fb55-464a-be33-e6bb9fcfa743
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.73; 38.132.118.73; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Aug 2024 12:18:23 GMT
an-x-request-uuid: bbe6d7f1-b3fa-4124-b21d-f32e871953ab
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212727652623561%26seg_code%3D33x%26random%3D1722773903
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.73; 38.132.118.73; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK t_.htm
t.sharethis.com/a/ Frame 6BE4 0
0 242ms
88ms Document
text/html 23.48.203.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1497.23400&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=C&rnd=0.8609341177112897&stid=ZGAACmavcY8AAAAIQRaIAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.203.112 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-203-112.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://grandwin189ss.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1174
Content-Type: text/html
Date: Sun, 04 Aug 2024 12:18:23 GMT
Expires: Sun, 11 Aug 2024 12:18:23 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/3825/ 4 KB
1 KB 222ms
118ms XHR
application/json 108.138.85.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.85.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-85-101.iad12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 04 Aug 2024 12:18:25 GMT
content-encoding: gzip
via: 1.1 7e2fab32e11703f7384de4d8fef36848.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jul 2024 18:45:07 GMT
server: AmazonS3
x-amz-cf-pop: IAD12-P2
etag: W/"f16e89fd08a708a6bd2e69be50fd30ab"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: public, max-age=86400
x-amz-cf-id: g_lFJ8rqn4f9zIAnNip_SX6QFI8Yq4hxHHJL7MB1qvGnTmMUNbj1Yw==

GET
H2 200 favicon-1815075327.png
images.linkcdn.cloud/V2/350/favicon/ 896 B
1 KB 40ms
39ms Other
image/webp 2606:4700:4400::ac40:9ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://images.linkcdn.cloud/V2/350/favicon/favicon-1815075327.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8abce271e22ff346cb1660e2ec7bed5534e0fc87330aad5cb92ebee0df865e0c

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 12:18:24 GMT
cf-cache-status: HIT
age: 13683689
cf-polished: origFmt=png, origSize=3067
content-disposition: inline; filename="favicon-1815075327.webp"
content-length: 896
cf-bgj: imgq:100,h2pri
last-modified: Wed, 19 Jan 2022 05:42:36 GMT
server: cloudflare
etag: "1b80ec552407dde2fd5b0369f87fa798"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ade7d64794a961a-MIA
expires: Mon, 04 Aug 2025 12:18:24 GMT

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ 532 B
1 KB 250ms
108ms XHR
application/json 18.209.253.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.253.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-253-154.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a1a08147fb4275185292db82c6dbb9f8755041a75b422758d2ad5add0bd64f35

Request headers

Referer: https://grandwin189ss.vip/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 12:18:24 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://grandwin189ss.vip
cache-control: no-cache
x-server: 10.40.9.38
access-control-allow-credentials: true
content-length: 532
expires: 0

GET
H2 200 lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 14F5 0
0 152ms
50ms Document
text/html 108.138.85.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.85.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-85-101.iad12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://grandwin189ss.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age: 44517
cache-control: public, max-age=86400
content-encoding: gzip
content-type: text/html
date: Sat, 03 Aug 2024 23:56:28 GMT
etag: W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified: Tue, 05 Sep 2023 17:36:56 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 55545918b0c914bb8f5282930649df4c.cloudfront.net (CloudFront)
x-amz-cf-id: 7G4nGGLnlDKp2KkGylP16HPlL9k9yvsQGk8bn5eoP-4rQebSs1cjIA==
x-amz-cf-pop: IAD12-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: borneo138.xyz
URL: https://borneo138.xyz//assets/img/navigation/popular.svg

Domain: borneo138.xyz
URL: https://borneo138.xyz//assets/img/navigation/slot.svg

Domain: borneo138.xyz
URL: https://borneo138.xyz//assets/img/navigation/sport.svg

Domain: borneo138.xyz
URL: https://borneo138.xyz//assets/img/navigation/casino.svg

Domain: borneo138.xyz
URL: https://borneo138.xyz//assets/img/navigation/arcade.svg

Domain: borneo138.xyz
URL: https://borneo138.xyz//assets/img/navigation/download-apps.svg

Domain: kaisar303top.top
URL: https://kaisar303top.top/themes/1/img/header/support.svg

Domain: usermatch.krxd.net
URL: https://usermatch.krxd.net/um/v2?partner=tapad

Verdicts & Comments Add Verdict or Comment

259 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

100 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
map.go.affec.tv/map/ttd	1969-12-31 23:59:59	Name: oo Value: 1
map.go.affec.tv/map/an	1969-12-31 23:59:59	Name: oo Value: 1
grandwin189ss.vip/	1969-12-31 23:59:59	Name: PHPSESSID Value: mv5ua1estsjgaqg5notffghhas
.linkcdn.cloud/	1970-01-20 22:32:55	Name: __cf_bm Value: pFieHxORSbYkMMBO28LJ20p2Cufz7r0oao8tpo9hPO4-1722773901-1.0.1.1-vMVa3ZV848_l9HYZZyJyTPvfXTMSMzRC1MvZPIFe67Fh4JkP6U5zk94ZeBzbFeTf5RG6q18GgY30NDtqDYXM6Q
grandwin189ss.vip/	1970-01-21 07:18:29	Name: HstCfa4867736 Value: 1722773902318
grandwin189ss.vip/	1970-01-21 07:18:29	Name: HstCla4867736 Value: 1722773902318
grandwin189ss.vip/	1970-01-21 07:18:29	Name: HstCmu4867736 Value: 1722773902318
grandwin189ss.vip/	1970-01-21 07:18:29	Name: HstPn4867736 Value: 1
grandwin189ss.vip/	1970-01-21 07:18:29	Name: HstPt4867736 Value: 1
grandwin189ss.vip/	1970-01-21 07:18:29	Name: HstCnv4867736 Value: 1
grandwin189ss.vip/	1970-01-21 07:18:29	Name: HstCns4867736 Value: 1
.dtscout.com/	1970-01-20 22:32:58	Name: m Value: 1
.dtscout.com/	1970-01-20 22:32:57	Name: st Value: 1
.dtscout.com/	1970-01-21 00:56:53	Name: df Value: 1722773902
.dtscout.com/	1970-01-21 00:41:03	Name: l Value: 6D001722773902C5ADF6888CD5A3D280
.grandwin189ss.vip/	1970-01-21 00:38:10	Name: __dtsu Value: 6D001722773902C5ADF6888CD5A3D280
.lijit.com/	1970-01-20 22:34:20	Name: lijitAcc3PC Value: 1
.sharethis.com/	1970-01-21 07:18:29	Name: __stid Value: ZGAACmavcY8AAAAIQRaIAw==
.sharethis.com/	1970-01-21 07:18:29	Name: __stidv Value: 2
.dtscdn.com/	1970-01-21 02:50:39	Name: uid Value: 6D001722773902C5ADF6888CD5A3D280
.tynt.com/	1970-01-21 07:18:29	Name: uid Value: CoIKS2avcY9Z4ujjCqSXAg==
.tynt.com/	1970-01-21 00:42:29	Name: pids Value: %5B%7B%22p%22%3A%22fcb82aaae3%22%2C%22f%22%3A1%2C%22ts%22%3A1722773903294%7D%2C%7B%22p%22%3A%22607295b4a4%22%2C%22f%22%3A1%2C%22ts%22%3A1722773903294%7D%2C%7B%22p%22%3A%22b32ef6f991%22%2C%22f%22%3A1%2C%22ts%22%3A1722773903294%7D%2C%7B%22p%22%3A%22002f98d420%22%2C%22f%22%3A1%2C%22ts%22%3A1722773903294%7D%2C%7B%22p%22%3A%22d9fe068602%22%2C%22f%22%3A1%2C%22ts%22%3A1722773903294%7D%2C%7B%22p%22%3A%22e32a9fc66e%22%2C%22f%22%3A1%2C%22ts%22%3A1722773903294%7D%2C%7B%22p%22%3A%227361b0e8e4%22%2C%22f%22%3A1%2C%22ts%22%3A1722773903294%7D%5D
.tapad.com/	1970-01-20 23:59:17	Name: TapAd_TS Value: 1722773903459
.tapad.com/	1970-01-20 23:59:17	Name: TapAd_DID Value: f62a81f1-e8fd-4a0d-84cc-d697bf7af123
.go.affec.tv/	1970-01-21 07:18:29	Name: ck Value: 66af718ffb1b0600017d330b
.go.affec.tv/	1970-01-21 07:18:29	Name: oo Value: 1
.onaudience.com/	1970-01-21 07:18:29	Name: cookie Value: 323fc7ba2ce69f7b
.onaudience.com/	1970-01-20 22:34:20	Name: done_redirects236 Value: 1
.linkedin.com/	1970-01-21 00:42:29	Name: li_sugr Value: aa210e72-0501-4cc4-86fc-f1350d66c58a
.linkedin.com/	1970-01-21 07:18:29	Name: bcookie Value: "v=2&d413e455-7cf9-4d27-8bf8-36934a7299cf"
.linkedin.com/	1970-01-20 22:34:20	Name: lidc Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2989:u=1:x=1:i=1722773903:t=1722860303:v=2:sig=AQH33M7wO2jQEJ0BjErkSoxsnSuKRDFI"
.33across.com/	1970-01-21 07:18:29	Name: 33x_ps Value: u%3D212727678389025%3As1%3D1722773903535%3Ats%3D1722773903535
.eyeota.net/	1970-01-21 07:18:29	Name: mako_uid Value: 1911d5398cc-101a0000010a4a9d
.eyeota.net/	1970-01-20 22:32:54	Name: SERVERID Value: 19101~DM
.adsrvr.org/	1970-01-21 07:18:29	Name: TDID Value: a32b7d58-7c66-4c64-96f2-d1322fffcb81
.adnxs.com/	1970-01-21 08:08:53	Name: receive-cookie-deprecation Value: 1
.t.sharethis.com/	1970-01-20 22:53:03	Name: pxcelPage_default_c010_C Value: 1_0_1722773903812
.bluekai.com/	1970-01-21 02:52:05	Name: bkdc Value: phx
.bluekai.com/	1970-01-21 02:52:05	Name: bkpa Value: KJpEnXTLu5Dl1MzN+nEwEnWN1Mx0Bfsy1e9p1nz6Bpauv6G+Lz6G0zNHv6g1uX7w+ED6Bp/0BpKtBe9s91GVeXQ=
.bluekai.com/	1970-01-21 02:52:05	Name: bku Value: 4tL99/2hgtj5OnGd
.tapad.com/	1970-01-20 23:59:17	Name: TapAd_3WAY_SYNCS Value: 1!5220
.adnxs.com/	1970-01-21 00:42:29	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2C')kcHr*!]tbP6j2F-XstGt!@Dwv%!M@2
.adnxs.com/	1970-01-21 00:42:29	Name: XANDR_PANID Value: V6y9EeFoxn_3BKLDueU23P6OwjhcvNLVrjO1qaY6iNDid-9ecnx4RCtu_MLfTSYjuUN5ad6DpuiD4KHjXu5mrW__KAeH7KS0suYKlDA9u-E.
.adnxs.com/	1970-01-21 00:42:29	Name: uuid2 Value: 6592763482150600026
.doubleclick.net/	1970-01-21 08:08:53	Name: IDE Value: AHWqTUnhuFJKUyQvbQLvCIKcD9ZFWV5DxsMVJW_4BUFg2mi6jDzru31G0gCiAhwA1zs
.ml314.com/	1970-01-21 07:18:29	Name: pi Value: 3646053438943920213
.go.affec.tv/	1970-01-21 07:18:29	Name: pt Value: eyJhbiI6eyJkdCI6MTcyMjc3MzkwMywiaWQiOiI2NTkyNzYzNDgyMTUwNjAwMDI2IiwibHMiOjE3MjI3NzM5MDN9LCJ0dCI6eyJkdCI6MTcyMjc3MzkwMywiaWQiOiJDb0lLUzJhdmNZOVo0dWpqQ3FTWEFnPT0iLCJscyI6MTcyMjc3MzkwM30sInRkIjp7ImR0IjoxNzIyNzczOTA0LCJpZCI6ImEzMmI3ZDU4LTdjNjYtNGM2NC05NmYyLWQxMzIyZmZmY2I4MSIsImxzIjoxNzIyNzczOTA0fSwidiI6MH0=\|1722773904\|870bc212f3653c43c77f73fca9cbd6b08b11defb
.rlcdn.com/	1970-01-21 07:18:29	Name: rlas3 Value: A+YLBfsipKeE2dy6VOfXPE6P1rbbe1G0n5GwaVKS70c=
.rlcdn.com/	1970-01-20 23:59:17	Name: pxrc Value: CI/jvbUGEgUI6EcQABIFCNtOEAE=
.pippio.com/	1970-01-21 07:18:29	Name: did Value: 6tjQhmCFhdvse_Ej
.pippio.com/	1970-01-21 07:18:29	Name: didts Value: 1722773904
.pippio.com/	1970-01-20 23:59:17	Name: nnls Value:
.pippio.com/	1970-01-20 23:59:17	Name: pxrc Value: CJDjvbUGEgYIgr0rEAA=
.crwdcntrl.net/	1970-01-21 05:01:41	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 05:01:41	Name: _cc_id Value: 7ed6351312d43014522371e417e46919
.crwdcntrl.net/	1970-01-21 05:01:41	Name: _cc_cc Value: "ACZ4nGNQME9NMTM2NTQ2NEoxMTYwNDE1MjI2N0w1MTRPNTGzNLRkAIK09YUTGOCA594HS8aPsgz%2FGRkZDs7bYAJj%2F%2BvSgjEXzjjABGOfO3qIGcb%2BuXEKC4x9d%2B1Tbhj78OI5cPHzSOwbpx6xwdgN%2FzVhzEtIwgDbMzxI"
.crwdcntrl.net/	1970-01-21 05:01:41	Name: _cc_aud Value: "ABR4nGNgYGBIW184gQEGmBkYuGaAWYtaQSTjw3ogCQBlTgVE"
.grandwin189ss.vip/	1970-01-21 05:01:41	Name: _cc_id Value: 7ed6351312d43014522371e417e46919
.grandwin189ss.vip/	1970-01-21 05:01:41	Name: _cc_cc Value: ACZ4nGNQME9NMTM2NTQ2NEoxMTYwNDE1MjI2N0w1MTRPNTGzNLRkAIK09YUTGOCA594HS8aPsgz%2FGRkZDs7bYAJj%2F%2BvSgjEXzjjABGOfO3qIGcb%2BuXEKC4x9d%2B1Tbhj78OI5cPHzSOwbpx6xwdgN%2FzVhzEtIwgDbMzxI
.grandwin189ss.vip/	1970-01-21 05:01:41	Name: _cc_aud Value: ABR4nGNgYGBIW184gQEGmBkYuGaAWYtaQSTjw3ogCQBlTgVE
.grandwin189ss.vip/	1970-01-20 22:34:20	Name: panoramaId_expiry Value: 1722860304469
.adsrvr.org/	1970-01-21 07:18:29	Name: TDCPM Value: CAESFAoFdGFwYWQSCwi-sOeZsqKaPRAFGAEgASgCMgsIxJin1ciimj0QBTgBWgZsb3RhbWVgAg..
.sitescout.com/	1970-01-21 07:18:29	Name: ssi Value: a6d531ab-40c1-4961-8278-8b93f5131f14#1722773905346
.pubmatic.com/	1970-01-20 22:34:20	Name: KTPCACOOKIE Value: YES
.agkn.com/	1970-01-21 07:18:29	Name: ab Value: 0001%3A8%2B2YPKDv8FLcLHF7Eu%2BLFdxdxd5pY2m1
.smartadserver.com/	1970-01-21 07:18:29	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 07:18:29	Name: pbw Value: %24b%3d16999%3b%24o%3d99999
.sitescout.com/	1970-01-20 23:16:05	Name: _ssuma Value: eyI3IjoxNzIyNzczOTA1NDA1fQ
.clickagy.com/	1970-01-21 08:08:53	Name: cb Value: Zq9xkQuZcsOXhxBHlWwm0o_B
.pubmatic.com/	1970-01-21 07:18:29	Name: KADUSERCOOKIE Value: 78ED3890-0050-49BD-9E6C-9330A01F7322
.smartadserver.com/	1970-01-21 07:18:29	Name: pid Value: 3849158156674138670
.yahoo.com/	1970-01-21 07:18:51	Name: A3 Value: d=AQABBJFxr2YCEPFMj8OEOd5ruv_wJXmnWrcFEgEBAQHDsGa5ZtxH0iMA_eMAAA&S=AQAAAtS7E9ma4_plro9OXAhfacQ
.rubiconproject.com/	1970-01-21 07:18:29	Name: audit_p Value: 1\|fbscmtlQiIImPwID4xAEgzbCx9/gCcAN4DYw1kAoN/ybz16xSA9sXWmbuEpd+bZ/8LrUlX/JI47yUhTWCqUS/D1eMj+H8dOH49sMIeUhac4e6suH4Zvqm4Atycv0XhVSf4ftCwTvmb422xs8s0zNuGDw8Z8vTu4Tk50LKQzdh9Q=
.rubiconproject.com/	1970-01-21 07:18:29	Name: khaos Value: LZFJ3P0B-18-GFPM
.rubiconproject.com/	1970-01-21 07:18:29	Name: khaos_p Value: LZFJ3P0B-18-GFPM
.rubiconproject.com/	1970-01-21 07:18:29	Name: audit Value: 1\|fbscmtlQiIImPwID4xAEgzbCx9/gCcAN4DYw1kAoN/ybz16xSA9sXWmbuEpd+bZ/8LrUlX/JI47yUhTWCqUS/D1eMj+H8dOH49sMIeUhac4e6suH4Zvqm4Atycv0XhVSf4ftCwTvmb422xs8s0zNuGDw8Z8vTu4Tk50LKQzdh9Q=
.analytics.yahoo.com/	1970-01-21 07:18:29	Name: IDSYNC Value: 19bk~2jxo
global.ib-ibi.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: i20cxrwzwphvc5lgawvkc43l
.c.cintnetworks.com/	1970-01-20 22:32:57	Name: TiPMix Value: 16.039813723224995
.c.cintnetworks.com/	1970-01-20 22:32:57	Name: x-ms-routing-name Value: self
.truoptik.com/	1970-01-21 07:18:29	Name: to_master_s Value: 58bf4a394da7725c469cb5e053bb699c
.truoptik.com/	1970-01-21 07:18:29	Name: to_version_s Value: b2
aorta.clickagy.com/	1970-01-21 08:08:53	Name: chs Value: [{"ch":"120","t":"2024-08-04 12:18:25"},{"ch":"4","t":"2024-08-04 12:18:25"}]
.amazon-adsystem.com/	1970-01-21 04:18:29	Name: ad-id Value: A74YfvdPjEQDrTxSYWXlMCM
.amazon-adsystem.com/	1970-01-21 08:08:53	Name: ad-privacy Value: 0
sync.srv.stackadapt.com/	1970-01-21 07:18:29	Name: sa-user-id Value: s%3A0-a4533711-055c-547a-73ad-a9b8e938b7fc.3UjGAUtZ3J6exqeD7PWzxhaOb%2BLgLSuby3HJ%2BhbjPYk
.srv.stackadapt.com/	1970-01-21 07:18:29	Name: sa-user-id Value: s%3A0-a4533711-055c-547a-73ad-a9b8e938b7fc.3UjGAUtZ3J6exqeD7PWzxhaOb%2BLgLSuby3HJ%2BhbjPYk
sync.srv.stackadapt.com/	1970-01-21 07:18:29	Name: sa-user-id-v2 Value: s%3ApFM3EQVcVHpzram46Ti3_CaEdkk.acoDXVJAypx4d7jxGhPzxKlVvNhuAEuyqcZMCmSsVZc
.srv.stackadapt.com/	1970-01-21 07:18:29	Name: sa-user-id-v2 Value: s%3ApFM3EQVcVHpzram46Ti3_CaEdkk.acoDXVJAypx4d7jxGhPzxKlVvNhuAEuyqcZMCmSsVZc
sync.srv.stackadapt.com/	1970-01-21 07:18:29	Name: sa-user-id-v3 Value: s%3AAQAKIOEPig05Vqz7wDFSZnir7E4XyBt1YVycXWaR4RSf1G3eEGcYBCCR4721BjABOgTwU00QQgRaiEKu.q4axOMNRWqyJK4SxSMwKIF7L7ve4Cemv4Bh4OCS14bM
.srv.stackadapt.com/	1970-01-21 07:18:29	Name: sa-user-id-v3 Value: s%3AAQAKIOEPig05Vqz7wDFSZnir7E4XyBt1YVycXWaR4RSf1G3eEGcYBCCR4721BjABOgTwU00QQgRaiEKu.q4axOMNRWqyJK4SxSMwKIF7L7ve4Cemv4Bh4OCS14bM
.turn.com/	1970-01-21 02:52:05	Name: uid Value: 8366738501912325373
ib.mookie1.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: crtw0waqgvk3w2ys1k1ankul
.ib.mookie1.com/	1970-01-21 07:18:29	Name: ibkukiuno Value: s=3f303759-8bfa-445d-a085-2bac5d20970f&h=&v=0&l=-8584788329795613434&op=&hl=0&vlu=0&tcs=1&dcc=-8584788329795613434
.ib.mookie1.com/	1970-01-21 07:18:29	Name: ibkukinet Value: 646215241=-8584788329795613434
.demdex.net/	1970-01-21 02:52:05	Name: demdex Value: 66735057869403777561301741422816105088
.adform.net/	1970-01-20 23:17:32	Name: C Value: 1
.dpm.demdex.net/	1970-01-21 02:52:05	Name: dpm Value: 66735057869403777561301741422816105088
.adform.net/	1970-01-20 23:59:17	Name: uid Value: 8617666005302372355
.t.sharethis.com/	1969-12-31 23:59:59	Name: pxcelBcnLcy Value: 57

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://grandwin189ss.vip/dekstop/index.php Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://kaisar303top.top/custom/img/header/gameapp.png Message: Failed to load resource: the server responded with a status of 441 ()
network	error	URL: https://kaisar303top.top/custom/img/header/playstore.png Message: Failed to load resource: the server responded with a status of 441 ()
network	error	URL: https://usermatch.krxd.net/um/v2?partner=tapad Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bcp.crwdcntrl.net
borneo138.xyz
cdn.tynt.com
cm.g.doubleclick.net
de.tynt.com
dp1.33across.com
dp2.33across.com
e.dtscout.com
fonts.googleapis.com
fonts.gstatic.com
grandwin189ss.vip
ic.tynt.com
idsync.rlcdn.com
images.linkcdn.cloud
kaisar303top.top
map.go.affec.tv
match.adsrvr.org
nh162r8lww.wudftnbdmd.net
pd.sharethis.com
pixel.onaudience.com
ps.eyeota.net
px.ads.linkedin.com
pxdrop.lijit.com
s10.histats.com
s4.histats.com
secure.adnxs.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tags.bluekai.com
tags.crwdcntrl.net
usermatch.krxd.net
borneo138.xyz
kaisar303top.top
usermatch.krxd.net
104.18.34.83
108.138.85.101
142.4.219.198
162.0.222.252
172.217.222.156
18.209.253.154
18.238.80.114
23.220.132.230
23.222.79.162
23.222.79.232
23.48.203.105
23.48.203.112
2606:4700:10::6814:1247
2606:4700:20::ac43:4aba
2606:4700:21::8d65:780a
2606:4700:21::8d65:780b
2606:4700:4400::ac40:9ac7
2607:f8b0:400d:c02::5f
2607:f8b0:400d:c1d::5e
2620:1ec:21::14
3.128.134.25
34.197.192.192
35.244.154.8
35.71.131.137
54.38.113.3
54.84.119.200
67.202.105.22
67.202.105.23
67.202.105.32
68.67.179.87
91.195.240.123
001164cf4a5dd3034ad9d1f36129d62ca9786bb7a103020210aefc89d8bb50b2
007cf112c44010ac30602a7dbf0bb15ca9f8e8685149dfe8f5c84e5ea4d62631
00f872571e04dba010d513681304a0b33c333ec7b84d510a90572dbc02eb609e
02ac63e86bef9c01268dc0c0be3ed1538cac41cb8cd94935b0a1aacb7c9fa1da
040da3dcbf3ef2ec002fcb0ef03a68ad08e837638ad00c788850efcde83f32fa
04324f621defc72007c4e635cfd12903161b5f8aa1067ad5f619314fc153be56
04b922fce507ed8ed7281c94ca61e8e682806600f48a1aa4bcbf76cbf8eaa74a
062267448e378fb056aeb9e8fb8199cedb093cf9ffc1c4ef8da9c725e0b96bad
08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6
08f4d14ca277bb2d64aef1d7124cc68a10371989053e9eb74d012b5ba22cee26
09011ccb854e721c42a976c72353e9197a3f5c03f75a4ded5c403dd3da0db5bb
0a632ad85bf3cdcb5f2282479c16e285b420190b183560cf936253af24e7f155
0b1e414e8f559bf08f7fa5a8ce5edee0bd8fb8fd06d1ef98c27c41ae0aeddf29
0b7fffb2eded56aaa473d66e4521f67818eb54f12288a9be02588fb561e7957c
0c536f68eb981a55c85ddcddd921dff830b8fda186dba4999ab15c389fb311fd
0cce7aaec78fa1982e6e29e1dcf3d877be41a52ef5d1f294cb34f7f307f06720
1122b9a86580fef04de80a5f6ada631aa87c6a28290656249b4fb8a4a7aeb3f9
12078b3ccbf25b191d2635e89c1fce9ddca7e59db81a4dc3c73e32661e5e4556
1211d4bf1bccbede91eb5eb169a3c046614210089c2e80d9127f5e4ef36992a1
13647fc7871f728aaed58c72feb1e23ccfb6be8b86cc780401ebaff323bbfd51
150be84d781aca57db4c9047304279462e06451a48af734c207059f90b871f4a
1511ad90cbb14cdbe980681722971c9f6abd38cf73d9979957acd43b8f5f638d
15a680d35919f0f62b69b363915d4170d2488f04b498a3896a4a4ec46580f977
173e40054a57f47d798163a8fd8913ce17b403092fa8db30480a685828ca3e3f
17601f1b1378cadf9e4f7a5b80733a08b445eab126832ef3561cba635a931cac
18235ac53f747e7faa83476a79aa4e5da5826897fa288c4bbd6ea711f7777df3
1b5ff4f7d310f76293b084338a89e7ffe17670a12860300b64ca9e014a39b306
1bddb45ca1a6e41a3c5f60ac9593efce2af76790e73f993453c0e48aba0ea26c
1c718a4bdc445eb69aff777ed2a17b7ea0fee507ff89860dfe17d484b491182d
1e15e4c677b5ef9a141d3573c34ced20ea3457432e151d573cd671c4ae9eee76
1e2d096f241b155cf6fbcf86fea31747be90871851ad281af8eaef09a9d000ce
20c33c7280b825a9b5b580c7fe43e2f7ab3368e62edfc46341363d4bc63194be
211aa4d1467e9b3e99fe533cd80954a0653e0bb05976d73fff01697cf87324e5
2372a2231c83bab6f163a3a2e07bde6d2d02c2a611a4621960b7f6519a46b657
23b1eeea42a2cb90b1b0b59ab5003b8b3dc9a8dbb2c258220b3f2dda88a2c1bf
258558c0a4964c4bc9e36c3541a950651c7787904fac6176ac3e671b6aaf2c51
263c35df46ef8d220ccc7247cdaba68bfce04f9a33f36bcc242bd2926b22dbbd
28b479e0cf236b2a5d3404526b672b441dd76f59a65ebe5fba4904e8130bbe6d
28e5bc851f8c1f0f11d244ed331972ed7ef11247ebb99300b3173bfb840212b8
2ac1e88c61557472e190643d7ca8f4bd781c852ff1af9811af7a426ed96d0bbc
2c430522ff8b34a86d2a21e5210c31ae65c50da7c1f6f0c72584fe066d619577
2c937d55104be14583d63595551915e3505e4c7a4e062ea1a9a59acc698d28ab
2cda3e85cf85945a46d126c78bb51ab4832a2f2feb6e6e96b02d8d60acc85f0c
2d75f175950bdbadd30c42f0c4e79d2f0026c55c7ce3a70105cd3d0d3ad517a8
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2ebbbe3af2d3030998aef4e6476012f8d4567c8565f1483b061ec84c26e73a8b
2f4e8a937802ba30ad17b56f3eeae94c093cafa3905e7f80549121d8a842d7d5
2fb5e217573a652b196c6e3502fcef5bf28b58a26573e70183ef5b8af0926829
30d4a3e804403131de5d4943af9428f66431d702079f15b9f860fce84327a878
31034da610bbcdf580521984eb78c5e60bd4a280e55dcca0f82c03fd0cf096a2
3147d36eee667354929c20b50b4868bab56d35152b9e3a0942dadb243321de18
31a73cba1243e93a6fbcb7c1ef942eff5c12a934d3de1d98c306faed6198167d
31e949a90e2201478a888cf4a289e241169d4c3288d1bc3cbb151a96ea72aad9
34a64e8baab683ef9a4708e3072e4a139084b9297f6bf9462093a0120cd0fa85
351e16b8d32a4043be1ec126f8d844e4ae4a5fedcaff6a8f899b6a1b9f4f87e2
369da6745b69f7d648396019215562fafd494ad452bfaaddc3b1e09b6a632914
3722a6635d2efd7be6b68c38ab1e5f2b1a95ee98dbb66858c015b9a55b893f9e
39de4ee00869cadcfcc596597d49c1b0ab741981735d9c3d90821f4e80d9ae70
3a4cc90d682d513fc9ff399800e9863716f1e0a857519e066073edc9d393db20
3ab98d7f0f468c5c43588ad3b455f72483f2dfb74e846f7d4ff1adafa84e11a3
3b4cb6c63c422e25546bf6417f17c5824a02919fa8af072382bdbb93c296b2fb
3be7f4e8814541b7830943c8f8b1bb4bbf9bcdc13eb87104d26645d0bc7a9a24
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8
3e9ed54f3d93502a7e5dbe97feb270ea2b62a56ec4cb522a929e014e67fd9ecb
3ecbb648adb42d576665dde9b420e4c582ddb81ee6bab5b4eac56e27ae464fd4
3f1ef95939d17dd212093792c87398f37c37cf30e83f2c1e45062cc6e82af348
406c2b0cf20e0f7a831f2955b12b27947e5032827c3735c8b15d8bb4213086d9
409dc44bd16130430d25ad5cd2af52600c2461e2225573b8d78e87c8c3280e47
417e6857524e6577f7d71ed58dcd71b6b26c2f6e96ca20df40dd2604437d547d
445b50612612f6c95a49ebfb73da2640227721158d1e008fd70c77e73a60d7b3
456f48f55fb7c7b11ce3754c93240a7a293e5d2a1320a8f2fe1813a987531260
4635fb95f670026ef456ae440b235287e2293c64f0e544692cbf071fcb573f85
46e0597e30efae210e80019483b8f08e48c571005591566dffd3b2908ef94281
46e51d05e46509ee9766ab642242af6fac72524d5b9b3aaa41603ecd37039c34
479187ad7983a4cfc66b9680d5bf5d235dae6299d74661aa5de5ebc58f6b86e4
480103ab66052164334090b1562873a9274503b07ef8581715bc1deb00fbfccb
480698c7b768d6dbb022f9e672d498519483bac29915d04472424a95454304dc
48d1695096030bfc6da1ef37199fe63f50c9ecceafbda93a6b6c4b5c6093c88b
490e26e9b8102a5ede334caf2db1af7221fc5df651aaee24624356acc4b6d89f
49b20d34280657bde689d28818cb0dab7e9290c4a19f8ac21d7cb503afafa67e
4a4f3714d52c2a68c1c9b0fcd216a56432ac30e3cb5b0e39777d075e4dcf4f49
4adbd8db4c67b643fd261f8bbb37942f3328504cdbafc166cd95260609c22ab6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c26de07b29b8110e68993e0eb5c45632fc8c41445910c5e76fd583724972835
4d5dabc04915758eac5417b8dc6e57a570b9068e560f143423bcb972df740ea5
4df67c702517552510526094f61626848282615dda2b0fa12ee2118ecba12998
4f1e1301f75e8a72fecc51369f7e9f30769047d06056c9b033ca65a4dc9367c3
4f91c351a8a9d7a3b5d793d98e30abc1e7c6c3bd44b1cfb275e033aa9b2032e2
4fa9f9fe1caa690f332655136280d9aa687c10f2e81d06b9fc72ee5799c9fcbb
4fbb075a41f9cd0046692c9690cd709436ee936f71b8d2036c0ce06dd09e2d02
530d407b18282c698c8a31919b0e1b5b35001f55d444ec6dfbe90a6c99a02eda
5326f4353a5b67cc76a52a1af49c9e52fb7d14cb4c29aeb9ea265b197f48f8f3
536fd20c8bafa2723e13150c9c97b47dcd121eead4ca3e416ab2c4cebe7447d2
567a2ea12bbaede565dd622bc1dca5314788f8d84d21b03bab448706d0d186f4
57271e358c60ce2987e5a72a0193ad45a3af953aa0b9387e7fe3241b948fcf65
573f70fbe63df1a3f48f70489ad0cd55f287c5fa8997aa869634bf406e90c331
579317389d3028a5db0e25148c552c8eacb0603d9047d1fda8d2a6e0244abe5b
579f936be1e0e7d97aad8e0de3588eba82e4a906eb8664e9f4a3c5dda57a16bd
5870bac93f382c6d61160d1e1e9b5a69756c3b058425319b81fdf86ae61869ab
5b1af413d1f2566f7d20914a80c5a837af218cfe62731ab9a677e3877cec92cd
5e1a6e61731f8404c41ce89bd29c19208536c9e41764c69370c8a11e6775eba2
602502c8732a4ad6eb4879726da9287f556733e3a0b0a6d3b2ef8b114811b263
60e78d707f8f38d42a019aa67aa6f8249f44a7ffde90bab99f47181fdee5e3fc
62ecf7f9c0f111de3ee0a86b18ea7756c79bb7b67b871e9e03814420d94383fa
6361deec410014f61d4eb4303f7e695085a25f8109111746aafd5560f5ba0b4e
63bd73c29d3b55538b0d3090a8eb8bc235e278a8db7e01dee4fdfdd3fed00de1
64d12530cd5078164fbe4c0978c71a463fcb27ccc70f0921807da1c22e4f5112
64d64c865b072963791c15c8d2f4548436f21c7962685f3a5a515136a227bcbf
64dd7fb4cbb52916f608a36344a6be8490c3d8ec7eb10ed20ec2551ce5b94880
6543063f1956b2cd2734b469f7959559866bb328be469c5469ef79b19d89e28d
65ef5a414a33366eeba58a96bace5d8ffc2ab9db301837e787ae1374589aff30
66b4b0414012e1377d8cd0b31ae87072da545e8e4aa9db1ba64c42553dea4ce1
66fe63165b7775b6159a4118722a0a2802219312d74ee7f07238caabde26fa66
67da6dda2e141164c191a754b5a58e358f7478c0ac0fbbe38ece80e23e45405b
67de06848bdd4c9dbff62b42e6b7a3450c4325b1bea77b4d5f888fb1d84e2b70
68ccf2651610cac27c7c2dda1a8d4c31107f3d0128aae37a0a7f74efb42495a4
692bc8ec90079a39812d48bdb78f998b12148fbeef41326212c2f305a44c03f2
69319b865e54827cf6d71d2c30cf3465056311bc9ddf9637ac5dd7db0d883ed8
6a0c3882f90b8879eeb874f3d91adab02b88b46088d264eebb16910c8daf4792
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6dde1eec803b275a3aefbc0087b145ebf2584a17349e91b7cd32edd44599b1c4
70623a3dc1fe3ed080b5bb4b1da4929e0d70e100638e1d15152e5b90100d86a2
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
728f415b66dccfc201cbb991096768ecfe35fffa6c782582103d5dd8b00019fc
74d1ca64889128aefac01f6248df5f8f71e189fc5cee0df6430d83e48d933acf
756a637be72f34226188ca97e1efc96e50e0b36708b4999d46ec9a4d4439b584
7652f22a85db4df8a3a85524a15ff9298abdb1204112f0b704b44d86ee73abe0
77e06b7be027a704a05b79538a85a2250df7f0047bfe3644107d75c2de49151c
78c2411761b1b4aceedb38874763a58a02714100252d9b7bfd896c8b57cc6a12
79f69f4a4182edee4f71d231e837935360c7cc24541a2e8d4987cf89290b9ddc
79f9cbae983d8025b0667e42eb98e8623d80b0484b3e8407471eb352239e0125
7a94e745d0611fcd224035b5b54a58c017de34677d3362ea364e365c9bd45d8e
7b0ed5caa1dac6bc1c994e462f6b88d40b320fca07c349766634219da3858d44
7d1b39e974a4e016481b9420e0422ec53e8a39ba3941d2ce590e5edbd7fbe0ca
7f2a3d4a15e76fc4d83b20e174b073c89720c78d53c8accc5ffa1bd838e0d15d
803d4c132f1d89a296a18787ddb284c83126ec0ac9f0639d2a71c104973d72e6
82f9f3cef4264a3d2a8c58e68462a667472a6e4701c3700163542d096af5c5b7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d993c3ad58de7e2d63e957daa786f149050cf22ec22f5a84c1ad2ee9f17706
856d9a6980e6c0374351da22ca8e2384afbb824c1b39a2b9d8f6aa6536df1d5d
86664a77da8b3ccad854b3a6bb20e20dbb02d6200df42c32d14ea6dd4326ed23
87a7d2a278c30a56bdce22deb28b4bd379887f0920f121c207867a7a5e71d58d
89226cea0bf28282ee807a780fbfc7c82a9584de1dd32fd7d2136e1e0b024129
8a82eeaa3fb2d53e2790c9401fe9a63f173091caac608aaf847a5a88b36c6d8e
8abce271e22ff346cb1660e2ec7bed5534e0fc87330aad5cb92ebee0df865e0c
8b1bbc49d387cd2e8b818a62860d19dbe2ffb2d53700b824713c6ad8478c5aac
8f82e7c60ae88a0c9441ce61f562a96b36f492846044e579cbd43d1568a96260
90607332cf52e54c8ada047ef01464e8f906a0cd018d8b4d9ea62e008390abb5
90f8a18f06ac8724ea14d28f14e7023518cdfc8581f6ce47ba8e4e353256ebd8
91daae17502efb0644acce2f1e50bae9e51f9158e1f7512dcbd6b51f932325f3
91f328f280dac341fcc4094e8b1d3b628624cf68b2d26896f058874da85d0803
923b285caa0f09e0a12ec1b9af36a1aca2266a8f3b8a981dd41d437e91f0fd9e
926e4c0bd035c11a249776f4331c0f06a4263131dda635e230c2bfc584e327e2
92704194fea55dcd36b9f45d7e48d4a0d4be2b8c45135e2cf82d6970e216816c
92b7f4cb9efce299e53fa8d7ba09c48290a91ed47cafd25def307a13c4bf0e3e
93130714a3c7e498382a893dde3f5a94efbb9e6100ee33322c7b0dfe76ec771b
93c2af91a0986f3262c875d979ff5d50e85b5ac81418951d9b2b7fe3eb76a2fd
94bfbe689251a6fdf44a787cf4bc4eab4b01f8ce1e962776237e4e02979c43eb
9507e9b9e7a3f71b8f8902bc492d028f362a34819835790347fcb155dd522f6b
95d21f583d318534c4664ff2ce428a0e88fc71f20db861abb5703217adaadda4
976ec43c7a26910ec33842d4cc44a2b2de741737ed0bc53c0911983ad8d4c11a
9a83115d983bb1324c79a41db6d60d85583835c268939115a41025b4d388f3fa
9c9040bf2c6b62cc1366ba767fd14ea43e971b3f669c3a12150e214bf43adbf6
9da7c0c8ebdfd2230e25d1fc14d9e5814d4cc9457666e86b9abd581e15a18f6d
9dd7a0ade87ca4ba308f52f775d8db1cbb22c5a9f671a96ad86dbeb6258dd95e
a1a08147fb4275185292db82c6dbb9f8755041a75b422758d2ad5add0bd64f35
a2482cf898b4f41373215d05896fe173ddc03b8d93944a04d85655aa955bddf6
a3ac45a9b34c24e7757cc8d0d09620fe35dd34287c135248119baf3b29d32c78
a3bfe9de0a5fb603c05637081b984edb1c54998ab999404b939ac047455e0e53
a425a6bb0ce62bbf1dff7b2633420076f93dbef719a9abafca6650aff52dd4b6
a7729b60630a85fe7db815573a8b13ce9fc492e3535e939f2cf5520c8f5bfacc
abe647cb32ed4cb23f1898121d423c82c4a2446b2d4f72d3ce466fb461ceff17
ad858a379977cbe2994ccb47bf5cb3899691ee775435e89b6f1a7555b304382b
aee0e7fc3b5a53a241da33c55022b47b909f8efaad6cf15c893b58f554dd1055
b15dea0e62ffe7c7ae1517afbe07f60f781f7d1de398405b6c76c05f8809c78b
b3900672b1827f63f6c3746b7aa067bee3c35c169c4fcf44ea56df81bdd4ed88
b3dea08aa20f9e41f3baaf251309e5f1aae906e8db3b17edfcb0b9a1620e8e4f
b4b7cd8f1f5a77c825bc0847d9398ccdc5ccad87b7b433b7a40cc17f91d2e877
b4d01e94e99ec79c91cf51e775cb5087a10d2aacacc7ed597ddafb4c30a00761
b4ea8bfa7b3455e61a574a4f6fcbebb87f18fb167157cab6f4b52fda8451d780
b6175ddc30db417ad2a5b16cefcd92467ca9ca4d19757e360981b4373af70d7f
b6cd0a20aa0beee8a3a8766e089221f7bcd2bae378a8db7ef93411347801b8e3
b7f8c8d65e7dcc7ca6bc1b3a7915051d48a606303d9bde76b2ca766a066997d8
b887bac65099ac4291eacdc318edd55fcd663f4de6dff380257a7c4de1a80d0b
b8ec68868f12b962b684584c7f94ff834d4ecc754d1a5852b3c421946126b237
ba1cb2b72866690c29a00ccac1926d509096d537ce07c8ce2ec879238487b29b
bc5e1028756507d77de5a77f0e02a91ff666ad2b6c7c49b3905be254c908872f
bd66527417013764301e965365cfd5beb84e589db57c69c99c63cbcdf4f1037f
bf311784b36d28cb713e242688e183f67a50009e78053c5c9750cf63ba1b5a3d
bfac2cbf35977c380a0a4d5b5ad1bf96149317cb65d23a7334f8e002466a1744
c1e3ca49e3d9ddefa9eeb57be26071df2189fb32a1f4c0b4b823c71747087905
c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f
c2623133622f804d73391532c8741808c49b3e97425eb675d662ba31a3260864
c493875ea907c37e2ef7b9560f75ad5dd918121a0f42889eda351ccab0373eb1
c707f18d5e16477e924a21ab5fef6af47e7641894b470c726798a4f1b7106fd0
ce97fe11b02e5dfa17303535879e288e4463c87d34e80bdc3b15dfa516cdbcaa
cf234fdb133f21a8647c5b3aea6a833a95dd3492928995e9f8d43bac459c5568
cf6d975b72859fce895140f11d8b854a256a82370dd9fce02b074b3b6dbbf75e
d00eca9a381a9771a0ab7e757cf9677cb54aaba48704aca33713b289dc06a9c7
d17326604cbfd27b5b1ef8e225d73ac04e1e226ad7bff14f68cde663f85d7b02
d3edd40ba36613c0229d5b4a454d917ad6a147ca726997ed72f6ccd970009c9c
d422216d4021968d8261fb5e1c8d74c7975bc5dd5b020e9bc6d2446c53943811
d4eed0ce40b2edf71e2dd5993ab087940c9bbbe22a69d134bc24b611b0197a34
d5bcd5728ba56790980ede52b45072d10f98de7fc6cbd7ae1d03906f858303ad
d6bcfbb97bf77fda07de2e20374b6e24eee2971cce4f56a33d376c32f117cb35
d8182ff2937a1da5a487a85a36a7ae8200cdb821dc5ad539d20983d16b724e24
d95f05da1bb83176a8560dfc6de751b1346e9d99789aa10008d4d7a87696852a
db62b02b9fe5ee90bbfc0d3ba0ccd109bc02944a6d9e9718eec10d36abece699
de73962d3088a790a69647f591075331eb8890299ebb0f0592776898ff37e929
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e1c7341974c11eaa3be169869f9e2fae9467be1f629b9e6af14778b60ca21028
e29fe498101f2534f2c49044a3c7faaecba2e213d4e148b2246617e1a6141c09
e3386d44d96b0f1e322726b3d8ce95a87504c58c1a1802b24aa3be96ebf7f092
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4855fea2017b227faa386ff3a8cd3e85eaaac3d7320c375caeaa5757a7e243b
e4ce0149e02818859e4d67c8d72969185663c06d37f3d823b8a36a3f3a32b8b8
e55acbe1cf612660777de102013319f710e0b6821e8e699ff3dd7333125414ae
eaba44cb5c322513f0d0b364cab4cde0b300997852e9556ab7bc7a72956c9dd9
ebb170e5bcbb28e354146bc337b97b60de5fad6a43b9bdd7479c8cae31a9fa3a
edc8c41f712e07e786ab5fc9c11be270486a9a3d5d8235cbd174da15c608ec96
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2989d4bfdc27fa66d65ef3c4c78a4bdb1def9a86470569ed2c62073639056f
f14d371061bcd0e573cb6c8a8c5dd0f9e4eef00acb6ac6377f0d96cd10b314d1
f46d7dae9f7618ffd2342f6bbda67496af1b8a520d74ae40b55e1e83e79d3064
f4729fa35b03a50aef2c4b8d1df5df9df7a843c4ee6e6d16aa473a08e9563306
f50e16b680d2a99552d25a877ba8e97d2ca95919012fce0b3c24fda1c48ea086
f553b0e550c94c3a5033feae5cece66da823c0f4f5fbd68ad9a94f5931c5ae55
f5950a3127d0b893373ba927ba605b91b8d7341a3c011cff48c7f6b3329eabc5
f6466d3eb2ff093b21aa5e0975d06ced104fe03d3ee9693b75a693228c1be1fd
f6ab3c4fe6345190964e4ca5db480f634204d9a3054c67044535fafaed3ea479
f890f8b23b53566520a7b86d07cce96c5f5abb5d79c4d8a4130be61cb5cb9767
f8d5991c7497473ea91cfe27dfaa054534c69e64905c12e888d028183aae99bc
f97fd35fbfa44f7ca4e4ddfb823b74283a3475ba6ad7402b04a1590644b47744
faee04b44264c3341536ca8637e779391238a8974b46fd13a44c9abf2be0745b
fb2fbf011a65f2b4d36cb99125da3fca8f55abb506312e1173f68c49823e1aa4
fb487c970b6a254eab7ea2ef8c3392d91856ea1c7192e80c52c512acec38c9aa
fb4e86505c11cc824a8aa369944ad9f8c91a22ef6fd9bef2935df5455a80dee9
fe7ccc99fe4bcb7ca43695ca7a0fd7594de267e7602bafadc3bbc834b40d144d

grandwin189ss.vip Open in urlscan Pro 162.0.222.252 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

261 Requests

95 %HTTPS

26 %IPv6

25 Domains

32 Subdomains

27 IPs

5 Countries

9287 kBTransfer

10654 kBSize

100 Cookies

4 Outgoing links

Page URL History

Redirected requests

261 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

grandwin189ss.vip Open in urlscan Pro
162.0.222.252 Public Scan

Screenshot
Live screenshot

Full Image

261
Requests

95 %
HTTPS

26 %
IPv6

25
Domains

32
Subdomains

27
IPs

5
Countries

9287 kB
Transfer

10654 kB
Size

100
Cookies

261 HTTP transactions
1 data transactions