urlscan.io logo urlscan.io
SecurityTrails logo

doremi88-ouc.site Open in urlscan Pro
2606:4700:3037::ac43:cf8a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://doremi88-0gd.site/
Effective URL: https://doremi88-ouc.site/
Submission: On November 30 via api from BE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 1 countries across 16 domains to perform 175 HTTP transactions. The main IP is 2606:4700:3037::ac43:cf8a, located in United States and belongs to CLOUDFLARENET, US. The main domain is doremi88-ouc.site.
TLS certificate: Issued by WE1 on November 21st 2024. Valid for: 3 months.
This is the only time doremi88-ouc.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3037::ac43:b5a2 (United States)

ASN13335 (CLOUDFLARENET, US)
doremi88-0gd.site
1    2606:4700:3037::6815:5c1b (United States)

ASN13335 (CLOUDFLARENET, US)
beritaluar.com
13    2606:4700:3037::ac43:cf8a (United States)

ASN13335 (CLOUDFLARENET, US)
doremi88-ouc.site
1    2607:f8b0:4004:c17::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f8b0:4004:c09::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2606:4700:3036::6815:5480 (United States)

ASN13335 (CLOUDFLARENET, US)
godisfavor.com
2    2607:f8b0:4004:c1d::65 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
100    2600:9000:2501:e400:c:5e6d:a440:21 (United States)

ASN16509 (AMAZON-02, US)
d2rzzcn1jnr24x.cloudfront.net
6    2606:4700:20::681a:ecb (United States)

ASN13335 (CLOUDFLARENET, US)
api2-d8r.imgnxa.com
3    2606:4700:3032::ac43:c0c4 (United States)

ASN13335 (CLOUDFLARENET, US)
jp-api.namesvr.dev
27    2606:4700:10::ac43:f0e (United States)

ASN13335 (CLOUDFLARENET, US)
embed.tawk.to
va.tawk.to
6    2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2606:4700:10::6816:2c8e (United States)

ASN13335 (CLOUDFLARENET, US)
va.tawk.to
3    2606:4700:3036::6815:4ad0 (United States)

ASN13335 (CLOUDFLARENET, US)
tawk.link
1    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2606:50c0:8003::154 (United States)

ASN54113 (FASTLY, US)
raw.githubusercontent.com
Apex Domain
Subdomains		 Transfer
100 cloudfront.net
d2rzzcn1jnr24x.cloudfront.net
3 MB
28 tawk.to
embed.tawk.to — Cisco Umbrella Rank: 11098
va.tawk.to — Cisco Umbrella Rank: 10657
277 KB
13 doremi88-ouc.site
doremi88-ouc.site
528 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
628 B
6 imgnxa.com
api2-d8r.imgnxa.com
3 MB
5 godisfavor.com
godisfavor.com
1 MB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
83 KB
3 tawk.link
tawk.link — Cisco Umbrella Rank: 42743
622 KB
3 namesvr.dev
jp-api.namesvr.dev — Cisco Umbrella Rank: 72950
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
1 githubusercontent.com
raw.githubusercontent.com — Cisco Umbrella Rank: 4827
13 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
41 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
108 KB
1 beritaluar.com
beritaluar.com
949 B
1 doremi88-0gd.site
doremi88-0gd.site
524 B
175 16
Domain Requested by
100 d2rzzcn1jnr24x.cloudfront.net doremi88-ouc.site
23 embed.tawk.to beritaluar.com
embed.tawk.to
13 doremi88-ouc.site beritaluar.com
doremi88-ouc.site
6 www.facebook.com doremi88-ouc.site
6 api2-d8r.imgnxa.com doremi88-ouc.site
5 va.tawk.to embed.tawk.to
5 godisfavor.com doremi88-ouc.site
4 connect.facebook.net doremi88-ouc.site
connect.facebook.net
3 tawk.link
3 jp-api.namesvr.dev doremi88-ouc.site
2 www.google-analytics.com www.googletagmanager.com
1 raw.githubusercontent.com
1 cdn.jsdelivr.net embed.tawk.to
1 fonts.googleapis.com doremi88-ouc.site
1 www.googletagmanager.com doremi88-ouc.site
1 beritaluar.com
1 doremi88-0gd.site 1 redirects
175 17
Subject Issuer Validity Valid
beritaluar.com
WE1		 2024-10-18 -
2025-01-16		 3 months crt.sh
doremi88-ouc.site
WE1		 2024-11-21 -
2025-02-19		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
godisfavor.com
WE1		 2024-10-16 -
2025-01-14		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-08 -
2024-12-07		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
imgnxa.com
WE1		 2024-11-03 -
2025-02-01		 3 months crt.sh
namesvr.dev
WE1		 2024-11-05 -
2025-02-03		 3 months crt.sh
tawk.to
WE1		 2024-11-19 -
2025-02-17		 3 months crt.sh
tawk.link
WE1		 2024-11-04 -
2025-02-02		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
*.github.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-15 -
2025-03-14		 a year crt.sh

This page contains 4 frames:

Primary Page: https://doremi88-ouc.site/
Frame ID: 32A45BEC052F48AF67AB6B750ECC5397
Requests: 162 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/67354992019/css/min-widget.css
Frame ID: 1654D9136EFB22B7F7EBF4FB4E79A860
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/67354992019/css/bubble-widget.css
Frame ID: AA994FD9243CF12D8ECB4731412060BC
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/67354992019/css/max-widget.css
Frame ID: F65B6E2C8A1A90417CCD353E7FE7F7C7
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

1 pesan baru

Page URL History Show full URLs

  1. https://doremi88-0gd.site/ HTTP 301
    https://beritaluar.com/doremi88/ Page URL
  2. https://doremi88-ouc.site/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • //embed\.tawk\.to
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

175
Requests

100 %
HTTPS

100 %
IPv6

16
Domains

17
Subdomains

16
IPs

1
Countries

9425 kB
Transfer

11819 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://doremi88-0gd.site/ HTTP 301
    https://beritaluar.com/doremi88/ Page URL
  2. https://doremi88-ouc.site/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://doremi88-0gd.site/ HTTP 301
  • https://beritaluar.com/doremi88/

175 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
beritaluar.com/doremi88/
Redirect Chain
  • https://doremi88-0gd.site/
  • https://beritaluar.com/doremi88/
317 B
949 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beritaluar.com/doremi88/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:5c1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ea836bd79c83342-EWR
content-encoding
zstd
content-type
text/html
date
Sat, 30 Nov 2024 04:49:57 GMT
last-modified
Thu, 28 Nov 2024 11:34:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kd83%2BOQYPTc6XS6lCcfnWozdjcVxtHD8vueS5tHmxLcEBRmIBauhh%2FBtC3KvyuZcDpwX2WCGZHo3HJIjJwKcQz2H7OsfTv2nGK%2B%2BdkyhQtYaxafWH6ZZoRXvQdH9mJN0I12%2BjqPey1rTQlSFiA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=27904&min_rtt=27678&rtt_var=4589&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4143&recv_bytes=4435&delivery_rate=525&cwnd=12000&unsent_bytes=0&cid=17e5c11c61e92d91&ts=188&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed

Redirect headers

cache-control
max-age=3600
cf-ray
8ea836bcaa5718c0-EWR
content-length
167
content-type
text/html
date
Sat, 30 Nov 2024 04:49:57 GMT
expires
Sat, 30 Nov 2024 05:49:57 GMT
location
https://beritaluar.com/doremi88/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4VE0LHI4ynTI0solNhpPXqZSBGQb%2FTR47%2BVWVYKmMvkegsOV6ty6hrLk5%2BVJW4XMRYYcy4sC1wU37jLxBL6b0TFO8hgesXap8G35evUIsPjt%2BxDI%2B%2FJ8vKYJfLjR2QFLeH9gxMc1CjgvTluijywlsA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552001; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
Primary Request /
doremi88-ouc.site/ 		525 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://doremi88-ouc.site/
Requested by
Host: beritaluar.com
URL: https://beritaluar.com/doremi88/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:cf8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f430198522a74f81e7fbddbf2804530dda0bd698d06adf4e5486cf84a0fe50a6
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://beritaluar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, s-maxage=0
cf-cache-status
DYNAMIC
cf-ray
8ea836bf7f2e19cf-EWR
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Sat, 30 Nov 2024 04:49:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=as421J2cKTbqFE9ynLGdKhXNNWQ6zkYs6eJbftkh7L8BfW0QrVxRXtcnttTa6SmMMs%2FulVgA4VHAA2zPzpnGKbAIaBNFtvBdhTxoq6Hdzs1mHcEcV5rfLCjSbbCPINGjK0iJMK11K%2B80hHmg9k3%2FjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=31562&min_rtt=28238&rtt_var=10743&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4153&recv_bytes=4433&delivery_rate=528&cwnd=12000&unsent_bytes=0&cid=9d47f7ab4075f23c&ts=505&x=1" cfHdrFlush;dur=0
strict-transport-security
max-age=15552001; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		323 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QMQ39J1K4X
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
799205a185a24932f10719eb3c63c80546d6384b00af9f5a6cad044b6a2806c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 30 Nov 2024 04:49:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 30 Nov 2024 04:49:58 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109713
x-xss-protection
0
server
Google Tag Manager
glyphicons-halflings-regular.woff
doremi88-ouc.site/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://doremi88-ouc.site/fonts/glyphicons-halflings-regular.woff
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:cf8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71c12656535e99119c2a952c10554cd6f47c6923d2d96155a7833276e68992af
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://doremi88-ouc.site
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
zstd
cf-cache-status
BYPASS
etag
W/"014dea56039db1:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7i4QFdyZTaEIvUhLnYvo2%2F2Mt1FHAeGoc4AK9DgqoJmihWqvPr9nfY52%2F738pRzbaQgwyW3ZYX5y1wEoDe1uVflnDDF02%2F9QkU%2BucOdz9yNowgLw%2Fv4UjorAMTWg0%2Fmoe8hUS%2F1H7iAfq7OY3AYBtg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30854&min_rtt=27890&rtt_var=1463&sent=113&recv=55&lost=0&retrans=0&sent_bytes=111427&recv_bytes=12903&delivery_rate=591718&cwnd=31200&unsent_bytes=0&cid=9d47f7ab4075f23c&ts=1089&x=1", cfHdrFlush;dur=12
date
Sat, 30 Nov 2024 04:49:58 GMT
content-type
font/x-woff
last-modified
Mon, 18 Nov 2024 02:22:00 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552001; includeSubDomains
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ea836c2aa2b19cf-EWR
x-xss-protection
1; mode=block
server
cloudflare
digital_sans_ef_medium.woff2
doremi88-ouc.site/fonts/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://doremi88-ouc.site/fonts/digital_sans_ef_medium.woff2
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:cf8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3815eba1b61f8c9bc806b74b1c58330e07fd1e5f4c31b13785348e0a6ce4c03d
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://doremi88-ouc.site
Referer
https://doremi88-ouc.site/

Response headers

cf-cache-status
BYPASS
etag
"014dea56039db1:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z2gPgh8T8KRdlQNakIfkRdsHFdHX4gBH90V8vCzPlh7pXcSDnsRC717FZcjJL0LbLb0Ja2gR1vtxeDuSaWL7RycaAgwRb%2FczHNn%2F%2B1XtE7Bddy3gXfJKVuPbmmcT2VeIalKG396hGj6CJk%2BZj2CUDw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30530&min_rtt=27890&rtt_var=1016&sent=163&recv=66&lost=0&retrans=0&sent_bytes=169027&recv_bytes=13388&delivery_rate=1057207&cwnd=57600&unsent_bytes=0&cid=9d47f7ab4075f23c&ts=1130&x=1", cfHdrFlush;dur=0
date
Sat, 30 Nov 2024 04:49:58 GMT
content-type
application/font-woff2
last-modified
Mon, 18 Nov 2024 02:22:00 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552001; includeSubDomains
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ea836c2aa2d19cf-EWR
accept-ranges
bytes
content-length
18996
x-xss-protection
1; mode=block
server
cloudflare
advanced_dot_digital7.woff2
doremi88-ouc.site/fonts/ 		7 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://doremi88-ouc.site/fonts/advanced_dot_digital7.woff2
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:cf8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6859917f17c0b4ccd4e0f7944f49bc9b2968fb61a4593428cfd176613922f81b
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://doremi88-ouc.site
Referer
https://doremi88-ouc.site/

Response headers

cf-cache-status
BYPASS
etag
"014dea56039db1:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FUvGfIi63X9QVjhlAgm9nZcpWXSd487jECMvVHTacEOLB5WgS8W6gdoy2EvoZOn%2FJKinfdMqvkXhkD5D98EnQUvlqVmFkl29pgJZS%2BCt6ur%2FkIl%2FDbOYFIsbv6XacsJJSup0v%2BTPyERQcrOyuM%2FQbg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30741&min_rtt=27890&rtt_var=3793&sent=57&recv=34&lost=0&retrans=0&sent_bytes=50300&recv_bytes=11987&delivery_rate=150874&cwnd=15600&unsent_bytes=0&cid=9d47f7ab4075f23c&ts=918&x=1", cfHdrFlush;dur=17
date
Sat, 30 Nov 2024 04:49:58 GMT
content-type
application/font-woff2
last-modified
Mon, 18 Nov 2024 02:22:00 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552001; includeSubDomains
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ea836c2aa2e19cf-EWR
accept-ranges
bytes
content-length
7348
x-xss-protection
1; mode=block
server
cloudflare
desktop-css
doremi88-ouc.site/Content/ 		235 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://doremi88-ouc.site/Content/desktop-css?v=fEmOz-d-nYfE79Vr7zcSuIZggSGo2hhcaXa45hSL_Po1
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:cf8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80d9ae182e6b9d7ae80f1b215a6e3592c8ae78f5aa37ea384cf935e7df6b9f60
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9s9%2FKS6HFVB1YtC10jpnCpjtBRGjcQA403I0hBb5SQD4ktnwPXWwQsPp6Iqs%2FMkEAiFKs74%2ByFVuB%2FiYOAjE7AM53wUoVjINktl5WCg6dmhT4LMu7LTKot6gHSgsyPLmGQTFnt4in8Zm%2F2pRmUaB%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 30 Nov 2025 04:49:58 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30741&min_rtt=27890&rtt_var=3793&sent=43&recv=34&lost=0&retrans=0&sent_bytes=34702&recv_bytes=11987&delivery_rate=150874&cwnd=15600&unsent_bytes=0&cid=9d47f7ab4075f23c&ts=905&x=1", cfHdrFlush;dur=0
date
Sat, 30 Nov 2024 04:49:58 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 30 Nov 2024 04:49:58 GMT
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552001; includeSubDomains
cache-control
public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ea836c2aa2f19cf-EWR
content-length
58932
x-xss-protection
1; mode=block
server
cloudflare
desktop-css
doremi88-ouc.site/Content/Home/ 		18 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://doremi88-ouc.site/Content/Home/desktop-css?v=IsjCO_ISG6SP68biXcowDbNVCOC1haSxrQSiQUs19fw1
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:cf8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4e9ed35971a5a6f28747146723405072f7958131afab41b8f77189879eb11a2
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VOahzxYIVk8s6pkjmHtK%2FfmzmnRi9qZ94cVqvmqJtpSPu22JTgn3T%2BjtynNiaMXi8HojFmf3%2B%2FMZnUXm1HYDKQmycSkBF3jSYZoD8KK%2B4Mmz4akyRqykFbyygIb7o0KYbd2Whdq3VOpdAd4imKSr2g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 30 Nov 2025 04:49:58 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30741&min_rtt=27890&rtt_var=3793&sent=57&recv=34&lost=0&retrans=0&sent_bytes=50300&recv_bytes=11987&delivery_rate=150874&cwnd=15600&unsent_bytes=0&cid=9d47f7ab4075f23c&ts=913&x=1", cfHdrFlush;dur=23
date
Sat, 30 Nov 2024 04:49:58 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 30 Nov 2024 04:49:58 GMT
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552001; includeSubDomains
cache-control
public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ea836c2aa3019cf-EWR
content-length
4742
x-xss-protection
1; mode=block
server
cloudflare
slick.css
doremi88-ouc.site/Content/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://doremi88-ouc.site/Content/slick.css
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:cf8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ea14b8011f2330241a3f98a5b444db57214f133728ca671c86fa0d160ec5324
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
gzip
cf-cache-status
BYPASS
etag
"1DB3960A4ACE700"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QGH9vKBoGS21VqeX0Pd%2BhVciXiOv0dIq5nmQFVr%2BJSQb76mO5UNxBNq4DSev2PrwiSmSm8KEyP3PFIiYyXcVCecq91NnJZIplt2JqahcRvBRIWrPUnR%2Bd5FF7mcJ8cbPWELPeQxlYbvLkCK%2BPFDgTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 01 Dec 2024 04:09:20 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30741&min_rtt=27890&rtt_var=3793&sent=57&recv=34&lost=0&retrans=0&sent_bytes=50300&recv_bytes=11987&delivery_rate=150874&cwnd=15600&unsent_bytes=0&cid=9d47f7ab4075f23c&ts=918&x=1", cfHdrFlush;dur=18
date
Sat, 30 Nov 2024 04:49:58 GMT
content-type
text/css
last-modified
Mon, 18 Nov 2024 02:21:58 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552001; includeSubDomains
cache-control
public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ea836c2aa3119cf-EWR
accept-ranges
bytes
content-length
773
x-xss-protection
1; mode=block
server
cloudflare
desktop-blue-red-css
doremi88-ouc.site/Content/Theme/ 		45 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://doremi88-ouc.site/Content/Theme/desktop-blue-red-css?v=LkD7_JHM2mORqxjmo0txETLC2P9fHpF472IRTpn414U1
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:cf8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d09ca1ab4be20d0c2b9b2546d5f93afc71a1440397952c708d229799d0743216
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jkDaH%2FskxuJx5exHb18ZeREL0j5IxV2m724e58OhItshbQKTshIQzDYP2bxy3Xxhma6UPMjqK6iAyzrkS2Jzoo%2BUrwrDgwHYzqN4I3OJvv%2BmtIH3hU2poB5e1xlWmmO49IU4Mn0sGY0y0R%2F27gxU0g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 30 Nov 2025 04:49:58 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30741&min_rtt=27890&rtt_var=3793&sent=56&recv=34&lost=0&retrans=0&sent_bytes=49100&recv_bytes=11987&delivery_rate=150874&cwnd=15600&unsent_bytes=0&cid=9d47f7ab4075f23c&ts=908&x=1", cfHdrFlush;dur=0
date
Sat, 30 Nov 2024 04:49:58 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 30 Nov 2024 04:49:58 GMT
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552001; includeSubDomains
cache-control
public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ea836c2aa3319cf-EWR
content-length
11763
x-xss-protection
1; mode=block
server
cloudflare
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:900&display=swap
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4abf3c38c0e85233cc2c8f59ee8ffe5a52679b4a32b4357cfd2e108c76a03f74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 30 Nov 2024 04:49:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 30 Nov 2024 04:49:58 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 30 Nov 2024 04:26:19 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
Livechat.gif
godisfavor.com/2024/icon/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://godisfavor.com/2024/icon/Livechat.gif
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:5480 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
651dd5586bcb45ce47b971d805047dcab5f3148c182aff0962ea2bfd6b3a19f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

cf-cache-status
HIT
age
511528
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wGo4MaVIHX9CEH21XC8px3DA%2FBHCF3WjTT0n0xSqi0nv37T1jr8UQqX1n54mfczBKrz%2BNQU%2F7Ow8RD0JKys%2BLyZ3GefdLNYC8jQlUEuyUf1MJKD7aF8K43k5n2ykdg9LyMgh5SlHfXBb%2FFYe5w%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Sun, 01 Dec 2024 06:44:30 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27882&min_rtt=27854&rtt_var=10465&sent=21&recv=10&lost=0&retrans=0&sent_bytes=15552&recv_bytes=5309&delivery_rate=106678&cwnd=12000&unsent_bytes=0&cid=e1dde4b6ee22206a&ts=49&x=1", cfExtPri, cfHdrFlush;dur=30
date
Sat, 30 Nov 2024 04:49:58 GMT
content-type
image/gif
last-modified
Thu, 09 Nov 2023 04:34:52 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ea836c33d684376-EWR
accept-ranges
bytes
content-length
47381
x-turbo-charged-by
LiteSpeed
server
cloudflare
WhatsApp.gif
godisfavor.com/2024/icon/ 		288 KB
289 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://godisfavor.com/2024/icon/WhatsApp.gif
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:5480 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269eff77c91e9697140c0249a73b1845f1980888480dcd91852759c07cc279c1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

cf-cache-status
HIT
age
511531
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TRRws16IqQ1wdExTDSB5tYdgQay%2B45uChAGCptSvUZvUgpYrnisJnK6Svt8lgg3CfGEMdAJwjPIi7zNQbDWRcznmYcdMPuxT2jZ%2Fgr9w1Lc0Le3yMlna9rA2IR5jKv5NIvfj7u2dC92MTE1loA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Sun, 01 Dec 2024 06:44:27 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27882&min_rtt=27854&rtt_var=10465&sent=21&recv=10&lost=0&retrans=0&sent_bytes=15552&recv_bytes=5309&delivery_rate=106678&cwnd=12000&unsent_bytes=0&cid=e1dde4b6ee22206a&ts=50&x=1", cfExtPri, cfHdrFlush;dur=29
date
Sat, 30 Nov 2024 04:49:58 GMT
content-type
image/gif
last-modified
Thu, 09 Nov 2023 04:29:13 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ea836c33d644376-EWR
accept-ranges
bytes
content-length
294878
x-turbo-charged-by
LiteSpeed
server
cloudflare
rtpslot.gif
godisfavor.com/logo/ 		162 KB
163 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://godisfavor.com/logo/rtpslot.gif
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:5480 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2040fb5f97d0b43732d67120bcb429cf54c37612e211bfebed5efe17c243792d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

cf-cache-status
HIT
age
135879
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eSV4TSqxZZBlXOQ%2F6A4pW3bWD3Z%2F3J433YcTGQLCtH6pO%2BnrFjH59Rpy4MVNqxJLqx0iU113jzREWJS1yeY26jVrvki65YhVtDCHJK620VdsESUQFUWjcIAH5F9BSb4gIB9Az%2Bjlmr8%2FMi1WYg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 05 Dec 2024 15:05:19 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27882&min_rtt=27854&rtt_var=10465&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4134&recv_bytes=5309&delivery_rate=106678&cwnd=12000&unsent_bytes=0&cid=e1dde4b6ee22206a&ts=47&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 30 Nov 2024 04:49:58 GMT
content-type
image/gif
last-modified
Tue, 05 Sep 2023 23:08:43 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ea836c33d674376-EWR
accept-ranges
bytes
content-length
166205
x-turbo-charged-by
LiteSpeed
server
cloudflare
telegram.gif
godisfavor.com/2024/icon/ 		239 KB
240 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://godisfavor.com/2024/icon/telegram.gif
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:5480 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7c15c86b3ef1c28484bda7b2d55568f7e4c7e5eab2f0f09d4dc5aa00b26e2a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

cf-cache-status
HIT
age
511531
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x9IVzPlX9r5NxnrZ9cr69XidgtJzpzflZdQm95rYhMABu4nKQcmz2Ln0prYocObuGm4O3UG47fNjrw%2FZqBLmr1tDvscNvUbh3Yx%2BGKKi5o%2B%2Bm4yGmlekplFr67GILMYiQ22hjL7tvAeuoTkA1w%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Sun, 01 Dec 2024 06:44:27 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27882&min_rtt=27854&rtt_var=10465&sent=21&recv=10&lost=0&retrans=0&sent_bytes=15552&recv_bytes=5309&delivery_rate=106678&cwnd=12000&unsent_bytes=0&cid=e1dde4b6ee22206a&ts=51&x=1", cfExtPri, cfHdrFlush;dur=28
date
Sat, 30 Nov 2024 04:49:58 GMT
content-type
image/gif
last-modified
Thu, 09 Nov 2023 04:26:24 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ea836c33d664376-EWR
accept-ranges
bytes
content-length
244835
x-turbo-charged-by
LiteSpeed
server
cloudflare
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-QMQ39J1K4X&gtm=45je4bk0v9195920728za200&_p=1732942198190&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1976986251.1732942198&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732942198&sct=1&seg=0&dl=https%3A%2F%2Fdoremi88-ouc.site%2F&dr=https%3A%2F%2Fberitaluar.com%2F&dt=Link%20Alternatif%20-%20Login%20-%20Rtp%20-%20Daftar%20-%20slot%20-%20Doremi88&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=851
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QMQ39J1K4X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://doremi88-ouc.site
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 30 Nov 2024 04:49:58 GMT
content-type
text/plain
server
Golfe2
telegram.gif
godisfavor.com/logo/ 		742 KB
743 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://godisfavor.com/logo/telegram.gif
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:5480 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbdc0636d465b105711865dc4eff1adfd041b73736a5d6aa43a6582a2cf0cb2a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

cf-cache-status
HIT
age
97078
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZZl59T3tCw8a1d%2BWxH6KB2aV2PyhBpWmTRfZ3D9STG7wLhjqmht8uMw8wYk1YaJn3KzUmL%2B8YC5FUpZwg59Ktv3MkiZpykUwSNhAXXy9%2FbEC%2FQpBOoU%2FpJ5UExmzmjw7VtIYEyVTEsS2RidR3w%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 06 Dec 2024 01:52:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=43947&min_rtt=27208&rtt_var=1181&sent=673&recv=118&lost=0&retrans=0&sent_bytes=777947&recv_bytes=10418&delivery_rate=8846896&cwnd=391800&unsent_bytes=0&cid=e1dde4b6ee22206a&ts=290&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 30 Nov 2024 04:49:58 GMT
content-type
image/gif
last-modified
Tue, 05 Sep 2023 23:02:28 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ea836c4cef14376-EWR
accept-ranges
bytes
content-length
759755
x-turbo-charged-by
LiteSpeed
server
cloudflare
desktop-js
doremi88-ouc.site/bundles/ 		542 KB
206 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://doremi88-ouc.site/bundles/desktop-js?v=cutZqRUl5nVP6bqFHEzmWucvTXKSe1BUtGgAVYDz6AQ1
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:cf8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db853f8df3ba4c39616b2461d9d3cecc6d410e2d63fb77231d39cc2c2423937b
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ew8KVc1N6jWc6SsTEz5YbAmnnaebqA2rLlykTtKCzi4arODsQJ%2F8%2BX1DVOytdun6sFbEMX7jcO1k9Tmk%2BVIyTEgSuSEQqMcINkfryYsaAxCHTbO3gxyJdDE6Y%2FetrQj6oRHp%2BIm6%2Bi9JQMokWaRAIg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 30 Nov 2025 04:49:58 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30854&min_rtt=27890&rtt_var=1463&sent=106&recv=55&lost=0&retrans=0&sent_bytes=103916&recv_bytes=12903&delivery_rate=591718&cwnd=31200&unsent_bytes=0&cid=9d47f7ab4075f23c&ts=1076&x=1", cfHdrFlush;dur=0
date
Sat, 30 Nov 2024 04:49:58 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 30 Nov 2024 04:49:58 GMT
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552001; includeSubDomains
cache-control
public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ea836c4cbe219cf-EWR
x-xss-protection
1; mode=block
server
cloudflare
desktop-js
doremi88-ouc.site/bundles/Home/ 		75 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://doremi88-ouc.site/bundles/Home/desktop-js?v=CpSDOaZRysKcl1Ob8d_Ejh3EtkaE3uL4VTWMmHJzcLg1
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:cf8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b66b8e5635713b7b2c9819b194f28e4b61e8c6cf84d77fa67a6b8a119e7a9d7
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MiOCcnjF69irb5o29j55SNsKpQnk9lb99%2B21JRyQcROMHenoOpfXxpMTlaFRebHnykSeorGNdQ5GYyjncA9wAfe43RDZJS4Z6xXndyo1ivtVh4%2BaTF84kiVgxYyUCsqU2WVh%2B42QXpkxguBxUM%2BMqA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 30 Nov 2025 04:49:58 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30214&min_rtt=27890&rtt_var=638&sent=266&recv=75&lost=0&retrans=0&sent_bytes=288699&recv_bytes=13797&delivery_rate=1607327&cwnd=92400&unsent_bytes=0&cid=9d47f7ab4075f23c&ts=1252&x=1", cfHdrFlush;dur=20
date
Sat, 30 Nov 2024 04:49:58 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 30 Nov 2024 04:49:58 GMT
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552001; includeSubDomains
cache-control
public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ea836c4cbe419cf-EWR
content-length
26235
x-xss-protection
1; mode=block
server
cloudflare
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-7LqB5dtW' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 30 Nov 2024 04:49:59 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-7LqB5dtW' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=23, mss=1232, tbw=5685, tp=10, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
SvGQvFeiIa9B/S2M4gmtSt5E8BL7K1y+3ywtf8QB2LsuYCLVs9F1SH1gZJ2L2FssV9rTw8Tbf5YwPFGQKgKE9A==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
live-chat.svg
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/layout/ 		900 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/layout/live-chat.svg?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
ea04a5398029b829693391006da9685a050a4e47c02f84095c1ff598acdb13ed
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"03fe25575c7d61:0"
age
335831
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
OVMKTSrQw3gOAXSe_PzSrbxqZ2xDdNob929ISl9Jb26HctWQ9LW28w==
date
Tue, 26 Nov 2024 07:32:48 GMT
content-type
image/svg+xml
last-modified
Tue, 01 Dec 2020 00:03:02 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
900
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
android-logo.svg
d2rzzcn1jnr24x.cloudfront.net/Images/icons/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/icons/android-logo.svg?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
1a989fb8a82fab03747f7c4bfe3aa8e624379d7aa06d587cba61209e0b184b5e
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
br
etag
W/"08b56a93c50d71:0"
age
335831
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
csamtfS4YI2U4c0uCtn_4WbRNP7yYonC9C65bMCwvUGY48nBjpQEew==
date
Tue, 26 Nov 2024 07:32:48 GMT
content-type
image/svg+xml
last-modified
Mon, 24 May 2021 01:32:30 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
mobile.svg
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/layout/ 		733 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/layout/mobile.svg?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
cbf8ea136cb9875f6548ddfeb8eaf0290fab91b50610dfdd8583f5bc8644e04d
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"03fe25575c7d61:0"
age
335831
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
Wg-vIj1WAnZHtU-rrrywdeHwm49Twop1g1otmn886N1vMSKOelHKCw==
date
Tue, 26 Nov 2024 07:32:48 GMT
content-type
image/svg+xml
last-modified
Tue, 01 Dec 2020 00:03:02 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
733
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
flags.png
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/layout/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/layout/flags.png?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/Content/desktop-css?v=fEmOz-d-nYfE79Vr7zcSuIZggSGo2hhcaXa45hSL_Po1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
cdb1815b5776953153bac927f409e9030393dedbd1b0358a34048d4e9e19eeea
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"0d7166f4393d91:0"
age
335831
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
CARdbuUgqDz3J6mVyq3Q2WZaeoBj4FN9ADjJEF4w1Oxq9A477271Xw==
date
Tue, 26 Nov 2024 07:32:48 GMT
content-type
image/png
last-modified
Tue, 30 May 2023 22:09:42 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
6478
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
user.svg
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/layout/ 		628 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/layout/user.svg?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
ae3c1ce987a6eaf1bf60e769cf22291458e6aec9f7919c19f615041e31b9d31a
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"03fe25575c7d61:0"
age
335831
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
e-vwubbg3upP4d_nCt1EnJASK8v2_T4bHj-EooB2jooLrAxLg5w1ew==
date
Tue, 26 Nov 2024 07:32:48 GMT
content-type
image/svg+xml
last-modified
Tue, 01 Dec 2020 00:03:02 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
628
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
lock.svg
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/layout/ 		632 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/layout/lock.svg?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
6ac69af7b68a165bec16b442ebb5f41f94f4b9f398faaebc3a2e9d998956cb19
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"03fe25575c7d61:0"
age
335831
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
_f53S6HDTW8FoV-4ZIoi7rPJUOriGvUpbHw7A1VBMYTxELURHUTcgQ==
date
Tue, 26 Nov 2024 07:32:48 GMT
content-type
image/svg+xml
last-modified
Tue, 01 Dec 2020 00:03:02 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
632
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
logo-background.png
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/layout/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/layout/logo-background.png?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
0b42196e536a2985d015bfa23dfc8025ac1ded242707102cc4342e510cde0f9a
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"03fe25575c7d61:0"
age
335831
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
I6z6RdFMQTrs_giKp6vuDVQJTBuac7NdAak5zdAL8SBne8FtQo6W2w==
date
Tue, 26 Nov 2024 07:32:48 GMT
content-type
image/png
last-modified
Tue, 01 Dec 2020 00:03:02 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
12918
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
icon-sprite.png
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/layout/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/layout/icon-sprite.png?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/Content/Home/desktop-css?v=IsjCO_ISG6SP68biXcowDbNVCOC1haSxrQSiQUs19fw1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
1b81a90d317b70f82719218970659a41b488eae52d89f93401a41bcc7b23f44e
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"03fe25575c7d61:0"
age
335831
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
ILIYZ61exSq1I1NKsE9NjHqriRa5_QP9an3P_RFnHRaVVI1eeKzFjA==
date
Tue, 26 Nov 2024 07:32:48 GMT
content-type
image/png
last-modified
Tue, 01 Dec 2020 00:03:02 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
4235
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
numbers.png
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/numbers.png?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/Content/Home/desktop-css?v=IsjCO_ISG6SP68biXcowDbNVCOC1haSxrQSiQUs19fw1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
78c5d3f0c294936ebeb6bd9a5568a2ebd72736f7f51ae22eada200ca0c90b7fb
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"03fe25575c7d61:0"
age
335250
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
dkoKx3Sbz88RkhW7RbklhjTNjJa7YnL733GqSNC0vcKLayjRXy2qQQ==
date
Tue, 26 Nov 2024 07:42:29 GMT
content-type
image/png
last-modified
Tue, 01 Dec 2020 00:03:02 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
14406
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
play.png
d2rzzcn1jnr24x.cloudfront.net/Images/icons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/icons/play.png?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/Content/desktop-css?v=fEmOz-d-nYfE79Vr7zcSuIZggSGo2hhcaXa45hSL_Po1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
2e11dedfaf2b4a23ce120e63ec4fbe737fd51c14db823e5566993b4380356081
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"0c3abd379a2d61:0"
age
335831
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
shGGWG1RvzxXbicIkR1fvE9-RvA7dnBqceJkL71zrDQPEK9D2Y5vUA==
date
Tue, 26 Nov 2024 07:32:48 GMT
content-type
image/png
last-modified
Wed, 14 Oct 2020 22:31:58 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
1845
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
popular-games-background.jpg
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/popular-games-background.jpg?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/Content/Home/desktop-css?v=IsjCO_ISG6SP68biXcowDbNVCOC1haSxrQSiQUs19fw1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
c5297c2b1f1cf546c75b64081e01eca499f84a16b6b5173d1603111fb216be6f
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"03fe25575c7d61:0"
age
335830
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
aAyaGFUCFX8NJr8hiBxawtJmn9x_qcEbukeRiEyk_9hHhMcOIYwP2A==
date
Tue, 26 Nov 2024 07:32:48 GMT
content-type
image/jpeg
last-modified
Tue, 01 Dec 2020 00:03:02 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
11194
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
trophy.png
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/jackpot/ 		634 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/jackpot/trophy.png?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/Content/Home/desktop-css?v=IsjCO_ISG6SP68biXcowDbNVCOC1haSxrQSiQUs19fw1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
ab8e1d6e7ba99228ceb4cf27e2111bc7cf5d844e3a0cea2c5caa318a9e8a64e6
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"03fe25575c7d61:0"
age
335830
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
0sgFFwrSmBLGodZoBkA8wzZFhnn71ILwXL_QaQuzv0EpwtUK-NwThw==
date
Tue, 26 Nov 2024 07:32:48 GMT
content-type
image/png
last-modified
Tue, 01 Dec 2020 00:03:02 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
634
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
Gilroy-ExtraBold.ttf
doremi88-ouc.site/fonts/ 		130 KB
131 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://doremi88-ouc.site/fonts/Gilroy-ExtraBold.ttf
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/Content/desktop-css?v=fEmOz-d-nYfE79Vr7zcSuIZggSGo2hhcaXa45hSL_Po1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:cf8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61fc7ed265000892c743cb4fc7b1e154ece3698476145f93e6c2be125ba692a3
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://doremi88-ouc.site
Referer
https://doremi88-ouc.site/Content/desktop-css?v=fEmOz-d-nYfE79Vr7zcSuIZggSGo2hhcaXa45hSL_Po1

Response headers

cf-cache-status
BYPASS
etag
"014dea56039db1:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PWTHSq1lw26zUXT7q%2BvQudD6fgnchedYjalyxMIEKEYMiRGKz8UV9gFY4kOsvok27p%2B2bV8ib84eI0YXH3xXAodHb8fwDf9M%2BSzNu6C6l4QjJELbCzSw1GLLHgO19%2FJcknZ7CsKd%2FaCGqURYflwSEg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32615&min_rtt=27890&rtt_var=3781&sent=380&recv=100&lost=0&retrans=0&sent_bytes=418243&recv_bytes=16546&delivery_rate=215488&cwnd=128400&unsent_bytes=0&cid=9d47f7ab4075f23c&ts=1936&x=1", cfHdrFlush;dur=0
date
Sat, 30 Nov 2024 04:49:59 GMT
content-type
application/octet-stream
last-modified
Mon, 18 Nov 2024 02:22:00 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552001; includeSubDomains
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ea836c7be6919cf-EWR
accept-ranges
bytes
content-length
133044
x-xss-protection
1; mode=block
server
cloudflare
Open24DisplaySt.woff2
doremi88-ouc.site/fonts/ 		6 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://doremi88-ouc.site/fonts/Open24DisplaySt.woff2
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/Content/desktop-css?v=fEmOz-d-nYfE79Vr7zcSuIZggSGo2hhcaXa45hSL_Po1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:cf8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2991f771f85700b7f88a8944a66afcd96199467920eec36cbb7ea77b6028f1dc
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://doremi88-ouc.site
Referer
https://doremi88-ouc.site/Content/desktop-css?v=fEmOz-d-nYfE79Vr7zcSuIZggSGo2hhcaXa45hSL_Po1

Response headers

cf-cache-status
BYPASS
etag
"014dea56039db1:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pdmgq2FPjw0uWzTwFZFM1tzUelx2b4jQRQ7Zlg0bySCTIKhM9XM99tSwE4c2ccKyDSolTQGqIUlLgRxmRcvffoMKJLH9MztiB2ylK09fvVrTN2bLu9ScYQ88TFKMaNR84S806%2FtEbPQW%2BmOrrYJVpA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33176&min_rtt=27890&rtt_var=3544&sent=373&recv=99&lost=0&retrans=0&sent_bytes=410548&recv_bytes=16500&delivery_rate=788313&cwnd=128400&unsent_bytes=0&cid=9d47f7ab4075f23c&ts=1723&x=1", cfHdrFlush;dur=0
date
Sat, 30 Nov 2024 04:49:59 GMT
content-type
application/font-woff2
last-modified
Mon, 18 Nov 2024 02:22:00 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552001; includeSubDomains
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ea836c7be6a19cf-EWR
accept-ranges
bytes
content-length
6100
x-xss-protection
1; mode=block
server
cloudflare
logo_83c9fa77-602c-4e6e-bb7f-1a116270a9a1_1732793309877.png
api2-d8r.imgnxa.com/images/d8r/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api2-d8r.imgnxa.com/images/d8r/logo_83c9fa77-602c-4e6e-bb7f-1a116270a9a1_1732793309877.png
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
828928a6299bf4754aa8d8a8c987add2296f2291cb09031181722a0bc988486d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"65d0f6e18841db1:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fXuHNnQF74h3LYAD9qAs1s8ZvJJvqsJ2exGSIwSTCalEy3aQBMQQmCW0OopDSjOBeRSejF2mCPXrVXhmIDBgz8yvzY%2BqILYu6rhCxdOCcSxDi21biHVTQ0S375fNc12OxurE73gPrcdJQt1Z82r4ji0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ea836c888487cb2-EWR
accept-ranges
bytes
server-timing
cfL4;desc="?proto=TCP&rtt=10690&min_rtt=9506&rtt_var=4349&sent=209&recv=9&lost=0&retrans=0&sent_bytes=265922&recv_bytes=2789&delivery_rate=424160&cwnd=255&unsent_bytes=63920&cid=861ce7d7bbe1505c&ts=467&x=0"
content-length
24074
date
Sat, 30 Nov 2024 04:49:59 GMT
content-type
image/png
last-modified
Thu, 28 Nov 2024 11:30:09 GMT
x-powered-by
ASP.NET
server
cloudflare
vary
Accept-Encoding
hot-games.svg
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/menu/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/menu/hot-games.svg?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
0ba039e8908fab4f413026522c323a9871698c3aefae2622fa7bc6b3ebc381e7
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
br
etag
W/"04effa05318db1:0"
age
335831
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
mtQlOkskVfQdWoSav5wJ3K5NwxNZ93MJ5QqZcMDznOls6_fIGvLv_w==
date
Tue, 26 Nov 2024 07:32:48 GMT
content-type
image/svg+xml
last-modified
Mon, 07 Oct 2024 00:55:40 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
slots.svg
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/menu/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/menu/slots.svg?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
72c626776408c923e8399bd4ff9ddb0a8ffd26731d0203ac30e49e9f4726a8e7
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
br
etag
W/"04effa05318db1:0"
age
335831
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
UPWM87Wy3HsQa143j6arqhWEe3U1hmYAiptDfCY_J5o5USZNWllZLw==
date
Tue, 26 Nov 2024 07:32:48 GMT
content-type
image/svg+xml
last-modified
Mon, 07 Oct 2024 00:55:40 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
casino.svg
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/menu/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/menu/casino.svg?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
465c5ff115fc15647c7ca37bdb1e405c389dbb5ddd5e60e33d6915ea8427b1dc
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
br
etag
W/"04effa05318db1:0"
age
335831
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
9F5-908IzjViEfwMcKKkuOYiKUxXeO3phwUjhSCbk0ClNuXHr0C4Dw==
date
Tue, 26 Nov 2024 07:32:48 GMT
content-type
image/svg+xml
last-modified
Mon, 07 Oct 2024 00:55:40 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
others.svg
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/menu/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/menu/others.svg?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
8bae61b07b6ebf3539b93076b7ef69f71885c540c67905272bc9c3b16d5d8907
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
br
etag
W/"04effa05318db1:0"
age
335684
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
0mzIYpYTmvUumntr9EogpGA_LCrGiNoAiXqr077-PMrNrcsi9grDyA==
date
Tue, 26 Nov 2024 07:35:15 GMT
content-type
image/svg+xml
last-modified
Mon, 07 Oct 2024 00:55:40 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
sports.svg
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/menu/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/menu/sports.svg?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
fce76ed9832ebe63dff55566f09f39e06282278a946fe156c061661c6f2c5fdb
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
br
etag
W/"04effa05318db1:0"
age
335831
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
FHEdWPDeLMZGUH38KQ6mRqAIGHdvMShjeyWM3aP5Q_lx0jiHHIm5HQ==
date
Tue, 26 Nov 2024 07:32:48 GMT
content-type
image/svg+xml
last-modified
Mon, 07 Oct 2024 00:55:40 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
crash-game.svg
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/menu/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/menu/crash-game.svg?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
0a589d28f3913c1b4f251f1c0bd1e12cc19a3cfda16cda96221b2ede05230356
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
br
etag
W/"0a62144c119db1:0"
age
335831
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
PIGtX-12r9-QqO2JkNK92pz2mWik0humkCoLu4N3aa78yMTbieKFkA==
date
Tue, 26 Nov 2024 07:32:48 GMT
content-type
image/svg+xml
last-modified
Tue, 08 Oct 2024 20:33:00 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
arcade.svg
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/menu/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/menu/arcade.svg?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
239f2bcdb438e5df978cc693a0ae3f82609ed597c5dd33ca9199996571f318f7
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
br
etag
W/"04effa05318db1:0"
age
335831
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
4oXCNbAVmhLpx0XPWEKGjpTQ4fFP9zbVJvz7oIvffMNHuqlnLwB74A==
date
Tue, 26 Nov 2024 07:32:48 GMT
content-type
image/svg+xml
last-modified
Mon, 07 Oct 2024 00:55:40 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
e-sports.svg
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/menu/ 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/menu/e-sports.svg?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
2e73ade7e69d68edcf4f85163c70094323e905675cae33b8b09ceae8373105cf
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
br
etag
W/"05ae648c119db1:0"
age
335831
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
Ra7ps1o879-cdsbtyfa1fU2OEP-1fmrj6BykKBTs8JvwTjXH0Lr9zw==
date
Tue, 26 Nov 2024 07:32:48 GMT
content-type
image/svg+xml
last-modified
Tue, 08 Oct 2024 20:33:08 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
cockfight.svg
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/menu/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/menu/cockfight.svg?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
2fca1a1caa240e49df0a3047f7e7835aa8eda37c815c6be7f223799a8aeefeb2
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
br
etag
W/"04effa05318db1:0"
age
335831
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
u5SHfvVq_YAgjYctbE24NqgDl2_8YaH4vqQyryjvieBF_VKRAiDXGA==
date
Tue, 26 Nov 2024 07:32:48 GMT
content-type
image/svg+xml
last-modified
Mon, 07 Oct 2024 00:55:40 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
promotion.svg
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/menu/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/menu/promotion.svg?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
a337e233cb2b47d66532673865878fb1a45b57aeccf86979aa72449757edbba7
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
br
etag
W/"09b4bf1f220db1:0"
age
335831
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
K8nNZKdGKlK24Rk05usI9tyRVagKEwriEsTO3I2DyGtQh3_60a_3Tw==
date
Tue, 26 Nov 2024 07:32:48 GMT
content-type
image/svg+xml
last-modified
Fri, 18 Oct 2024 00:16:14 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
id_cbd_4a5b0dad-3847-4f0d-a2a9-432711c61a46_1732799491500.jpg
api2-d8r.imgnxa.com/images/d8r/ 		759 KB
760 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api2-d8r.imgnxa.com/images/d8r/id_cbd_4a5b0dad-3847-4f0d-a2a9-432711c61a46_1732799491500.jpg
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7724795d249fd9e6e68781a64f1b41deadd453c68b58bf45dbe9f3790c8a5cc7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

cf-bgj
h2pri
etag
"a67983e9841db1:0"
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lIU8He8kiNx1rOuuMxAz2ezmn0I4VKFHrw%2BRaj1N0ql%2FxAJ3A1h1hmbN7OjwpKwIBnfL1CIbpREcFp4UAxKpyOcq18QIu%2BDWTzxtW5fuxlN3Gwn4iFLkNS9S%2B2bS5i3MWuWN8IKIA32U936koXCGWAM%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=10690&min_rtt=9506&rtt_var=4349&sent=209&recv=9&lost=0&retrans=0&sent_bytes=265922&recv_bytes=2789&delivery_rate=424160&cwnd=255&unsent_bytes=63920&cid=861ce7d7bbe1505c&ts=468&x=0"
date
Sat, 30 Nov 2024 04:49:59 GMT
content-type
image/jpeg
last-modified
Thu, 28 Nov 2024 13:20:07 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ea836c8884b7cb2-EWR
accept-ranges
bytes
content-length
777368
x-powered-by
ASP.NET
server
cloudflare
id_cbd_24cfbdb1-b752-4095-9f2c-87e48dcc92b0_1732798820640.jpg
api2-d8r.imgnxa.com/images/d8r/ 		682 KB
683 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api2-d8r.imgnxa.com/images/d8r/id_cbd_24cfbdb1-b752-4095-9f2c-87e48dcc92b0_1732798820640.jpg
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
aa04933226b753236b014c280aaec838d2c24b533477ea097b1966a56c67414a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

cf-bgj
h2pri
etag
"8bddc3d99641db1:0"
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FVGnPZqCbTI66m0A%2F8wK63m5GH36jT7ySzp32P9wEUQAY8XCSLjc7cce%2BVHl0iB2GkBzjxqbLY4%2FcshZJ0mVb26zd5yj9JRSXkA5rJWDrygC08je90BFYZyu7vTNgchucb3XkAU6oha9%2Fs5Nx4SJAVE%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=10690&min_rtt=9506&rtt_var=4349&sent=209&recv=9&lost=0&retrans=0&sent_bytes=265922&recv_bytes=2789&delivery_rate=424160&cwnd=255&unsent_bytes=63920&cid=861ce7d7bbe1505c&ts=473&x=0"
date
Sat, 30 Nov 2024 04:49:59 GMT
content-type
image/jpeg
last-modified
Thu, 28 Nov 2024 13:10:09 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ea836c8884e7cb2-EWR
accept-ranges
bytes
content-length
698503
x-powered-by
ASP.NET
server
cloudflare
id_cbd_ef2c2529-531d-45b0-bb8b-372f143902d4_1732798051837.jpg
api2-d8r.imgnxa.com/images/d8r/ 		980 KB
982 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api2-d8r.imgnxa.com/images/d8r/id_cbd_ef2c2529-531d-45b0-bb8b-372f143902d4_1732798051837.jpg
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
99b9eea312a8c3947e60cb25e0dfe4a5af89f3832dba4fd285b197a62f403d7b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

cf-bgj
h2pri
etag
"c4b9f7d9441db1:0"
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nTrtikzUOcaNG8%2FUzm075LGztESpo9dRHWA00ok2y8Kubj4dgH1cv9Fs8p6v9C%2FhG6u%2FXqg%2F0MtVCBPm%2F596gioSq%2FF7Whn6cUV76ehJyyPELbX4OmG8xp3CQj2b5b%2F%2FSrUP361tr%2F7jYVxlNPoAenM%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=10690&min_rtt=9506&rtt_var=4349&sent=8&recv=9&lost=0&retrans=0&sent_bytes=4034&recv_bytes=2789&delivery_rate=424160&cwnd=255&unsent_bytes=0&cid=861ce7d7bbe1505c&ts=466&x=0"
date
Sat, 30 Nov 2024 04:49:59 GMT
content-type
image/jpeg
last-modified
Thu, 28 Nov 2024 12:50:08 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ea836c8884f7cb2-EWR
accept-ranges
bytes
content-length
1003784
x-powered-by
ASP.NET
server
cloudflare
id_cbd_1967ff3a-923f-41b3-934a-4c14cf3c358b_1732797919850.png
api2-d8r.imgnxa.com/images/d8r/ 		422 KB
423 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api2-d8r.imgnxa.com/images/d8r/id_cbd_1967ff3a-923f-41b3-934a-4c14cf3c358b_1732797919850.png
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
583006cfa79a8b1f6458728d20c223a57247f57799b92ffe0cbe635a6319d9e0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"46f248f9441db1:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BTkxs%2BtQ%2Fspxci3B5aWNB%2BRJHOywq1r%2ByXW%2FERr%2FibuNF5K3UFU%2Ff0%2BxoiIsnR0MGHbUDFC0FEtKKhtnCW21HLcCItq%2BxaMBCrxfqIML89Kcyab%2BtKkyPpbJORFXtnNe%2FNirBSg79ksLEncX2qPyMmo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ea836c888507cb2-EWR
accept-ranges
bytes
server-timing
cfL4;desc="?proto=TCP&rtt=10690&min_rtt=9506&rtt_var=4349&sent=209&recv=9&lost=0&retrans=0&sent_bytes=265922&recv_bytes=2789&delivery_rate=424160&cwnd=255&unsent_bytes=63920&cid=861ce7d7bbe1505c&ts=472&x=0"
content-length
432081
date
Sat, 30 Nov 2024 04:49:59 GMT
content-type
image/png
last-modified
Thu, 28 Nov 2024 12:50:10 GMT
x-powered-by
ASP.NET
server
cloudflare
vary
Accept-Encoding
jackpot-play-logo-v2.webp
d2rzzcn1jnr24x.cloudfront.net/Images/jackpot/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/jackpot/jackpot-play-logo-v2.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
d5764279fe4b7e27d481581b1b68590f32574d05d0fb52a89a7b3c9628aba0c4
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"0678726414db1:0"
age
335830
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
mD3V9ENIh0UzyWHAcLsLQJXK5UkgRBdWDkEqTmiqDAJFxrshYvaSpA==
date
Tue, 26 Nov 2024 07:32:49 GMT
content-type
image/webp
last-modified
Wed, 02 Oct 2024 00:45:58 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
1690
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
singapore-pools.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/singapore-pools.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
0fd96c7821ea9c55608a79e28f05880f36b0019f6bae97d361464d2aaa38ca80
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"03fe25575c7d61:0"
age
335249
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
wrPCUJvbLM8IqUFL4TBfkkVv1JYJ_tLUYqkcE7WK2lbPM2wbeDtleQ==
date
Tue, 26 Nov 2024 07:42:30 GMT
content-type
image/webp
last-modified
Tue, 01 Dec 2020 00:03:02 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
1620
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
vs20olympxmas.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/vs20olympxmas.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
be13203c28bd1f7829f291ef246decd34c7142ac831e072206358b7922548bca
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"06e4ae84a3cdb1:0"
age
162221
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
i5HBiIIuSvruMeSx5Hs8ZvfOnD8jrgRcyv6QGTK21cKvZCt8nDxi_A==
date
Thu, 28 Nov 2024 07:46:18 GMT
content-type
image/webp
last-modified
Thu, 21 Nov 2024 19:23:56 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
11412
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
mahjong-ways.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/PGSOFT/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/PGSOFT/mahjong-ways.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
a6cb36e0f9dd285032e9e19b2eebbcd66369743313562a4c72233ba70227780b
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"0435fa416f1d71:0"
age
335830
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
5JAHY9H0q-0aUjgQ0-6foB9AfLfwe9HumQ2DEC5xomEniFkOqKS7Yg==
date
Tue, 26 Nov 2024 07:32:49 GMT
content-type
image/webp
last-modified
Tue, 14 Dec 2021 18:15:58 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
28688
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
vswaysmherc.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/vswaysmherc.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
6ac569dc88565cef8f6e793728f5fa7398e2a4621ecda3f5f59982e30eced321
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"02a6a5ef3adb1:0"
age
335830
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
iOMgHWTdfYfttv_eTYcVBLbCvF2BGj-bkhNnwmJWpp7FLhleqXkKIw==
date
Tue, 26 Nov 2024 07:32:49 GMT
content-type
image/webp
last-modified
Wed, 20 Nov 2024 01:53:40 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
12684
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
vswaysmahwblck.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/vswaysmahwblck.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
8cb5020541a925d56097ec88e9f8221509aba0382ef7536d0b3f02df2ee3593a
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"01dc2f9d2ddb1:0"
age
335831
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
Nr2KBAT8Qp1znsijzaiG4FKpzawow0MDULIU81U2Mh7oh498hdTJHA==
date
Tue, 26 Nov 2024 07:32:48 GMT
content-type
image/webp
last-modified
Sun, 03 Nov 2024 03:05:06 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
14244
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
HACKSAW_1562.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/HACKSAW/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/HACKSAW/HACKSAW_1562.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
28db4437904a6273bd764ea4848c12af17e3c82c6faafa6c34d81dceeeb3364b
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"06cf2bf13db1:0"
age
335830
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
PChEBh8oIo-Yy3ZYxnNCduSri9D6uQEZoRxpEi-7RoCTaZyn0ORCfQ==
date
Tue, 26 Nov 2024 07:32:49 GMT
content-type
image/webp
last-modified
Wed, 11 Sep 2024 02:19:36 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
14670
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
vs20pquestx.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/vs20pquestx.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
665767f3b477c3c012e79c7c21c5b3e1fb5997a83aeb7e2bcd7981fe35f83054
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"0ef4d45d02fdb1:0"
age
335830
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
_G4JlJIbzVTr3xhFQYedPGmvYQPSA9fDo7-0CztHqTAvzkjMTRk-pw==
date
Tue, 26 Nov 2024 07:32:49 GMT
content-type
image/webp
last-modified
Tue, 05 Nov 2024 22:15:50 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
12374
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
HACKSAW_1534.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/HACKSAW/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/HACKSAW/HACKSAW_1534.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
37727a7e1ef801691ac8cdf2f751401b722701346336af4154cd6b5976bf500f
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"0a4a46fe5d0da1:0"
age
335830
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
DiXzzqjWzO9UUlxHb3t9v95cDSl2DnbuDyB_e9jSzgaRolO4rKa3Nw==
date
Tue, 26 Nov 2024 07:32:49 GMT
content-type
image/webp
last-modified
Mon, 08 Jul 2024 03:18:00 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
14490
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
vs20olympgate.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/vs20olympgate.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
302f07a0c666aa1a497cdf887b675b36c8482cc42fda64b6e73af3511cc2220a
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"03dc25c7dad91:0"
age
335802
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
-oZTsNmBH_bMr1E9BTr-DH4giD0T9_BNFAs3M9VTld6LlzgRUvErTQ==
date
Tue, 26 Nov 2024 07:33:17 GMT
content-type
image/webp
last-modified
Mon, 28 Aug 2023 23:28:34 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
8902
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
vs20slot88sb.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/vs20slot88sb.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
3dbc59ed2c52c1d34cf5645585aa4d6cdfcfc62e7ad691cd1dc06fd0fa6ec565
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"02a6a5ef3adb1:0"
age
335830
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
vipRePRL1Vr1La6I7OV582mXxtlRuZjfGIk0Vj37-0dvkRoUfblvLg==
date
Tue, 26 Nov 2024 07:32:49 GMT
content-type
image/webp
last-modified
Wed, 20 Nov 2024 01:53:40 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
14168
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
mahjong-ways2.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/PGSOFT/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/PGSOFT/mahjong-ways2.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
7f217ebd4c820f770092e873269e813b93d3c5e195e7018f01d02dd7bec119dc
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"0435fa416f1d71:0"
age
335830
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
XGKApF1VYaAsRncIacDGif_GmZC0YMXIjQC69IXwkWYP1hWg8cT8gg==
date
Tue, 26 Nov 2024 07:32:49 GMT
content-type
image/webp
last-modified
Tue, 14 Dec 2021 18:15:58 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
21606
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
vs20starlightx.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/vs20starlightx.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
52b7c7f870ecccf90b3fb498bca2e4d3974470bbc5246e301b97c113421e9868
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"0f4273d4422da1:0"
age
335830
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
IlGGYLSi-GAguVQsGWL-fBPebm2H9o2MmKv4Js8TEoygTdPfOwCpBQ==
date
Tue, 26 Nov 2024 07:32:49 GMT
content-type
image/webp
last-modified
Tue, 28 Nov 2023 21:45:44 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
17062
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
PGSOFT_135.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/PGSOFT/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/PGSOFT/PGSOFT_135.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
1db58d5601dd8d3b42dec6c2a01eb97cc812efb938b5b6045453a2fb84d383af
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"0ed2f869b0d81:0"
age
335830
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
C8_d7MCQfwlVpWZRdplJD9_KpG0Plo6eoakKxzseGGaOcAOCMUrt1w==
date
Tue, 26 Nov 2024 07:32:49 GMT
content-type
image/webp
last-modified
Mon, 15 Aug 2022 05:43:40 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
10658
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
SMG_luckyTwinsNexus.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/MICROGAMING/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/MICROGAMING/SMG_luckyTwinsNexus.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
de815985cca45ef8e93e564749333bbf84be1a054961f86a06b038ef56464fed
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"050b0af8bfdb1:0"
age
335830
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
IaT5tPACGZEFPnrh1ZsKICTwCElACaepyDXHMmhQCoPFFF4wO0Yslw==
date
Tue, 26 Nov 2024 07:32:49 GMT
content-type
image/webp
last-modified
Wed, 25 Sep 2024 20:44:16 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
13100
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
SGNexusKoiGate.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/HABANERO/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/HABANERO/SGNexusKoiGate.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
9191f17b9068c43921c043900892c07e21d5d1bead4e551b4434f9b2a14b66e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"07c6847e152da1:0"
age
335830
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
2PmrlMzMXqga2MvaO63xusg1DLh-CDxWajwvidKtd8QkZik4O6Q6Ow==
date
Tue, 26 Nov 2024 07:32:49 GMT
content-type
image/webp
last-modified
Mon, 29 Jan 2024 18:30:48 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
16520
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
thecrypt00000000.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/NOLIMITCITY/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/NOLIMITCITY/thecrypt00000000.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
e8eafdcdf94f13cf25a08e907e2a49f4823b208e2c1d4b01149539b728a53ea2
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"0bb9cac5394da1:0"
age
335830
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
pj1X66jrDwLBwSLNG9WQASqCml8IqlGgZvmJn2J5WR8gIR0hKxRPdg==
date
Tue, 26 Nov 2024 07:32:49 GMT
content-type
image/webp
last-modified
Mon, 22 Apr 2024 01:23:26 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
8820
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
SMG_CarnavalFiesta.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/MICROGAMING/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/MICROGAMING/SMG_CarnavalFiesta.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
7ba7a0b036892872de4e1081b23778b1de31b9e3e4c40fb57cb72c4b015dc363
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"0faed89803fdb1:0"
age
162221
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
KrmrLa_9TEBKYPB8oiZpMnbx4My5okWB6lnfVd-7e2K2rLTonfTgLg==
date
Thu, 28 Nov 2024 07:46:18 GMT
content-type
image/webp
last-modified
Mon, 25 Nov 2024 21:25:24 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
15722
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
mental0000000000.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/NOLIMITCITY/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/NOLIMITCITY/mental0000000000.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
6972eb83b09a5ae932ddf2a1a692bc2382922c3e44fb5067580a9e2ed32b40d3
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"0bb9cac5394da1:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
DZGoBTrTVre7xKVSBwYBsg6HjDM2U_g_3Ybp_mxFuAMEn2Fxu_NouQ==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Mon, 22 Apr 2024 01:23:26 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
7674
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
JILI_223.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/JILI/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/JILI/JILI_223.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
15e1591b565a8c88315f120027aff93fafedd239ec551d91dc9aae8d13d0849e
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"03f981b0afd91:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
9VK0B2kZsadPl82ZnZ92ULg0hZWMIrZDUH2_wVUJuagDs8IkYbGtJw==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Thu, 06 Jul 2023 02:17:26 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
13600
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
SGHotHotNexus.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/HABANERO/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/HABANERO/SGHotHotNexus.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
6001fc7fd22aa804e3a5dbc7852cea5bd1da9e42e5e8615f52b0ddd9b82e0c3c
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"073d93f2d65da1:0"
age
335830
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
UhvrOMIacOAS1eGlD9TYpSTwr19QB2HviJT2pBhs82unniBhJq10cQ==
date
Tue, 26 Nov 2024 07:32:49 GMT
content-type
image/webp
last-modified
Thu, 22 Feb 2024 01:19:58 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
8888
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
JILI_109.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/JILI/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/JILI/JILI_109.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
2fbedfe19a271f381fba8591adc77765ae24add830c31a23dd306e9d988fadee
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"04317d87db6d81:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
ByUsWNDhwRxL2Ti7rLvD9sXeFFs0LhRd5UGQbUchuHq4wD66r7rTlQ==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Mon, 22 Aug 2022 23:21:02 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
12690
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
vs20olympx.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/vs20olympx.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
6f8db2adc18a2fd5ac5d2486d9852fd9685d5e00a8bb7e8078a665e253ce890b
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"08946c5ae53da1:0"
age
335830
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
GL9ZSNHnHCgAGUbPgCKVma-h2yac997hGCTUuGF0ekto0Rx36B4HMw==
date
Tue, 26 Nov 2024 07:32:49 GMT
content-type
image/webp
last-modified
Tue, 30 Jan 2024 19:01:46 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
12196
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
vs20fruitswx.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/vs20fruitswx.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
049251f633609950a24d3a533cf4941408eb167b4008c0d794583394d9611d7a
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"05deb8724acda1:0"
age
335671
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
eBjZAVpogTCW3cKODazlvWF3hHq6Y3kxiOJ4goNWw_uePc_m983G6A==
date
Tue, 26 Nov 2024 07:35:28 GMT
content-type
image/webp
last-modified
Wed, 22 May 2024 08:46:26 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
12528
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
vs20gateslots88.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/vs20gateslots88.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
760602e639af3e29a3a970194a37bb64f6fbeee1b54cf5b41e69fcfb56dac58c
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"0d1baebf69bda1:0"
age
335754
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
wHMjU4F-F0mWhmTTVu_dFEDqR9pqgymVGCIN52qVgF-v_HCHPHxmVw==
date
Tue, 26 Nov 2024 07:34:05 GMT
content-type
image/webp
last-modified
Wed, 01 May 2024 18:39:38 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
13226
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
vs20gatotx.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/vs20gatotx.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
836aa8ae22eab52480fbdc25c22d11c98c6cb94ba2e56b2a2d40871888fd36ee
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"07758e9f69bda1:0"
age
335802
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
0pmxcpLNgM1Qzlb53W7Ocnz_w6tWndCsRm_-d2FgEpM2yJbK0nzrfQ==
date
Tue, 26 Nov 2024 07:33:17 GMT
content-type
image/webp
last-modified
Wed, 01 May 2024 18:39:34 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
11084
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
vs20gatotgates.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/vs20gatotgates.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
6db312a99782ace951cc241a424d2c891a993a3c51d233b787aa08cac9c92a69
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"0708eaca10d91:0"
age
335797
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
HtygKqDLxeOyE06Mi1wqFDb9deA3QAJNyPO_atC-JB8Vx60kYO5-Zg==
date
Tue, 26 Nov 2024 07:33:22 GMT
content-type
image/webp
last-modified
Thu, 15 Dec 2022 21:19:28 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
11800
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
arcade-link.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/arcade-link.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
0e50bc47c56ad5566f451b7f3f31a43b17b7702796283207452328cde81c6a31
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"03fe25575c7d61:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
QV0MGPtoK4Pf1tSWaeB02gF0f_6X5Tf1YU8y97IT9T6A4SQEfMGq0A==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Tue, 01 Dec 2020 00:03:02 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
8930
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
PP.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/PP.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
b9214af64afc3d402580903b50eddc38073d192a8d830fe624986052bf848046
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"0f99786ebcbd91:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
mY12NLkvYgSin17ZkMGqRR7UV99X9ZOSuIHV7nJXXDjLXlMlU_gzqA==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Fri, 11 Aug 2023 00:34:02 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
1694
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
PGSOFT.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/PGSOFT.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
b31885928f3ec559312aef827929dddc7e66f5dcb00e3aae95a4c3b51d4cd1cd
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"03fe25575c7d61:0"
age
335830
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
j0SQnWyRB63IduLK-QoMaftR_S1mLIZvq2rz9iuwK87_Lk0nbARfjw==
date
Tue, 26 Nov 2024 07:32:49 GMT
content-type
image/webp
last-modified
Tue, 01 Dec 2020 00:03:02 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
1680
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
NOLIMITCITY.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		660 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/NOLIMITCITY.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
35823b2a8268b9788d0f58393471396298cc1d3b068f0c414ef8a374fba57f8c
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"0514ed580ded91:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
NfwwcPagxJtsZdgdeLw-DFQ9kYEGAlRTGCQS1LXLzx9T78emucpHfA==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Sun, 03 Sep 2023 16:08:10 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
660
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
MICROGAMING.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/MICROGAMING.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
596139c627eb45c8e6c2bd6b2dd109edc666913578225853e655614e701cfa74
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"03fe25575c7d61:0"
age
335830
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
_qmkS5n_6_OrQCdCuV7dBBVrb4uyeUWgaRCbmw_9ufwz_O0zIbg90w==
date
Tue, 26 Nov 2024 07:32:49 GMT
content-type
image/webp
last-modified
Tue, 01 Dec 2020 00:03:02 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
2498
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
HABANERO.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/HABANERO.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
b9d65eb417b0a7e589dfb87fe0cbab2dbc005eee3ba1ac8c93a50e6cff711a07
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"03fe25575c7d61:0"
age
335830
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
xN9YBUSir3SXjmgD6fwC5zg0D1NNUz9vM7vPGnBJ2GlbdzaFLMdnZA==
date
Tue, 26 Nov 2024 07:32:49 GMT
content-type
image/webp
last-modified
Tue, 01 Dec 2020 00:03:02 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
1414
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
HACKSAW.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/HACKSAW.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
fdbfdbab77e4d9176749cb70f0d9aee8a376c401a82b89ad38f4b26996c76469
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"06554a4570da1:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
JQpWIalynjUmKUtYkwt8JiyDj82RlqaOpMXIqCYRr-ZQqK1KTajBGw==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Mon, 16 Oct 2023 17:38:58 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
1124
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
JILI.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/JILI.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
8ab86aec2d06c54afd5c40f732ac8564df62588e0afafe662553ceb8849bde14
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"099772137b7d81:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
28-RmXDRotNBd6IhAFQuDOrjVKXOlqO5NuQfiOufhBV59C56aFTKEg==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Tue, 23 Aug 2022 21:27:22 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
6050
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
SPADEGAMING.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/SPADEGAMING.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
50407da9776ea5aae6510138735993cfaaba78ba43d7aeafcb72ff9310638706
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"03fe25575c7d61:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
YwLixVFitPolsm_H1HynYXGwH-kt-wcszvaIRKn7WQ8hQCLBiknOgw==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Tue, 01 Dec 2020 00:03:02 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
1468
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
JOKER.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/JOKER.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
939e2d8310308c502d893fd6eb789b735cee4c77ca137824dcc8ff48efdcea7f
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"03fe25575c7d61:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
ljA6jIgyv-c0Kjz9hmhz6R3lwFLCNDuJMdJs6NA_H0ikeaVW0i2geg==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Tue, 01 Dec 2020 00:03:02 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
3898
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
ADVANTPLAY.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ADVANTPLAY.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
45b1fe0c0379a3c71b9371e31bf453cb7bd9183cadc87a451725c7df6f51e284
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"05dad3a8868d71:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
pGYRQ44m6l5IL1Gci-EY3AdU8BStLNYC2vgw_fyTm4tRIsYGOvT8Kw==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Wed, 23 Jun 2021 23:33:54 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
2684
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
SBOFUNKYGAME.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/SBOFUNKYGAME.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
e21ac0c0364efa961c96147f5397b10f27ca3aab2edfd4a6bf450672274ab0dd
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"023f4f5fcbbd81:0"
age
335830
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
lsCahAYwFSjsc-URM-tdUs_X1yAnE0KXSWwzwXO_cmX7kpvtkLx0SQ==
date
Tue, 26 Nov 2024 07:32:49 GMT
content-type
image/webp
last-modified
Mon, 29 Aug 2022 23:13:34 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
2270
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
LIVE22.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/LIVE22.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
41e5928402d722da096cae3af94f089cb6fd275c45cdfe6e69e8ff0d40f74a1b
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"0459e3e246da1:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
N0H0p2Jp3kKtR5moBOXLMSaLh2HPdIpr51_yM3aaL1EAKZwp77rBjQ==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Tue, 24 Oct 2023 02:46:10 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
2976
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
PLAYSTAR.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/PLAYSTAR.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
3a397a42d6a2156f0d80358983c8d9e868ab70f9d9fadd4ab74357aacad37c43
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"069161e42aed91:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
jcd6M_m2B2ZP3SiFRwxYmHGZSW74Q0GH6wgcoorBgeRQbHNOMZiK_w==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Tue, 04 Jul 2023 06:38:18 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
1740
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
SPINIX.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/SPINIX.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
32bddc228daaf74b248ebe9ed4d0875887211d79d0d35afc98f6efdd3665cff2
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"0c99412acb2d91:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
k0o5ZgrQrL_Alh8UO4iq__q6VQr8cvLI89IGf94cnDbX7w8x_yn4FQ==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Sun, 09 Jul 2023 21:26:50 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
3824
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
CROWDPLAY.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/CROWDPLAY.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
804ef78ce3c4edc8595d8f27d3379ca388b72cb1054a5f3a57754af44f49f3c8
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"09899903929d91:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
EUPBVx78aojvPkrvmuTkpnFMNwgEYc_pwdcNKzRpwaCst3jiyT6KVA==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Sun, 15 Jan 2023 23:32:00 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
2274
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
BIGPOT.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/BIGPOT.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
65bbbc4d8b3a11201cf60b6b3a4222364979a6ec055a33149ca699e4f36b26a7
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"0ed74c893e9d81:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
P4ZgEOYM7vdyqeKi_hJMIFpep-TxWu_HtfYgE0Ge4JpZIrmXxwCTYA==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Wed, 26 Oct 2022 23:36:34 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
3044
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
VPOWER.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/VPOWER.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
24549c23d989d94cea0481e72f7c2b34badea68c4f5488ebbe9358fe7f7b0016
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"0bf3cce2cf2d81:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
3t0GByRVXyOinWqnqJxEMmJar448A2x3N9Dcs-_kYG1AgMXy9DdNig==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Sun, 06 Nov 2022 22:12:06 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
4724
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
WORLDMATCH.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/WORLDMATCH.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
98965766abf030ee208916843a7c54e386542598bddce5e4353be43a746c3109
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"0ac2b53d498d91:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
Emo2oBu489AjLJyMWOUF3vOLhYNSfo37K7F_418VRygpsPIDjHcjWQ==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Wed, 07 Jun 2023 00:09:28 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
7132
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
FACHAI.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/FACHAI.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
1f4ca3ccb0e7847d8589abf8677c541874a93bd7acfc46796ea5dfb6339a9fea
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"052325098ccd81:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
3F3B7Ti39GeZA3f4yKSJ7JwAFlktIFskDE-Scuyd64AhxhP78FWuCw==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Tue, 20 Sep 2022 02:25:56 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
2112
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
SLOT88.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/SLOT88.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
b61a6780549a198771c8f2f302846c964cfc50d1b5eb311a8b05ab64d6f03ae3
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"0216c60b7bed61:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
TnevTZBK2ZoclA6hk7yCn3DLwrWB-5jLTN-XqbZn0mjL9qnGHYbQ8Q==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Thu, 19 Nov 2020 21:03:06 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
4204
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
PGS.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/PGS.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
88ac046560a9fdabfc22dd31a705be1e498f9616a5473396b76af366f720c78a
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"050ab3e613bd71:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
2n6qaWfniKHiGxUW15EfK8nN4TZTGzZ-bxN-8Qqxdwl9lTRsClySlg==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Tue, 27 Apr 2021 12:31:28 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
2728
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
AMB.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/AMB.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
f70655c83177d426318baf2e7ed284b79e9651504e4fbfd8297fa14256acec2f
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"040989a15e2d91:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
EoOY0w1dUyp0BdKCLvZXHHOcryT7VaiiikXMF9F83ssrvQ6K7I5vBA==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Fri, 08 Sep 2023 05:30:40 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
3582
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
MARIOCLUB.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/MARIOCLUB.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
88944437a27fc3fec25e65f3e1239190d6e780cbc74bf3bb42949f986ae457b0
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"05bd6b84d1ad91:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
5Q6ULtTbOvJBV0WLA7x2bTzu9PykAtiVpRI43i3LwgqMZb9A6eENkg==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Tue, 27 Dec 2022 23:48:30 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
3372
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
DRAGOONSOFT.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/DRAGOONSOFT.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
90e95cdf492ba6d8043b409833f2d098add7e96a5547bd7958511b896be3faf8
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"0e146c4cf9d91:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
HowsmmVSGnMUYhFfHdXcix62lZQsxZUsRWEaOPGHJeg7989-6Ppy3A==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Wed, 07 Dec 2022 00:06:34 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
3394
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
FUNGAMING.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/FUNGAMING.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
f71506a3f7e42100a0394e1626a19a300493a8606504d289d6f03e3393c2cf5d
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"0907e0f0fdd81:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
0YrJamt165DK2EgL77F_n5FKu_4W-SK1N9Yjro0D0TgF-z5HO7k_NA==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Mon, 21 Nov 2022 21:33:20 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
3816
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
NAGAGAMES.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/NAGAGAMES.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
0409f0f345b2a93d35a1afe7a0d909bbda343f0258f3902e8233bb3b6b17ad94
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"059bb454d7dd91:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
ecDLAniF83KA9vkxlvlfFvOOMkTxx8o0BeF8wZYezsBL7l4y1fYOtg==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Tue, 02 May 2023 23:24:42 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
2218
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
JDB.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/JDB.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
31fd49107a3e703d53c7c41c7a9b80dabebbf5f9672896450d4c289fb4bfe06f
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"0375f9fa50d71:0"
age
335830
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
2-oWnuGMIqVUfExazTcSCbrwd80OQoKMfNwtmxuh2cuDw8E1EAqAlg==
date
Tue, 26 Nov 2024 07:32:49 GMT
content-type
image/webp
last-modified
Tue, 25 May 2021 00:08:06 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
1612
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
SBOCQ9.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/SBOCQ9.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
c75d99ad89487826f15dc57295a1c09c60954aee29c837079d511063dfa19c42
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"03fe25575c7d61:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
3-vIGiCuLbMaUsmRM2lcsL_0hsD_EznNTF4bBYEt2JlFhXBB-1-90Q==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Tue, 01 Dec 2020 00:03:02 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
1820
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
ONLYPLAY.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ONLYPLAY.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
9f705a9a632fdc684f8ec28c106b3ba76dea21054da7e1b4af7c9fdded92ec22
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"034132028efd91:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
VNrsN8amkHkuTeIni3L_hGsjV1zHFcOXorXmeBlWP2V_oUdh-cUDFw==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Sun, 24 Sep 2023 20:46:00 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
1308
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
NETENT.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		544 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/NETENT.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
3697842e2ee3a7741155f8872935e644277663b4d83225f81f654f70c425d522
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"0dfd049aadfd91:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
9jjp3pi92pijbwJd-1Uxj7RSGgRawrrhCyfzSrnLYi-HUofOCwUviw==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Tue, 05 Sep 2023 03:37:26 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
544
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
BIGTIMEGAMING.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		944 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/BIGTIMEGAMING.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
ba5178066dbd93ae3ef145321599192c3019fee69e181e899a10f25cade46b2c
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"024125882ebd91:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
9EV-s4n16twgBACIrBpIpcLjBODIhHp_E5hOrgB5p-jM2uQ1MPBDCA==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Wed, 20 Sep 2023 05:21:44 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
944
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
REDTIGER.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		774 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/REDTIGER.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
6c277b593633b38496b1bd02f37b0dc516e9820e6aad76a7e734eebe9e2b1f10
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"0ad51dfffebd91:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
e-cOE-7sQOUZTyymhxqQtmPdXoH7vt6bVx3uir0z_kXhQv0b5rIsUQ==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Wed, 20 Sep 2023 20:20:18 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
774
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
SKYWIND.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/SKYWIND.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
f4adf30f59eeee394fccf390285ff49771ec2f41963665c0e6c0f78b5cb2532d
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"09329d6d4b2d91:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
CTI0J_rk0vf8-Nh1KF8KkfqdzzyGlpJsayu61Gjr4nbvaQegMo3kLA==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Mon, 10 Jul 2023 02:18:38 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
2284
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
YGGDRASIL.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/YGGDRASIL.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
9eb58e7045f2f4199edc5d7d8da5115f0660c1742e3755d84bda54c1258fc2d1
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"0358576ae2d61:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
PckaBp_95zf6T2sVJO35ohW5gm_nB12xf_oVwUadKRLh1CILwa--RQ==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Sun, 03 Jan 2021 19:56:02 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
2658
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
PLAYNGO.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/PLAYNGO.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
6217bca2305d976864bc4a5a6f9a9e2b72c2ebe01942d88e6261b1357af77c6b
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"03fe25575c7d61:0"
age
335828
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
4JFu19gZke5rrUWpMl1ZmNuDNowANE92EGzXl5VGNrOBTIFdlISqtg==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Tue, 01 Dec 2020 00:03:02 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
3412
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
download-apk-background.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/download-apk-background.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/Content/Home/desktop-css?v=IsjCO_ISG6SP68biXcowDbNVCOC1haSxrQSiQUs19fw1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
35142fe483ca1416affab4a0b41adc1e06bc5e40b620e89bb25035fd60aa016e
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"085aac02a86da1:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
u2H4H1uD7kbLFW8bET7lEW7lhBA7KK_sqGNhSnVoK_BHyKSTCvXYnw==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Thu, 04 Apr 2024 00:55:14 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
14352
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
download-apk-phone.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/download-apk-phone.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
2d429edaa747948401247f866db3422618b0730ec4888f4adc699d0afbf95f42
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"04356e1ac1da1:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
GBFP_NLoHWplLKG0ygEGoXulB4bDYzfskmReHKCkVAUdzs6NIpXDXA==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Tue, 18 Jun 2024 00:57:02 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
51350
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
D8R.webp
d2rzzcn1jnr24x.cloudfront.net/Images/apk-qrcodes/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/apk-qrcodes/D8R.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
d7078eb6fc05ccb9a535bb4011fe1053b8a8404174b4144ee7d426921a77f836
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"91faa02ff93edb1:0"
age
320083
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
_xr_F0tkrniBKEMczsqsfu4zz7o2j8s4UlepZMfOUjG3mu446KnO5A==
date
Tue, 26 Nov 2024 11:55:16 GMT
content-type
image/webp
last-modified
Mon, 25 Nov 2024 05:16:30 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
1046
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
382549024815330
connect.facebook.net/signals/config/ 		76 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/382549024815330?v=2.9.176&r=stable&domain=doremi88-ouc.site&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
73f1442defae0f148c800e7e14591759312e69a0cd63498a2f70e484d51ddaf1
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-XpCszG6m' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 30 Nov 2024 04:49:59 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-XpCszG6m' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=36, rtx=0, c=77, mss=1232, tbw=72105, tp=68, tpl=0, uplat=68, ullat=-1
pragma
public
x-fb-debug
jbutWSGYStxeILhnPdB7MG83mvxKeeaFvcwD0XynBYPOlmyUPAyAvWxIJfjEB2y6ySw7+rq2Kv+7COVYSrw6mQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
15102
x-xss-protection
0
origin-agent-cluster
?1
progressive-jackpot
jp-api.namesvr.dev/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jp-api.namesvr.dev/progressive-jackpot
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:c0c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://doremi88-ouc.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ea836ca3ec5c325-EWR
date
Sat, 30 Nov 2024 04:49:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=1,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vZP6ZbaVNXtpB9BkgpI7QmhbO5Y%2FvJNHIB1OOMshlLSrTZFXDQcxhpN4OsYhdG6qToZ077QTv6mWN28pYVENy7LqDykhOKpeAvCRsg04NBXxnuEemb7LFlKZtdsF472fGSLJihGS8Rfnzf2T1fR0rgI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=28841&min_rtt=27523&rtt_var=5239&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4151&recv_bytes=4372&delivery_rate=508&cwnd=12000&unsent_bytes=0&cid=e3302acc88302d98&ts=422&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security
max-age=15552001; includeSubDomains; preload
x-content-type-options
nosniff
x-xss-protection
1; mode=block
notification.png
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/layout/popup/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/layout/popup/notification.png?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/Content/desktop-css?v=fEmOz-d-nYfE79Vr7zcSuIZggSGo2hhcaXa45hSL_Po1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
e0a0dccea09a521a7291d80c32b495190cef9d876a14108509984ba6a26949de
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"05f394758c7d61:0"
age
335830
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
D9kqachz1z_iHbMedq6FW0YENJBPr6UJ_51RS2Me2IE4S5aHQ_OTzQ==
date
Tue, 26 Nov 2024 07:32:48 GMT
content-type
image/png
last-modified
Mon, 30 Nov 2020 20:35:02 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
3541
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
progressive-jackpot
jp-api.namesvr.dev/ 		14 B
1023 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jp-api.namesvr.dev/progressive-jackpot
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/bundles/desktop-js?v=cutZqRUl5nVP6bqFHEzmWucvTXKSe1BUtGgAVYDz6AQ1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:c0c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34fc55b9cb9ffc90e1dc7f4dca9e24a2c5b5ab19cc47fe9f672df07829958368
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://doremi88-ouc.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/json; charset=utf-8

Response headers

strict-transport-security
max-age=15552001; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gPJPmmq1J0bIzjnhMjpDG7MexsUFAyYxh23bt815RAcYhJK%2FPJRnegKmvj5F6voZKBV7iNZ3k6g7OIJM5v1QEJFgm0cW8DkmWgvpD3VizWa%2BuDwjihTfF6B%2FbhIHH0y3u9x%2FTu44kmzHeywALH8eYR0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8ea836ccc8b6c325-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28841&min_rtt=27523&rtt_var=3929&sent=13&recv=11&lost=0&retrans=0&sent_bytes=5188&recv_bytes=4760&delivery_rate=35123&cwnd=12000&unsent_bytes=0&cid=e3302acc88302d98&ts=647&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 30 Nov 2024 04:50:00 GMT
x-xss-protection
1; mode=block
content-type
application/json; charset=utf-8
server
cloudflare
priority
u=1,i
1h5snm073
embed.tawk.to/64babf3a94cf5d49dc6553e7/ 		2 KB
1006 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/64babf3a94cf5d49dc6553e7/1h5snm073
Requested by
Host: beritaluar.com
URL: https://beritaluar.com/doremi88/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0cae240e564382b23ae26969d9a883e87019f5f6bd1045000ab2aefd8630e54
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://doremi88-ouc.site
Referer
https://doremi88-ouc.site/

Response headers

strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=7200, s-maxage=3600
content-encoding
gzip
cf-cache-status
MISS
etag
W/"stable-v4-67354992019"
x-content-type-options
nosniff
cf-ray
8ea836ca79ab7d02-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 30 Nov 2024 04:49:59 GMT
content-type
application/x-javascript
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
PP.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/animations/ 		202 KB
203 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-alpha/blue-red/desktop/home/slots/animations/PP.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
77134f83a30c54d59ae478a3013c04a4dba1da5cdb043d7f6dc14464dceb8297
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"041c5239d0d71:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
XxSiBecQ_iZcM_cmg0xYvVAx272jRHcyCMx-PK4dSMOOtvt9AgwR5w==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/webp
last-modified
Tue, 02 Nov 2021 22:31:04 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
206830
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
vswaysfuryodin.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/vswaysfuryodin.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
98b77b04d4e5c2a80261acda07f5041157d14d4b5ed2414c24b6b30c4bea420d
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"0aa3b9b823d91:0"
age
335583
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
KuKL84UNdiTBgVq5E5hsCK-6u5sDG2luVFz6NcbVCAtrfgKqMT-wwA==
date
Tue, 26 Nov 2024 07:36:56 GMT
content-type
image/webp
last-modified
Sun, 08 Jan 2023 23:22:12 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
10806
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
vs10bbbrlact.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/vs10bbbrlact.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
949a640b4dc54a55ad39d79e89ba21b5eab4a5cca1c407e0451e283ea4ed5348
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"09552e041bada1:0"
age
333781
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
WiMRCSnUQ3UdiKOnYQrp-rr3vE9uKIAGysVKPv9WhdLZRDLbBU2SkQ==
date
Tue, 26 Nov 2024 08:06:58 GMT
content-type
image/webp
last-modified
Sun, 09 Jun 2024 07:51:46 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
12644
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
vs20leprexmas.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/vs20leprexmas.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
2cb2c0fe30e736915cf45c452e9b42b5b71a8a613975d70119886bb0bb94e80d
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"052fafe8f5d71:0"
age
334183
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
RBLU6xQV4Gn4c5HvXziinMCl_XhPUZHpFqjcQMXiuc9Kp0fgqLRQUw==
date
Tue, 26 Nov 2024 08:00:16 GMT
content-type
image/webp
last-modified
Mon, 20 Dec 2021 21:25:08 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
10994
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
vs20porbs.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/vs20porbs.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
ba462f8e65f49b3d435bd13f91f08d60916e441534364693e1a69011414f398c
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"01e3f9eb2fed81:0"
age
335333
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
TCaywZ_Kat0lrA7ep6TErRAj-K7-Qi_x4sMof_qXDes9LUNQcgH9RQ==
date
Tue, 26 Nov 2024 07:41:06 GMT
content-type
image/webp
last-modified
Tue, 22 Nov 2022 20:40:12 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
12566
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
vs10vampwolf.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/vs10vampwolf.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
937caa9fb7dc38a56b132922c32044bb06469a40c70eaebfb74c75c54497567f
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"0714ae8f5d71:0"
age
335768
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
7KaHGWB9GtqHcm1dTsRjctOyJrh9BlnU4pMD5jL9utPeLLKokLVjRg==
date
Tue, 26 Nov 2024 07:33:51 GMT
content-type
image/webp
last-modified
Mon, 20 Dec 2021 21:24:58 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
11996
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
vswaysrockblst.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/vswaysrockblst.webp?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
b78979c0e3141e710a1acd2e5d9910bdcf5546a594fb6822472954a373bec5dc
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"09ee1353bcad91:0"
age
335607
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
dyRRRhO3FmyKfY9uqiOuOJNMcZT6mjVkXDNgqgYDxixHrsP_Pnw8OQ==
date
Tue, 26 Nov 2024 07:36:32 GMT
content-type
image/webp
last-modified
Tue, 08 Aug 2023 20:59:24 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
11334
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
whatsapp.svg
d2rzzcn1jnr24x.cloudfront.net/Images/communications/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/communications/whatsapp.svg?v=20241125
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
3a5ec12896091137a7fc414bf6c8cf4d875038e5388a937da1b25b1450ebd181
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
br
etag
W/"0c3abd379a2d61:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
jbZZGj_SPdrE7pbefRqGrgy6AJQ5rmaUd1EE0mCKsGS8JHGi7P4hRw==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/svg+xml
last-modified
Wed, 14 Oct 2020 22:31:58 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
jili-special-tournament-nov-desktop.jpg
d2rzzcn1jnr24x.cloudfront.net/Images/banners/home/ 		319 KB
320 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/banners/home/jili-special-tournament-nov-desktop.jpg
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
0b465abf4914335e6d2311fd3554d14cf97d2d540b67d1d87492f81793e2f31a
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"0cb982e7d31db1:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
__6NhYR1LiLlz_5ZlqaOcW_vQsLrYWW4WM5ecbWdJnBZaQ2kMdfBnw==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/jpeg
last-modified
Fri, 08 Nov 2024 01:26:06 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
327006
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
nex4d-banner-october-desktop.jpg
d2rzzcn1jnr24x.cloudfront.net/Images/banners/home/ 		208 KB
209 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/banners/home/nex4d-banner-october-desktop.jpg
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
15821c35c766752be967944e7920e766718565cb457028c051db497faf1e1fe9
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"04ff6688c10db1:0"
age
335830
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
6MCdP-OzRbO1CKoCwIsraeyGf1nNhxd4hlGiRWMqia1BgGNvwWaSug==
date
Tue, 26 Nov 2024 07:32:49 GMT
content-type
image/jpeg
last-modified
Fri, 27 Sep 2024 03:21:58 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
212591
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
nlc-net-ent-bng-gift-promotion-nov-desktop.png
d2rzzcn1jnr24x.cloudfront.net/Images/banners/home/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/banners/home/nlc-net-ent-bng-gift-promotion-nov-desktop.png
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:e400:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
7f7e3fcaf1a62294067a5bc2e49b180783940890628ecbdcd5a5901d28ba490e
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

etag
"038dec572bdb1:0"
age
335829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
NxgRRn6UUtTkSvYHNyWcazIVEdRflQGKVX5NIMD_CeOsdVICmkmnfg==
date
Tue, 26 Nov 2024 07:32:50 GMT
content-type
image/png
last-modified
Thu, 31 Oct 2024 05:44:16 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
1990320
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P5
server
TrillionSoft
1558964875001603
connect.facebook.net/signals/config/ 		29 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1558964875001603?v=2.9.176&r=stable&domain=doremi88-ouc.site&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C126%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
58f1f1aab0385e7d3640cf788894e8d55ecd41ff45b6f3bb32fec839ecc93807
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-L7aPmmCf' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 30 Nov 2024 04:49:59 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-L7aPmmCf' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=32, rtx=0, c=86, mss=1232, tbw=88297, tp=84, tpl=0, uplat=3, ullat=-1
pragma
public
x-fb-debug
WSSpnDE4+7RNvsLew6gqFmQgQu74tlyI/Lp45ULrsgPIktGzhsJfavuc1lJlBmVHDKTH6PqbnAWucjGdf13LeA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
3397
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=382549024815330&ev=PageView&dl=https%3A%2F%2Fdoremi88-ouc.site%2F&rl=https%3A%2F%2Fberitaluar.com%2F&if=false&ts=1732942199478&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732942199475.41237849130119125&cs_est=true&ler=other&cdl=API_unavailable&it=1732942199120&coo=false&rqm=GET
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=33, rtx=0, c=23, mss=1232, tbw=6150, tp=15, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 30 Nov 2024 04:49:59 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=382549024815330&ev=PageView&dl=https%3A%2F%2Fdoremi88-ouc.site%2F&rl=https%3A%2F%2Fberitaluar.com%2F&if=false&ts=1732942199478&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732942199475.41237849130119125&cs_est=true&ler=other&cdl=API_unavailable&it=1732942199120&coo=false&rqm=FGET
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7442930072695383808"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 30 Nov 2024 04:49:59 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
g4vcS0AK8C58ipCX6+dft5qrFvqhitco/ID21N5cudRrfpyb3rV8C7xdWmYLY4ui1LkWex3llhAvKWIM9B4s/w==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7442930072695383808", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=24, mss=1232, tbw=10742, tp=26, tpl=0, uplat=81, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
1697839121016552
connect.facebook.net/signals/config/ 		29 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1697839121016552?v=2.9.176&r=stable&domain=doremi88-ouc.site&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C126%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b91b91617440ca8d0f6b2262a8d6439a2e64e6395d87d0041644a8117a31f29e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-WYakQoWC' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 30 Nov 2024 04:49:59 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-WYakQoWC' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=0, c=86, mss=1232, tbw=92505, tp=89, tpl=0, uplat=40, ullat=0
pragma
public
x-fb-debug
L6tMNDcploVoG+eeGhoIHnyjsjGD5VPjTH0pCAKPHEba8phKnrbbnMQQnACEXWW+aw/YvA5UZxsukBgiCSXiiQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1558964875001603&ev=PageView&dl=https%3A%2F%2Fdoremi88-ouc.site%2F&rl=https%3A%2F%2Fberitaluar.com%2F&if=false&ts=1732942199533&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732942199475.41237849130119125&cs_est=true&ler=other&cdl=API_unavailable&it=1732942199120&coo=false&rqm=GET
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=33, rtx=0, c=23, mss=1232, tbw=5830, tp=13, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 30 Nov 2024 04:49:59 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1558964875001603&ev=PageView&dl=https%3A%2F%2Fdoremi88-ouc.site%2F&rl=https%3A%2F%2Fberitaluar.com%2F&if=false&ts=1732942199533&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732942199475.41237849130119125&cs_est=true&ler=other&cdl=API_unavailable&it=1732942199120&coo=false&rqm=FGET
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7442930070719655900"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 30 Nov 2024 04:49:59 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
ahQOTkFgeAyd3yqBoDfVRvVcedIFiZq4ccqdgWp8JlZBBa6Amxf9p0Rfxtp8Scr9LwN3JVe2MxQvNzBiahEjRw==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7442930070719655900", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=24, mss=1232, tbw=9814, tp=24, tpl=0, uplat=73, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1697839121016552&ev=PageView&dl=https%3A%2F%2Fdoremi88-ouc.site%2F&rl=https%3A%2F%2Fberitaluar.com%2F&if=false&ts=1732942199619&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732942199475.41237849130119125&cs_est=true&ler=other&cdl=API_unavailable&it=1732942199120&coo=false&rqm=GET
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=24, mss=1232, tbw=6438, tp=19, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 30 Nov 2024 04:49:59 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1697839121016552&ev=PageView&dl=https%3A%2F%2Fdoremi88-ouc.site%2F&rl=https%3A%2F%2Fberitaluar.com%2F&if=false&ts=1732942199619&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732942199475.41237849130119125&cs_est=true&ler=other&cdl=API_unavailable&it=1732942199120&coo=false&rqm=FGET
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7442930071964408405"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 30 Nov 2024 04:49:59 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
TWp9Fk9LaPT7S4ckYVfLCqkt9kThBMQxFFm610pRUjXQrG0nPoDmLDCahtbnulO3WShl+rF1HzxkYgAfo5OErw==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7442930071964408405", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=24, mss=1232, tbw=6630, tp=21, tpl=0, uplat=26, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
twk-main.js
embed.tawk.to/_s/v4/app/67354992019/js/ 		121 B
376 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-main.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/64babf3a94cf5d49dc6553e7/1h5snm073
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://doremi88-ouc.site
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
br
cf-cache-status
MISS
etag
W/"da5bb1dc647470204df0e49f5afac2de"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 30 Nov 2024 04:50:00 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ea836d038f27d02-EWR
access-control-allow-origin
*
server
cloudflare
twk-vendor.js
embed.tawk.to/_s/v4/app/67354992019/js/ 		81 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-vendor.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/64babf3a94cf5d49dc6553e7/1h5snm073
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://doremi88-ouc.site
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"3b341e35b39f6195793ecaf5db7c1d63"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 30 Nov 2024 04:50:00 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ea836d038f57d02-EWR
access-control-allow-origin
*
server
cloudflare
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/67354992019/js/ 		212 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-vendors.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/64babf3a94cf5d49dc6553e7/1h5snm073
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
194c4fa82fa9bf5897963b335fddcfdb462fe898cafbe8b2eb72a9803f2db05f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://doremi88-ouc.site
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"77a40166698f808a0942865537165b0f"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 30 Nov 2024 04:50:00 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ea836d038f67d02-EWR
access-control-allow-origin
*
server
cloudflare
twk-chunk-common.js
embed.tawk.to/_s/v4/app/67354992019/js/ 		223 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-common.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/64babf3a94cf5d49dc6553e7/1h5snm073
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b17f212fc06e1cde0574bdd1ee89d507461f5777e3039c725dbb40b5ebb3f192
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://doremi88-ouc.site
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"ae0a97d1265892fc012190aa72881581"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 30 Nov 2024 04:50:00 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ea836d038f77d02-EWR
access-control-allow-origin
*
server
cloudflare
twk-runtime.js
embed.tawk.to/_s/v4/app/67354992019/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/64babf3a94cf5d49dc6553e7/1h5snm073
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41c6e86ff4eff6723f15faa7650734836876f67fd98e91d08908115271eac6e5
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://doremi88-ouc.site
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"895415bbe1b8cf97aef258d17cb33187"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 30 Nov 2024 04:50:00 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ea836d038f87d02-EWR
access-control-allow-origin
*
server
cloudflare
twk-app.js
embed.tawk.to/_s/v4/app/67354992019/js/ 		151 B
400 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-app.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/64babf3a94cf5d49dc6553e7/1h5snm073
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://doremi88-ouc.site
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
br
cf-cache-status
MISS
etag
W/"e736e189edb5d0d9d5b8e7f23dd9114a"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 30 Nov 2024 04:50:00 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ea836d038fa7d02-EWR
access-control-allow-origin
*
server
cloudflare
favicon_83c9fa77-602c-4e6e-bb7f-1a116270a9a1_1732793309877.png
api2-d8r.imgnxa.com/images/d8r/ 		5 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://api2-d8r.imgnxa.com/images/d8r/favicon_83c9fa77-602c-4e6e-bb7f-1a116270a9a1_1732793309877.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
fb9ac9a301a69477a6fd6181bf370253e54a9337bfde2eb052e9d0c91af740ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"8da642e28841db1:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1nLns2FL0zeHWqB0jZNIqL%2FwARlL%2FD%2BTLXqkfHs3753T478biMePO0rjbzEKn3hAVkwebhpSuWtqwAL4u%2BFFr%2FsOLETyzA%2FcqUEtGCLQRtLYGmM9nC%2BZ0XlVFKckyz%2FMMFrfxHkVSL%2Fr5ZWtfvNudyY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ea836d059fa7cb2-EWR
accept-ranges
bytes
server-timing
cfL4;desc="?proto=TCP&rtt=9735&min_rtt=9410&rtt_var=124&sent=2195&recv=429&lost=0&retrans=0&sent_bytes=2952100&recv_bytes=2892&delivery_rate=53335704&cwnd=1134&unsent_bytes=0&cid=861ce7d7bbe1505c&ts=1681&x=0"
content-length
5400
date
Sat, 30 Nov 2024 04:50:00 GMT
content-type
image/png
last-modified
Thu, 28 Nov 2024 11:30:10 GMT
x-powered-by
ASP.NET
server
cloudflare
vary
Accept-Encoding
widget-settings
va.tawk.to/v1/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/widget-settings?propertyId=64babf3a94cf5d49dc6553e7&widgetId=1h5snm073&sv=null
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a0f86b0f67b065855d35786f67bb091eca0b0ef3b3a5d168aa6b34a408683cb
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

access-control-max-age
3600
content-encoding
gzip
cf-cache-status
MISS
etag
W/"2-85-0"
access-control-allow-methods
GET,OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 30 Nov 2024 04:50:00 GMT
content-type
application/json
x-served-by
visitor-application-preemptive-q4s2
vary
Accept-Encoding
priority
u=1,i
access-control-allow-headers
content-type,x-tawk-token
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=7200, s-maxage=1800
cf-ray
8ea836d1eaef7d02-EWR
access-control-allow-origin
*
server
cloudflare
start
va.tawk.to/v1/session/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/session/start
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:2c8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fc4cf9131aefd98cd6db2a85f5d386f2b93c645c22381decf25441485703179
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json; charset=utf-8
Referer
https://doremi88-ouc.site/

Response headers

access-control-max-age
3600
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 30 Nov 2024 04:50:00 GMT
content-type
application/json
x-served-by
visitor-application-preemptive-rhsl
vary
Accept-Encoding
priority
u=1,i
access-control-allow-headers
content-type,x-tawk-token
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-credentials
true
cf-ray
8ea836d2ff60de99-EWR
access-control-allow-origin
https://doremi88-ouc.site
server
cloudflare
start
va.tawk.to/v1/session/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/session/start
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://doremi88-ouc.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-tawk-token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://doremi88-ouc.site
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400
cache-control
public, s-maxage=600, max-age=600
cf-cache-status
DYNAMIC
cf-ray
8ea836d1fb0c7d02-EWR
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 30 Nov 2024 04:50:00 GMT
priority
u=1,i
server
cloudflare
server-timing
cfExtPri
strict-transport-security
max-age=0; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-served-by
visitor-application-preemptive-xzz7
id.js
embed.tawk.to/_s/v4/app/67354992019/languages/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/languages/id.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93f46cba9f7da46734b616e9a2ec774b8b919f85f2034f32af47921c8cb3651d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"a1b9d49a428f23b0972d5095f8e0d7e8"
age
1377093
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 30 Nov 2024 04:50:00 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ea836d30eaac46b-EWR
access-control-allow-origin
*
server
cloudflare
twk-chunk-bf24a88e.js
embed.tawk.to/_s/v4/app/67354992019/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-bf24a88e.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf0bb2630fde34a664dc471d3a575a72c37b5a96cb74fcafb92ca7f17fefbe40
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"c96127c9a0429d69fecbeb73fd410443"
age
355845
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 30 Nov 2024 04:50:00 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-cache-status
STALE
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ea836d3ff88c46b-EWR
access-control-allow-origin
*
server
cloudflare
twk-chunk-71978bb6.js
embed.tawk.to/_s/v4/app/67354992019/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-71978bb6.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3e24c6486aaebd7397266feec4133d7ece6c169444a438e5ccd93d7aa89246d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"adcf466d8e820d5dd8a7df9975fcba50"
age
346660
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 30 Nov 2024 04:50:00 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ea836d3ff8cc46b-EWR
access-control-allow-origin
*
server
cloudflare
twk-chunk-f1565420.js
embed.tawk.to/_s/v4/app/67354992019/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-f1565420.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c794b77e334506d36bd79580f6d33ccedc6d13b5c05b2b701123399d3d49947
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"1f098cd7a811a2ceef21d53835262c2d"
age
1377153
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 30 Nov 2024 04:50:00 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ea836d3ff8dc46b-EWR
access-control-allow-origin
*
server
cloudflare
twk-chunk-4fe9d5dd.js
embed.tawk.to/_s/v4/app/67354992019/js/ 		906 B
696 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-4fe9d5dd.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"1c5ecf371149feca23bd895ba9dfec4d"
age
335357
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 30 Nov 2024 04:50:00 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ea836d3ff8fc46b-EWR
access-control-allow-origin
*
server
cloudflare
twk-chunk-2d0b9454.js
embed.tawk.to/_s/v4/app/67354992019/js/ 		535 B
607 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-2d0b9454.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"c506281367048d4a134c9affbc68c8c6"
age
320902
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 30 Nov 2024 04:50:00 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ea836d3ff90c46b-EWR
access-control-allow-origin
*
server
cloudflare
twk-chunk-7c2f6ba4.js
embed.tawk.to/_s/v4/app/67354992019/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-7c2f6ba4.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
357f86eb123b4e1a850f2583a8779a9171a61b98284cea3c89fb285e1baebb81
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"977b0aa25f349861d14d837b480e5615"
age
168654
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 30 Nov 2024 04:50:00 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-cache-status
STALE
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ea836d3ff92c46b-EWR
access-control-allow-origin
*
server
cloudflare
twk-chunk-24d8db78.js
embed.tawk.to/_s/v4/app/67354992019/js/ 		120 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-24d8db78.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e42428b7cf745a93ba7853cdb58324b7e0121fbbeb5f61be5479d73e384be104
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"ad43e469764eb884ca6ab070740c1931"
age
79899
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 30 Nov 2024 04:50:00 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ea836d3ff95c46b-EWR
access-control-allow-origin
*
server
cloudflare
min-widget.css
embed.tawk.to/_s/v4/app/67354992019/css/ Frame 1654 		24 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/css/min-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-bf24a88e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69fb03e8827d27e64583979ae09fe2242047e15c953e7aa3a85b9af66a031cbd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"2d7f176b563b25833791f4844819b5ee"
age
1377162
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 30 Nov 2024 04:50:01 GMT
content-type
text/css
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ea836d4681bc46b-EWR
access-control-allow-origin
*
server
cloudflare
bubble-widget.css
embed.tawk.to/_s/v4/app/67354992019/css/ Frame AA99 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/css/bubble-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-bf24a88e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb4d72e4e2a01c6eb415c6645a0e9da33f5e85afe211230132f59341e1f1a23e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"ce7913b80c763449b3895d46419f7a6b"
age
1377154
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 30 Nov 2024 04:50:01 GMT
content-type
text/css
last-modified
Thu, 14 Nov 2024 00:52:20 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ea836d47855c46b-EWR
access-control-allow-origin
*
server
cloudflare
max-widget.css
embed.tawk.to/_s/v4/app/67354992019/css/ Frame F65B 		79 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/css/max-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-bf24a88e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b24be039d81d334a5b082bd6c883988e026ca276debc7bea3b4941d4146abd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"d20ad407080e4c57efd32ce36955d7db"
age
1377162
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 30 Nov 2024 04:50:01 GMT
content-type
text/css
last-modified
Thu, 14 Nov 2024 00:52:20 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ea836d4c8a5c46b-EWR
access-control-allow-origin
*
server
cloudflare
3fb4a4a019b8fafea163b5814cfa2564c8b705e2
tawk.link/64babf3a94cf5d49dc6553e7/var/chat_bubble/ Frame AA99 		101 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tawk.link/64babf3a94cf5d49dc6553e7/var/chat_bubble/3fb4a4a019b8fafea163b5814cfa2564c8b705e2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4ad0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3fec39bc70f5cb203c371b3fc3130967a024aa0bcc49ddd4e2ea754076fb99ba
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

server
cloudflare
strict-transport-security
max-age=600
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YAtBQLDfrzk2aN3YEJYUBW%2FYbUK6l%2BYAIF6Q42Tp4lD7OfBBlxy%2FASqJSH8S%2BkPU3cd%2FmDSDs%2FHuret8zFT5BwKmlw7hLJCk8BPdjmiJGJKtW1KN7%2FItAFlrLrw5gAixCNxL6GNxSIM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ea836d59ef68cb3-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=10419&min_rtt=9072&rtt_var=4191&sent=7&recv=9&lost=0&retrans=0&sent_bytes=4000&recv_bytes=2311&delivery_rate=449735&cwnd=254&unsent_bytes=0&cid=46c21a9a4716df94&ts=380&x=0"
date
Sat, 30 Nov 2024 04:50:01 GMT
content-type
application/octet-stream
x-powered-by
Express
vary
Accept-Encoding
last-modified
Sat, 30 Nov 2024 04:50:01 GMT
tawk-font-icon-2.woff2
embed.tawk.to/_s/v4/assets/fonts/ Frame AA99 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/assets/fonts/tawk-font-icon-2.woff2?55755728=
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/css/bubble-widget.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://doremi88-ouc.site
Referer
https://embed.tawk.to/_s/v4/app/67354992019/css/bubble-widget.css

Response headers

cf-cache-status
MISS
etag
"054b3b66812d0a4b87ffc6776f0a42f1"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 30 Nov 2024 04:50:01 GMT
content-type
font/woff2
last-modified
Sat, 22 May 2021 07:25:13 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ea836d4ee837d02-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
10520
server
cloudflare
v3
va.tawk.to/log-performance/ 		5 B
314 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/log-performance/v3
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json; charset=utf-8
Referer
https://doremi88-ouc.site/

Response headers

access-control-max-age
3600
content-encoding
br
cf-cache-status
DYNAMIC
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 30 Nov 2024 04:50:01 GMT
content-type
text/html; charset=utf-8
x-served-by
visitor-application-preemptive-vxqt
vary
Accept-Encoding
priority
u=1,i
access-control-allow-headers
content-type,x-tawk-token
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-credentials
true
cf-ray
8ea836d6c9687d02-EWR
access-control-allow-origin
https://doremi88-ouc.site
server
cloudflare
v3
va.tawk.to/log-performance/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/log-performance/v3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://doremi88-ouc.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-tawk-token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://doremi88-ouc.site
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400
cache-control
public, s-maxage=600, max-age=600
cf-cache-status
DYNAMIC
cf-ray
8ea836d648cc7d02-EWR
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 30 Nov 2024 04:50:01 GMT
priority
u=1,i
server
cloudflare
server-timing
cfExtPri
strict-transport-security
max-age=0; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-served-by
visitor-application-preemptive-x69d
twk-chunk-495d98f9.js
embed.tawk.to/_s/v4/app/67354992019/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-495d98f9.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24d3b68eff82514b3d7ffd3460fd67a4d0a821919010a53d6f53e74920ec242e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"e11ad90f2d065f3f94e0c16c08e19320"
age
65014
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 30 Nov 2024 04:50:01 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-cache-status
MISS
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ea836da1e4fc46b-EWR
access-control-allow-origin
*
server
cloudflare
twk-chunk-2d0b345a.js
embed.tawk.to/_s/v4/app/67354992019/js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-2d0b345a.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e4d3f997eb288150a445d9ea191814a28c7f7b4c9031e6f39613b0b7ed0ed59
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"f2ff65d3846e6b9bb5c9677c0b5525a9"
age
154895
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 30 Nov 2024 04:50:01 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 00:52:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-cache-status
MISS
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ea836da3e71c46b-EWR
access-control-allow-origin
*
server
cloudflare
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 		295 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
age
930739
x-content-type-options
nosniff
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Sat, 30 Nov 2024 04:50:02 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220140-FRA, cache-ewr-kewr1740077-EWR
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
41275
Tawky_16x16.svg
embed.tawk.to/_s/v4/assets/images/ Frame F65B 		16 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embed.tawk.to/_s/v4/assets/images/Tawky_16x16.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
982b9f89de8ddb517d81a1e199ded4cde7434a191c5ba01cd53bf7fb3822fa56
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"383b2c032d2e683a6e0e929ba7a9c25d"
age
145127
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 30 Nov 2024 04:50:01 GMT
content-type
image/svg+xml
last-modified
Fri, 29 Jul 2022 11:35:20 GMT
vary
Accept-Encoding
priority
u=3,i
x-cache-status
MISS
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8ea836da5e9bc46b-EWR
access-control-allow-origin
*
server
cloudflare
apk1.png
raw.githubusercontent.com/bannerku/ads/main/ Frame F65B 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raw.githubusercontent.com/bannerku/ads/main/apk1.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8003::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9e50a0f72e9a051c425eef2583d15fc6145bf8c323f95b5b8a35df7865b85846
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-fastly-request-id
752029f8b2cf8638a1f30668f9487f65ecadbc26
etag
W/"d62560d9702387b43381e4909ee71e1643c9b54a7e0e96ac7c1092263f489767"
x-content-type-options
nosniff
x-github-request-id
B764:2AC8A4:73FAB1:802DBA:674A9979
expires
Sat, 30 Nov 2024 04:55:02 GMT
x-cache
HIT
date
Sat, 30 Nov 2024 04:50:02 GMT
content-type
image/png
x-served-by
cache-ewr-kewr1740065-EWR
x-cache-hits
1
source-age
0
x-frame-options
deny
strict-transport-security
max-age=31536000
vary
Authorization,Accept-Encoding,Origin
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
cache-control
max-age=300
x-timer
S1732942202.155963,VS0,VE86
cross-origin-resource-policy
cross-origin
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
12390
x-xss-protection
1; mode=block
44483650f13ab29bab50059cefa8f97bcac99866.jpg
tawk.link/64babf3a94cf5d49dc6553e7/var/trigger-images/ Frame F65B 		242 KB
243 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tawk.link/64babf3a94cf5d49dc6553e7/var/trigger-images/44483650f13ab29bab50059cefa8f97bcac99866.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4ad0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3f9e77441ddbe4ab922f66729a193caeb4b144ce04d7b6e929d85582b3d7a865
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

server
cloudflare
strict-transport-security
max-age=600
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IktJrAV2%2B9%2BCWdD8F2I78yPNAU8rpkn8AHCXKpEJH3ROWAtwocHVxz1oywfDg6OuRHYOKApoVDpoZ9GVM4aOXHnyiGBDZdKZVLGaNnFQCmQSi2D0HoBQPb65D51TX7bofIt95StZcFs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ea836da5b3e8cb3-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=9871&min_rtt=9002&rtt_var=738&sent=343&recv=60&lost=0&retrans=0&sent_bytes=393728&recv_bytes=2512&delivery_rate=8905006&cwnd=320&unsent_bytes=0&cid=46c21a9a4716df94&ts=1134&x=0"
date
Sat, 30 Nov 2024 04:50:02 GMT
content-type
image/jpeg
x-powered-by
Express
vary
Accept-Encoding
last-modified
Sat, 30 Nov 2024 04:50:02 GMT
r_acGrIST3.png
tawk.link/64babf3a94cf5d49dc6553e7/var/logo/ Frame F65B 		276 KB
277 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tawk.link/64babf3a94cf5d49dc6553e7/var/logo/r_acGrIST3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4ad0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5e117d7dfd6da203c4729d5155563a8c08cb89ef54ef0c16a48727df0caac342
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

server
cloudflare
strict-transport-security
max-age=600
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=axqMHdQN3gRrhrAa2WTipZnd1Pt4Qd%2BNMSpWQ4BwLdboySE2pETyfh%2BxEGQqAi6s2oo%2FoCpsedurhi6axOEFEs9NkengOWEQuHQEOBBPduAW3dtBfwi8XYrIII1UdCUTn4xoc8u%2F4Fw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ea836da5b408cb3-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=13268&min_rtt=9002&rtt_var=7460&sent=113&recv=30&lost=0&retrans=0&sent_bytes=109558&recv_bytes=2512&delivery_rate=6334062&cwnd=267&unsent_bytes=0&cid=46c21a9a4716df94&ts=1016&x=0"
date
Sat, 30 Nov 2024 04:50:02 GMT
content-type
image/png
x-powered-by
Express
vary
Accept-Encoding
last-modified
Sat, 30 Nov 2024 04:50:02 GMT
tawk-font-icon-2.woff2
embed.tawk.to/_s/v4/assets/fonts/ Frame F65B 		10 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/assets/fonts/tawk-font-icon-2.woff2?55755728=
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/css/max-widget.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://doremi88-ouc.site
Referer
https://embed.tawk.to/_s/v4/app/67354992019/css/max-widget.css

Response headers

cf-cache-status
MISS
etag
"054b3b66812d0a4b87ffc6776f0a42f1"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 30 Nov 2024 04:50:01 GMT
content-type
font/woff2
last-modified
Sat, 22 May 2021 07:25:13 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-cache-status
HIT
cache-control
public, max-age=2592000, immutable
cf-ray
8ea836d4ee837d02-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
10520
server
cloudflare
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-QMQ39J1K4X&gtm=45je4bk0v9195920728za200&_p=1732942198190&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1976986251.1732942198&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1732942198&sct=1&seg=0&dl=https%3A%2F%2Fdoremi88-ouc.site%2F&dr=https%3A%2F%2Fberitaluar.com%2F&dt=Link%20Alternatif%20-%20Login%20-%20Rtp%20-%20Daftar%20-%20slot%20-%20Doremi88&en=scroll&epn.percent_scrolled=90&_et=10&tfd=5871
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QMQ39J1K4X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://doremi88-ouc.site/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://doremi88-ouc.site
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 30 Nov 2024 04:50:03 GMT
content-type
text/plain
server
Golfe2
progressive-jackpot
jp-api.namesvr.dev/ 		14 B
1020 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jp-api.namesvr.dev/progressive-jackpot
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/bundles/desktop-js?v=cutZqRUl5nVP6bqFHEzmWucvTXKSe1BUtGgAVYDz6AQ1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:c0c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b201726675f9625b5631dd00a157844ec7b01048bc413adbe4ab95a7fd944cd
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://doremi88-ouc.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/json; charset=utf-8

Response headers

strict-transport-security
max-age=15552001; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UxwtMQSE2DohtMVeWIGJyK9AlYY5RxWh7QuKwvXGgGijc4jC7DVedWL687lL3v9aNjbnplxQYf2cD%2FlGS4142fTSVpKrhWxq7X5DaoYc1mcmGwXvFr8Zx%2B441VxtRuAQwFz9wYkJrOy2SMxmZf5oyWE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8ea836e73fbbc325-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28733&min_rtt=27523&rtt_var=3163&sent=15&recv=13&lost=0&retrans=0&sent_bytes=6258&recv_bytes=5187&delivery_rate=4209&cwnd=12000&unsent_bytes=0&cid=e3302acc88302d98&ts=4871&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 30 Nov 2024 04:50:04 GMT
x-xss-protection
1; mode=block
content-type
application/json; charset=utf-8
server
cloudflare
priority
u=1,i
online
doremi88-ouc.site/session/ 		56 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://doremi88-ouc.site/session/online
Requested by
Host: doremi88-ouc.site
URL: https://doremi88-ouc.site/bundles/desktop-js?v=cutZqRUl5nVP6bqFHEzmWucvTXKSe1BUtGgAVYDz6AQ1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:cf8a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ada54267efab66fc4e94fc1449d3fca7b2a03801c9c8bc0d3acc39e1f1f8a2e
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://doremi88-ouc.site/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/json; charset=utf-8

Response headers

strict-transport-security
max-age=15552001; includeSubDomains
cache-control
private, s-maxage=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mcOdpR8wHBoHN%2FD8vecEfR3IMrLUXyHByRwlxp152QYxOlDRGjlJvPFG64QpYMOcxgrpwpSRxPAofLiTEIyHtz0wCirYf4p6vKii1xI4hCeRTj7Wikks%2BFxWUzfOMlJWa%2BTB9uiy9%2FO9jmYBHMRyTg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8ea836e83c6419cf-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31808&min_rtt=27890&rtt_var=1242&sent=505&recv=120&lost=7&retrans=7&sent_bytes=563655&recv_bytes=18636&delivery_rate=1321105&cwnd=89880&unsent_bytes=0&cid=9d47f7ab4075f23c&ts=6745&x=1", cfHdrFlush;dur=0
date
Sat, 30 Nov 2024 04:50:04 GMT
x-xss-protection
1; mode=block
content-type
application/json; charset=utf-8
server
cloudflare
x-frame-options
SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| ardFunction function| fbq function| _fbq object| $jscomp object| html5 object| Modernizr function| yepnope function| $ function| jQuery object| jQuery110204763905520715521 function| introJs function| Decimal function| onAjaxRequestSuccess function| onAjaxRequestBegin function| onAjaxRequestComplete function| changeLanguage function| closeWindows function| closeWindowsAndIframe function| openPopup function| openNewTab function| dispatchInternally function| registerPopup function| setInnerHtmlWithScripts function| initializeExpirations function| initializeCaptcha function| readCookie function| writeCookie function| initializeCurrency function| initializeIntro function| initializeWalletIntro function| formatAccountNumber function| initializeCopyAccountNumber number| conversionRate string| thousandSeparator function| toCurrencyValue function| toOriginalValue function| toLocalCurrencyFormat object| Tawk_API object| Tawk_LoadStart string| $_Tawk_AccountKey string| $_Tawk_WidgetId object| $_Tawk object| tawkJsonp function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| Tawk_Window object| emojione

11 Cookies

Domain/Path Name / Value
doremi88-ouc.site/ Name: ASP.NET_SessionId
Value: p3adbwtjp1h43gbjt4b5tvmw
doremi88-ouc.site/ Name: popup-home-page
Value: true
doremi88-ouc.site/ Name: __RequestVerificationToken
Value: LECYg-8JdwPfBt7oCKnJ0H5fc7RTnORkpBLOSduHZQjjEg0K52A3jBfjgWsVlXiT3wnnMl5RJSEI1sMXLv-19hPCaOhmh2emkdFadv2c_eY1
.doremi88-ouc.site/ Name: _ga
Value: GA1.1.1976986251.1732942198
.doremi88-ouc.site/ Name: _ga_QMQ39J1K4X
Value: GS1.1.1732942198.1.0.1732942198.0.0.0
.doremi88-ouc.site/ Name: _fbp
Value: fb.1.1732942199475.41237849130119125
doremi88-ouc.site/ Name: twk_idm_key
Value: P0v5yULA8-twHC6jnTknU
doremi88-ouc.site/ Name: TawkConnectionTime
Value: 0
.doremi88-ouc.site/ Name: twk_uuid_64babf3a94cf5d49dc6553e7
Value: %7B%22uuid%22%3A%221.92PKQgp4W1raOwFbePgT9jYbAXiFdgcGk5cPAfrfAfWMWiqu8rbDx0jDq9w9kHDmgtpvsvV8Uh1MVYyi0qSrwaruFZ9EGDaDnsMno54vYC0yrBBYJ8gdkC2ylEvB%22%2C%22version%22%3A3%2C%22domain%22%3A%22doremi88-ouc.site%22%2C%22ts%22%3A1732942200932%7D
doremi88-ouc.site/ Name: AWSALBTG
Value: Iyf0wKegGdxMfU+q9auXhUYsLxm/Jc3BHuK2LR4Kbr7OQgNeIzlycyiLDCE5+5i7dlQxcBY04h0zEXpOXIjzeoCFmgoNTriKtuJdvkpgBVYFhd8ltLF0l/gwxulWmjyUSRRAMsNDPK1cX3YJ8B+CJgOhNWIE236lMKKREKzzitnUN07pdx8=
doremi88-ouc.site/ Name: AWSALB
Value: EVYbgdUDIFvQ3GPyhp+r77OAlripy6v2CmtSXARnxdMshijq4hPCPI8PFXcYQkMlHRqHTI0hhwWtpvBbBrbgfxPCk9Ap+hZ3EZkahfPqpkoa/wOmJbrT6Of03maJ

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://doremi88-ouc.site/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2-d8r.imgnxa.com
beritaluar.com
cdn.jsdelivr.net
connect.facebook.net
d2rzzcn1jnr24x.cloudfront.net
doremi88-0gd.site
doremi88-ouc.site
embed.tawk.to
fonts.googleapis.com
godisfavor.com
jp-api.namesvr.dev
raw.githubusercontent.com
tawk.link
va.tawk.to
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
2600:9000:2501:e400:c:5e6d:a440:21
2606:4700:10::6816:2c8e
2606:4700:10::ac43:f0e
2606:4700:20::681a:ecb
2606:4700:3032::ac43:c0c4
2606:4700:3036::6815:4ad0
2606:4700:3036::6815:5480
2606:4700:3037::6815:5c1b
2606:4700:3037::ac43:b5a2
2606:4700:3037::ac43:cf8a
2606:50c0:8003::154
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c17::61
2607:f8b0:4004:c1d::65
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
2a04:4e42:600::485
0409f0f345b2a93d35a1afe7a0d909bbda343f0258f3902e8233bb3b6b17ad94
049251f633609950a24d3a533cf4941408eb167b4008c0d794583394d9611d7a
0a589d28f3913c1b4f251f1c0bd1e12cc19a3cfda16cda96221b2ede05230356
0b42196e536a2985d015bfa23dfc8025ac1ded242707102cc4342e510cde0f9a
0b465abf4914335e6d2311fd3554d14cf97d2d540b67d1d87492f81793e2f31a
0ba039e8908fab4f413026522c323a9871698c3aefae2622fa7bc6b3ebc381e7
0e50bc47c56ad5566f451b7f3f31a43b17b7702796283207452328cde81c6a31
0fc4cf9131aefd98cd6db2a85f5d386f2b93c645c22381decf25441485703179
0fd96c7821ea9c55608a79e28f05880f36b0019f6bae97d361464d2aaa38ca80
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
15821c35c766752be967944e7920e766718565cb457028c051db497faf1e1fe9
15e1591b565a8c88315f120027aff93fafedd239ec551d91dc9aae8d13d0849e
194c4fa82fa9bf5897963b335fddcfdb462fe898cafbe8b2eb72a9803f2db05f
1a989fb8a82fab03747f7c4bfe3aa8e624379d7aa06d587cba61209e0b184b5e
1ada54267efab66fc4e94fc1449d3fca7b2a03801c9c8bc0d3acc39e1f1f8a2e
1b81a90d317b70f82719218970659a41b488eae52d89f93401a41bcc7b23f44e
1db58d5601dd8d3b42dec6c2a01eb97cc812efb938b5b6045453a2fb84d383af
1e4d3f997eb288150a445d9ea191814a28c7f7b4c9031e6f39613b0b7ed0ed59
1f4ca3ccb0e7847d8589abf8677c541874a93bd7acfc46796ea5dfb6339a9fea
2040fb5f97d0b43732d67120bcb429cf54c37612e211bfebed5efe17c243792d
239f2bcdb438e5df978cc693a0ae3f82609ed597c5dd33ca9199996571f318f7
24549c23d989d94cea0481e72f7c2b34badea68c4f5488ebbe9358fe7f7b0016
24d3b68eff82514b3d7ffd3460fd67a4d0a821919010a53d6f53e74920ec242e
269eff77c91e9697140c0249a73b1845f1980888480dcd91852759c07cc279c1
28db4437904a6273bd764ea4848c12af17e3c82c6faafa6c34d81dceeeb3364b
2991f771f85700b7f88a8944a66afcd96199467920eec36cbb7ea77b6028f1dc
2b201726675f9625b5631dd00a157844ec7b01048bc413adbe4ab95a7fd944cd
2b66b8e5635713b7b2c9819b194f28e4b61e8c6cf84d77fa67a6b8a119e7a9d7
2cb2c0fe30e736915cf45c452e9b42b5b71a8a613975d70119886bb0bb94e80d
2d429edaa747948401247f866db3422618b0730ec4888f4adc699d0afbf95f42
2e11dedfaf2b4a23ce120e63ec4fbe737fd51c14db823e5566993b4380356081
2e73ade7e69d68edcf4f85163c70094323e905675cae33b8b09ceae8373105cf
2ea14b8011f2330241a3f98a5b444db57214f133728ca671c86fa0d160ec5324
2fbedfe19a271f381fba8591adc77765ae24add830c31a23dd306e9d988fadee
2fca1a1caa240e49df0a3047f7e7835aa8eda37c815c6be7f223799a8aeefeb2
302f07a0c666aa1a497cdf887b675b36c8482cc42fda64b6e73af3511cc2220a
31fd49107a3e703d53c7c41c7a9b80dabebbf5f9672896450d4c289fb4bfe06f
32bddc228daaf74b248ebe9ed4d0875887211d79d0d35afc98f6efdd3665cff2
34fc55b9cb9ffc90e1dc7f4dca9e24a2c5b5ab19cc47fe9f672df07829958368
35142fe483ca1416affab4a0b41adc1e06bc5e40b620e89bb25035fd60aa016e
357f86eb123b4e1a850f2583a8779a9171a61b98284cea3c89fb285e1baebb81
35823b2a8268b9788d0f58393471396298cc1d3b068f0c414ef8a374fba57f8c
3697842e2ee3a7741155f8872935e644277663b4d83225f81f654f70c425d522
37727a7e1ef801691ac8cdf2f751401b722701346336af4154cd6b5976bf500f
3815eba1b61f8c9bc806b74b1c58330e07fd1e5f4c31b13785348e0a6ce4c03d
3a397a42d6a2156f0d80358983c8d9e868ab70f9d9fadd4ab74357aacad37c43
3a5ec12896091137a7fc414bf6c8cf4d875038e5388a937da1b25b1450ebd181
3dbc59ed2c52c1d34cf5645585aa4d6cdfcfc62e7ad691cd1dc06fd0fa6ec565
3f9e77441ddbe4ab922f66729a193caeb4b144ce04d7b6e929d85582b3d7a865
3fec39bc70f5cb203c371b3fc3130967a024aa0bcc49ddd4e2ea754076fb99ba
41c6e86ff4eff6723f15faa7650734836876f67fd98e91d08908115271eac6e5
41e5928402d722da096cae3af94f089cb6fd275c45cdfe6e69e8ff0d40f74a1b
45b1fe0c0379a3c71b9371e31bf453cb7bd9183cadc87a451725c7df6f51e284
465c5ff115fc15647c7ca37bdb1e405c389dbb5ddd5e60e33d6915ea8427b1dc
4abf3c38c0e85233cc2c8f59ee8ffe5a52679b4a32b4357cfd2e108c76a03f74
50407da9776ea5aae6510138735993cfaaba78ba43d7aeafcb72ff9310638706
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
52b7c7f870ecccf90b3fb498bca2e4d3974470bbc5246e301b97c113421e9868
548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305
583006cfa79a8b1f6458728d20c223a57247f57799b92ffe0cbe635a6319d9e0
58f1f1aab0385e7d3640cf788894e8d55ecd41ff45b6f3bb32fec839ecc93807
596139c627eb45c8e6c2bd6b2dd109edc666913578225853e655614e701cfa74
5e117d7dfd6da203c4729d5155563a8c08cb89ef54ef0c16a48727df0caac342
6001fc7fd22aa804e3a5dbc7852cea5bd1da9e42e5e8615f52b0ddd9b82e0c3c
61fc7ed265000892c743cb4fc7b1e154ece3698476145f93e6c2be125ba692a3
6217bca2305d976864bc4a5a6f9a9e2b72c2ebe01942d88e6261b1357af77c6b
651dd5586bcb45ce47b971d805047dcab5f3148c182aff0962ea2bfd6b3a19f4
65bbbc4d8b3a11201cf60b6b3a4222364979a6ec055a33149ca699e4f36b26a7
665767f3b477c3c012e79c7c21c5b3e1fb5997a83aeb7e2bcd7981fe35f83054
6859917f17c0b4ccd4e0f7944f49bc9b2968fb61a4593428cfd176613922f81b
6972eb83b09a5ae932ddf2a1a692bc2382922c3e44fb5067580a9e2ed32b40d3
69fb03e8827d27e64583979ae09fe2242047e15c953e7aa3a85b9af66a031cbd
6a0f86b0f67b065855d35786f67bb091eca0b0ef3b3a5d168aa6b34a408683cb
6ac569dc88565cef8f6e793728f5fa7398e2a4621ecda3f5f59982e30eced321
6ac69af7b68a165bec16b442ebb5f41f94f4b9f398faaebc3a2e9d998956cb19
6c277b593633b38496b1bd02f37b0dc516e9820e6aad76a7e734eebe9e2b1f10
6db312a99782ace951cc241a424d2c891a993a3c51d233b787aa08cac9c92a69
6f8db2adc18a2fd5ac5d2486d9852fd9685d5e00a8bb7e8078a665e253ce890b
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
71c12656535e99119c2a952c10554cd6f47c6923d2d96155a7833276e68992af
72c626776408c923e8399bd4ff9ddb0a8ffd26731d0203ac30e49e9f4726a8e7
73f1442defae0f148c800e7e14591759312e69a0cd63498a2f70e484d51ddaf1
760602e639af3e29a3a970194a37bb64f6fbeee1b54cf5b41e69fcfb56dac58c
77134f83a30c54d59ae478a3013c04a4dba1da5cdb043d7f6dc14464dceb8297
7724795d249fd9e6e68781a64f1b41deadd453c68b58bf45dbe9f3790c8a5cc7
78c5d3f0c294936ebeb6bd9a5568a2ebd72736f7f51ae22eada200ca0c90b7fb
799205a185a24932f10719eb3c63c80546d6384b00af9f5a6cad044b6a2806c2
7ba7a0b036892872de4e1081b23778b1de31b9e3e4c40fb57cb72c4b015dc363
7c794b77e334506d36bd79580f6d33ccedc6d13b5c05b2b701123399d3d49947
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
7f217ebd4c820f770092e873269e813b93d3c5e195e7018f01d02dd7bec119dc
7f7e3fcaf1a62294067a5bc2e49b180783940890628ecbdcd5a5901d28ba490e
804ef78ce3c4edc8595d8f27d3379ca388b72cb1054a5f3a57754af44f49f3c8
80d9ae182e6b9d7ae80f1b215a6e3592c8ae78f5aa37ea384cf935e7df6b9f60
828928a6299bf4754aa8d8a8c987add2296f2291cb09031181722a0bc988486d
836aa8ae22eab52480fbdc25c22d11c98c6cb94ba2e56b2a2d40871888fd36ee
88944437a27fc3fec25e65f3e1239190d6e780cbc74bf3bb42949f986ae457b0
88ac046560a9fdabfc22dd31a705be1e498f9616a5473396b76af366f720c78a
8ab86aec2d06c54afd5c40f732ac8564df62588e0afafe662553ceb8849bde14
8bae61b07b6ebf3539b93076b7ef69f71885c540c67905272bc9c3b16d5d8907
8cb5020541a925d56097ec88e9f8221509aba0382ef7536d0b3f02df2ee3593a
90e95cdf492ba6d8043b409833f2d098add7e96a5547bd7958511b896be3faf8
9191f17b9068c43921c043900892c07e21d5d1bead4e551b4434f9b2a14b66e0
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
937caa9fb7dc38a56b132922c32044bb06469a40c70eaebfb74c75c54497567f
939e2d8310308c502d893fd6eb789b735cee4c77ca137824dcc8ff48efdcea7f
93f46cba9f7da46734b616e9a2ec774b8b919f85f2034f32af47921c8cb3651d
949a640b4dc54a55ad39d79e89ba21b5eab4a5cca1c407e0451e283ea4ed5348
982b9f89de8ddb517d81a1e199ded4cde7434a191c5ba01cd53bf7fb3822fa56
98965766abf030ee208916843a7c54e386542598bddce5e4353be43a746c3109
98b77b04d4e5c2a80261acda07f5041157d14d4b5ed2414c24b6b30c4bea420d
99b9eea312a8c3947e60cb25e0dfe4a5af89f3832dba4fd285b197a62f403d7b
9e50a0f72e9a051c425eef2583d15fc6145bf8c323f95b5b8a35df7865b85846
9eb58e7045f2f4199edc5d7d8da5115f0660c1742e3755d84bda54c1258fc2d1
9f705a9a632fdc684f8ec28c106b3ba76dea21054da7e1b4af7c9fdded92ec22
a337e233cb2b47d66532673865878fb1a45b57aeccf86979aa72449757edbba7
a4e9ed35971a5a6f28747146723405072f7958131afab41b8f77189879eb11a2
a6cb36e0f9dd285032e9e19b2eebbcd66369743313562a4c72233ba70227780b
a7b24be039d81d334a5b082bd6c883988e026ca276debc7bea3b4941d4146abd
aa04933226b753236b014c280aaec838d2c24b533477ea097b1966a56c67414a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab8e1d6e7ba99228ceb4cf27e2111bc7cf5d844e3a0cea2c5caa318a9e8a64e6
ae3c1ce987a6eaf1bf60e769cf22291458e6aec9f7919c19f615041e31b9d31a
b17f212fc06e1cde0574bdd1ee89d507461f5777e3039c725dbb40b5ebb3f192
b31885928f3ec559312aef827929dddc7e66f5dcb00e3aae95a4c3b51d4cd1cd
b61a6780549a198771c8f2f302846c964cfc50d1b5eb311a8b05ab64d6f03ae3
b78979c0e3141e710a1acd2e5d9910bdcf5546a594fb6822472954a373bec5dc
b91b91617440ca8d0f6b2262a8d6439a2e64e6395d87d0041644a8117a31f29e
b9214af64afc3d402580903b50eddc38073d192a8d830fe624986052bf848046
b9d65eb417b0a7e589dfb87fe0cbab2dbc005eee3ba1ac8c93a50e6cff711a07
ba462f8e65f49b3d435bd13f91f08d60916e441534364693e1a69011414f398c
ba5178066dbd93ae3ef145321599192c3019fee69e181e899a10f25cade46b2c
be13203c28bd1f7829f291ef246decd34c7142ac831e072206358b7922548bca
c0cae240e564382b23ae26969d9a883e87019f5f6bd1045000ab2aefd8630e54
c3e24c6486aaebd7397266feec4133d7ece6c169444a438e5ccd93d7aa89246d
c5297c2b1f1cf546c75b64081e01eca499f84a16b6b5173d1603111fb216be6f
c75d99ad89487826f15dc57295a1c09c60954aee29c837079d511063dfa19c42
c7c15c86b3ef1c28484bda7b2d55568f7e4c7e5eab2f0f09d4dc5aa00b26e2a4
cbf8ea136cb9875f6548ddfeb8eaf0290fab91b50610dfdd8583f5bc8644e04d
cdb1815b5776953153bac927f409e9030393dedbd1b0358a34048d4e9e19eeea
cf0bb2630fde34a664dc471d3a575a72c37b5a96cb74fcafb92ca7f17fefbe40
d09ca1ab4be20d0c2b9b2546d5f93afc71a1440397952c708d229799d0743216
d5764279fe4b7e27d481581b1b68590f32574d05d0fb52a89a7b3c9628aba0c4
d7078eb6fc05ccb9a535bb4011fe1053b8a8404174b4144ee7d426921a77f836
db853f8df3ba4c39616b2461d9d3cecc6d410e2d63fb77231d39cc2c2423937b
de815985cca45ef8e93e564749333bbf84be1a054961f86a06b038ef56464fed
e0a0dccea09a521a7291d80c32b495190cef9d876a14108509984ba6a26949de
e21ac0c0364efa961c96147f5397b10f27ca3aab2edfd4a6bf450672274ab0dd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42428b7cf745a93ba7853cdb58324b7e0121fbbeb5f61be5479d73e384be104
e8eafdcdf94f13cf25a08e907e2a49f4823b208e2c1d4b01149539b728a53ea2
ea04a5398029b829693391006da9685a050a4e47c02f84095c1ff598acdb13ed
f430198522a74f81e7fbddbf2804530dda0bd698d06adf4e5486cf84a0fe50a6
f4adf30f59eeee394fccf390285ff49771ec2f41963665c0e6c0f78b5cb2532d
f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f70655c83177d426318baf2e7ed284b79e9651504e4fbfd8297fa14256acec2f
f71506a3f7e42100a0394e1626a19a300493a8606504d289d6f03e3393c2cf5d
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84
fb4d72e4e2a01c6eb415c6645a0e9da33f5e85afe211230132f59341e1f1a23e
fb9ac9a301a69477a6fd6181bf370253e54a9337bfde2eb052e9d0c91af740ea
fbdc0636d465b105711865dc4eff1adfd041b73736a5d6aa43a6582a2cf0cb2a
fce76ed9832ebe63dff55566f09f39e06282278a946fe156c061661c6f2c5fdb
fdbfdbab77e4d9176749cb70f0d9aee8a376c401a82b89ad38f4b26996c76469