tt2-plain-bonus-108a.oiudasi6.workers.dev Open in urlscan Pro
2606:4700:3034::ac43:a77f  Public Scan

URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Submission: On July 02 via api from US — Scanned from DE

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 181 HTTP transactions. The main IP is 2606:4700:3034::ac43:a77f, located in United States and belongs to CLOUDFLARENET, US. The main domain is tt2-plain-bonus-108a.oiudasi6.workers.dev.
TLS certificate: Issued by WE1 on June 23rd 2024. Valid for: 3 months.
This is the only time tt2-plain-bonus-108a.oiudasi6.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:303... 13335 (CLOUDFLAR...)
53 2a02:26f0:480... 20940 (AKAMAI-ASN1)
41 172.67.167.127 13335 (CLOUDFLAR...)
58 184.86.251.30 20940 (AKAMAI-ASN1)
1 2603:1026:300... 8075 (MICROSOFT...)
1 1 20.190.159.68 8075 (MICROSOFT...)
181 6
Apex Domain
Subdomains
Transfer
111 bing.com
r.bing.com — Cisco Umbrella Rank: 382
www.bing.com — Cisco Umbrella Rank: 35
www2.bing.com Failed
515 KB
43 workers.dev
tt2-plain-bonus-108a.oiudasi6.workers.dev
tt2-plain-bonus-108a.workers.dev Failed
828 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 63
1 KB
1 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 11
0 msn.com Failed
assets.msn.com Failed
181 5
Domain Requested by
110 r.bing.com tt2-plain-bonus-108a.oiudasi6.workers.dev
r.bing.com
43 tt2-plain-bonus-108a.oiudasi6.workers.dev tt2-plain-bonus-108a.oiudasi6.workers.dev
r.bing.com
1 www.bing.com r.bing.com
1 login.live.com 1 redirects
1 login.microsoftonline.com r.bing.com
0 www2.bing.com Failed r.bing.com
0 tt2-plain-bonus-108a.workers.dev Failed
0 assets.msn.com Failed tt2-plain-bonus-108a.oiudasi6.workers.dev
181 8
Subject Issuer Validity Valid
oiudasi6.workers.dev
WE1
2024-06-23 -
2024-09-21
3 months crt.sh
r.bing.com
Microsoft Azure ECC TLS Issuing CA 04
2024-06-24 -
2025-06-19
a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA
2024-05-27 -
2025-05-27
a year crt.sh

This page contains 3 frames:

Primary Page: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Frame ID: 5ADE4753D501371FEB22759FCBADB3C5
Requests: 182 HTTP requests in this frame

Frame: https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=fc5c836e-1a8a-48b6-8104-e747df153421&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%22202968DFC88343DA8E95DA4FDC6A64CE%22%7d
Frame ID: 3D6F25DA9DB583A68C876EDDAAFCA15C
Requests: 1 HTTP requests in this frame

Frame: https://www.bing.com/secure/Passport.aspx?popup=1&ssl=1
Frame ID: 1D5C58C20295BB1F946F26A8D5254A0F
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Bing

Page Statistics

181
Requests

86 %
HTTPS

50 %
IPv6

5
Domains

8
Subdomains

6
IPs

3
Countries

1343 kB
Transfer

3909 kB
Size

18
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 171
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1719902500&rver=6.0.5286.0&wp=MBI_SSL&wreply=https:%2F%2fwww.bing.com%2Fsecure%2FPassport.aspx%3Fpopup%3D1%26ssl%3D1&lc=3081&id=264960&checkda=1 HTTP 302
  • https://www.bing.com/secure/Passport.aspx?popup=1&ssl=1

181 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
tt2-plain-bonus-108a.oiudasi6.workers.dev/
43 KB
17 KB
Document
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a77f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fe549864979dbffac8705503e30c6ce1c2abbbdcafa4bc3e5f0dfbcebe16568
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
89cca6beec942bc5-FRA
content-encoding
br
content-security-policy-report-only
script-src https: 'strict-dynamic' 'report-sample' 'nonce-GmhtOAC7xEgdHSnw4gYPAmyX5sIbNsgyqsnlZtNyEqY='; base-uri 'self';report-to csp-endpoint
content-type
text/html; charset=utf-8
cross-origin-embedder-policy-report-only
'same-origin; report-to=\"crossorigin-errors\"'
cross-origin-opener-policy-report-only
'require-corp; report-to=\"crossorigin-errors\"'
date
Tue, 02 Jul 2024 06:41:39 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0,"include_subdomains":true}
p3p
CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
report-to
{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]} {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=binghp&ndcParam=QWthbWFp"}]} {"group":"crossorigin-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=binghp"}]}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
useragentreductionoptout
A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
vary
Accept-Encoding
x-cdn-traceid
0.06601302.1719902499.37028ec2
x-eventid
6683a123ed764aa39712ac60ae4af8ca
x-frame-options
SAMEORIGIN
th
tt2-plain-bonus-108a.oiudasi6.workers.dev/
237 KB
237 KB
Image
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/th?id=OHR.FisgardLighthouse_ROW4028957094_1920x1080.webp&qlt=50
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a77f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e7f31adb22e67432d230afc9b1060a3fa83bac5688a58483ec8f3de310cd8b9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:40 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
alt-svc
h3=":443"; ma=86400
content-length
242268
server
cloudflare
x-cdn-traceid
0.64601302.1719902500.2e6037f9
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
cache-control
public, max-age=691200
cf-ray
89cca6c208a42bc5-FRA
access-control-allow-headers
*
timing-allow-origin
*
ICf9X-WMafiZOnS_3M9RpM8994E.gz.js
r.bing.com/rp/
1 B
650 B
Script
General
Full URL
https://r.bing.com/rp/ICf9X-WMafiZOnS_3M9RpM8994E.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
AtUQRHwMLfUWfUcUVx5RxQ==
akamai-grn
0.56b31402.1719902500.9485f7ab
alt-svc
h3=":443"; ma=93600
content-length
21
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:03 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76B0A213F0
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
34c703b5-601e-002a-4b24-cadbbc000000
cache-control
public, no-transform, max-age=195642
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 04 Jul 2024 13:02:22 GMT
kb0OYlyDwOKxf5v502l3jtVAOXQ.gz.css
r.bing.com/rp/
126 B
777 B
Stylesheet
General
Full URL
https://r.bing.com/rp/kb0OYlyDwOKxf5v502l3jtVAOXQ.gz.css
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7474a8b3ff79ef4978d048750414478d0ea5b07b80ef115eff19a032b4d403ec

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
io7vE3Jh6/grIG0KyaHMvg==
akamai-grn
0.0ed01702.1719831411.cc4fd7a, 0.56b31402.1719902500.9485f7a6
alt-svc
h3=":443"; ma=93600
content-length
124
x-ms-lease-status
unlocked
last-modified
Fri, 15 Sep 2023 00:07:57 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DBB57FD0DF38C7
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
b9ca5f32-a01e-0057-0e56-afaa9f000000
cache-control
public, no-transform, max-age=7296
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 02 Jul 2024 08:43:16 GMT
7va1aft5eHd0VSMYUGmgmK0LUF4.gz.css
r.bing.com/rp/
826 B
1004 B
Stylesheet
General
Full URL
https://r.bing.com/rp/7va1aft5eHd0VSMYUGmgmK0LUF4.gz.css
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
72deb2e187f8a52261bc64b02f143536ee36416f5c2b8de97b2bc9e0ebcad421

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
JW0HaGpsKcGMWn2ykQucDw==
akamai-grn
0.56b31402.1719902500.9485f79f
alt-svc
h3=":443"; ma=93600
content-length
380
x-ms-lease-status
unlocked
last-modified
Thu, 25 Jan 2024 03:11:55 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC1D5362A58BA3
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
e8047ffb-401e-00ab-1ed3-c07b66000000
cache-control
public, no-transform, max-age=349710
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 06 Jul 2024 07:50:10 GMT
MfhjHHYqbidxsr9bY4khuERJlSw.gz.css
r.bing.com/rp/
3 KB
2 KB
Stylesheet
General
Full URL
https://r.bing.com/rp/MfhjHHYqbidxsr9bY4khuERJlSw.gz.css
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9dca95742d5b4f71596ce1cc91ca8cf545011c573fb1cf52104a1db869d9a1cc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
s6kFDNv2jQffPYM+gbQPvQ==
akamai-grn
0.56b31402.1719902500.9485f7a5
alt-svc
h3=":443"; ma=93600
content-length
1128
x-ms-lease-status
unlocked
last-modified
Thu, 06 Jun 2024 18:17:16 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC8654E59EE25E
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
b3ad0d3a-201e-0082-297e-b84512000000
cache-control
public, no-transform, max-age=307623
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 05 Jul 2024 20:08:43 GMT
uT4mLa756zUiOsX03-zk7duKYxY.gz.css
r.bing.com/rp/
52 B
694 B
Stylesheet
General
Full URL
https://r.bing.com/rp/uT4mLa756zUiOsX03-zk7duKYxY.gz.css
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
dc065bf8683425b4f24b5e0271ac77ed583efcca3b3cb6a987cbde358141e371

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
s9L5As4OqiluHgZ4LAgURw==
akamai-grn
0.56b31402.1719902500.9485f7a7
alt-svc
h3=":443"; ma=93600
content-length
72
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:01:28 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A767822CD21
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
39bf904f-b01e-007c-7621-ecceae000000
cache-control
public, no-transform, max-age=311522
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 05 Jul 2024 21:13:42 GMT
Nu24QKaix_pmtj3xPI3Uv4Mn41Y.gz.css
r.bing.com/rp/
44 KB
8 KB
Stylesheet
General
Full URL
https://r.bing.com/rp/Nu24QKaix_pmtj3xPI3Uv4Mn41Y.gz.css
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
36b0e5676d92356ea8ffd12828ca7583c41c4aff88ea7dc76c073bffb73a2036

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
2xQqHliLZRbijkoO+b63DA==
akamai-grn
0.56b31402.1719902500.9485f7a9
alt-svc
h3=":443"; ma=93600
content-length
7423
x-ms-lease-status
unlocked
last-modified
Mon, 03 Jun 2024 05:07:07 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC838B04314252
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
579ff07f-001e-0095-6923-b6ec19000000
cache-control
public, no-transform, max-age=87867
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 03 Jul 2024 07:06:07 GMT
rYRW5R5t081t3lsWSduHZoeaN7o.gz.css
r.bing.com/rp/
8 KB
3 KB
Stylesheet
General
Full URL
https://r.bing.com/rp/rYRW5R5t081t3lsWSduHZoeaN7o.gz.css
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
dac8d589b6835cd7ca53316af17d61f225fd51a3746dac9b4f48fa79eca5850e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
rUFTRThTXgRlhXVfH3yU2g==
akamai-grn
0.56b31402.1719902500.9485f7a8
alt-svc
h3=":443"; ma=93600
content-length
2322
x-ms-lease-status
unlocked
last-modified
Fri, 22 Mar 2024 20:42:10 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC4AB08C427C41
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
891e3beb-e01e-003a-3783-9d5f52000000
cache-control
public, no-transform, max-age=206457
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 04 Jul 2024 16:02:37 GMT
tlifxqsNyCzxIJnRwtQKuZToQQw.js
r.bing.com/rs/6r/fR/jnc,nj/
1 B
897 B
Script
General
Full URL
https://r.bing.com/rs/6r/fR/jnc,nj/tlifxqsNyCzxIJnRwtQKuZToQQw.js?or=w
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Kestrel /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
akamai-grn
0.56b31402.1719902500.9485f7ec
cross-origin-resource-policy
cross-origin
x-as-machinename
DUBEEAP0000E02A
alt-svc
h3=":443"; ma=93600
content-length
27
x-as-instrumentationoptions
AppServerLoggingMaster=1
last-modified
Thu, 27 Jun 2024 01:54:46 GMT
server
Kestrel
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
x-eventid
667dc8a216c749278e7634633c889e06
cache-control
public, max-age=48971
useragentreductionoptout
A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
timing-allow-origin
*
access-control-allow-headers
*
x-as-suppresssetcookie
1
expires
Tue, 02 Jul 2024 20:17:51 GMT
5WG_kDsbFabhsuv_6NwDoh2LdnI.gz.js
r.bing.com/rp/
684 B
998 B
Script
General
Full URL
https://r.bing.com/rp/5WG_kDsbFabhsuv_6NwDoh2LdnI.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7c317940549467b3210d2f72da000bac3481abfde3ac5358d398eb64dcbc8532

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
//yMzwhz8SzNg/d7sfog+A==
akamai-grn
0.56b31402.1719902500.9485f7ed
alt-svc
h3=":443"; ma=93600
content-length
367
x-ms-lease-status
unlocked
last-modified
Fri, 07 Jun 2024 08:43:51 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC86CDF4BDC9B4
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
7b857c06-b01e-004b-086f-bbf8ff000000
cache-control
public, no-transform, max-age=306922
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 05 Jul 2024 19:57:02 GMT
ACby6guiuiyuEYRTFOH8no-JKCo.gz.js
r.bing.com/rp/
2 KB
1 KB
Script
General
Full URL
https://r.bing.com/rp/ACby6guiuiyuEYRTFOH8no-JKCo.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
343ec2ee385eb80cd489788276279cf5aa3895b9890ce37503b814f791b9fb67

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
eX89J7tYrIWeBMvqdhCq0g==
akamai-grn
0.56b31402.1719902500.9485f7d8
alt-svc
h3=":443"; ma=93600
content-length
772
x-ms-lease-status
unlocked
last-modified
Wed, 01 May 2024 02:32:03 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC6986E33286DA
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
60640309-701e-0054-07bc-c34bfb000000
cache-control
public, no-transform, max-age=271079
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 05 Jul 2024 09:59:39 GMT
sTqO8BLDL3SMwm5-DmlL0eodCJk.gz.js
r.bing.com/rp/
45 B
695 B
Script
General
Full URL
https://r.bing.com/rp/sTqO8BLDL3SMwm5-DmlL0eodCJk.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3ff1f2d316ffa27fb945344e0186d3dbfebbd3508f9add75666b7e2e397723ad

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
VGu9Ta3BRIR+XEc4d+7x3A==
akamai-grn
0.56b31402.1719902500.9485f7f3
alt-svc
h3=":443"; ma=93600
content-length
65
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:43 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76C8743332
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
c90bfa8d-b01e-005b-15e1-c93d97000000
cache-control
public, no-transform, max-age=166895
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 04 Jul 2024 05:03:15 GMT
PVEp6LmF7FGQF4_wW3Ri1trRPv4.gz.js
r.bing.com/rp/
552 B
966 B
Script
General
Full URL
https://r.bing.com/rp/PVEp6LmF7FGQF4_wW3Ri1trRPv4.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c0dd10c9ea3f3615612a444dd5ea8ece9a3bba238b2dca28827da4cb311fb217

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
I3WwXWJtxZeMrOipWNiSPw==
akamai-grn
0.56b31402.1719902500.9485f7f4
alt-svc
h3=":443"; ma=93600
content-length
338
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:11 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76B592D2F2
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
02a8797c-e01e-00c0-1c02-c8fc92000000
cache-control
public, no-transform, max-age=351029
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 06 Jul 2024 08:12:09 GMT
oJtq_u9TBV7TshzGOx6yvnobEEU.gz.js
r.bing.com/rp/
2 KB
1 KB
Script
General
Full URL
https://r.bing.com/rp/oJtq_u9TBV7TshzGOx6yvnobEEU.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e161107d9351b29c17a7db7f57b6a0ccf914c267b71c976807ce0ae71fd24505

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
F33TokxMb9T95zz06VjX4A==
akamai-grn
0.56b31402.1719902500.9485f7f6
alt-svc
h3=":443"; ma=93600
content-length
821
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:41 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76C788DFC8
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
876ab65a-b01e-0029-21a3-b83ad8000000
cache-control
public, no-transform, max-age=217196
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 04 Jul 2024 19:01:36 GMT
PrUVzF4hlCEHR6XAp8AR6euT5OM.gz.js
r.bing.com/rp/
73 B
705 B
Script
General
Full URL
https://r.bing.com/rp/PrUVzF4hlCEHR6XAp8AR6euT5OM.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6d7a20272af13789aa1f9a56d737ea94fb4637c714356b4f851802669330593f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
VWSNUXxRpDzE7ZhFv2OvaA==
akamai-grn
0.56b31402.1719902500.9485f7f1
alt-svc
h3=":443"; ma=93600
content-length
75
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76B94C962D
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
ee2914a8-501e-00c5-0df2-bf2e49000000
cache-control
public, no-transform, max-age=170988
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 04 Jul 2024 06:11:28 GMT
qN3rmGYj9Qsn6JmjzmYclpmfCHI.gz.js
r.bing.com/rp/
219 B
809 B
Script
General
Full URL
https://r.bing.com/rp/qN3rmGYj9Qsn6JmjzmYclpmfCHI.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
73cb3a9b4b4b6009e31efcf846a4db0999685b932494ee2bc3e44daf0bdeb07c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
dSlderxzw8Z9VOREdsWgbQ==
akamai-grn
0.56b31402.1719902500.9485f7eb
alt-svc
h3=":443"; ma=93600
content-length
180
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:42 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76C7CEE8E7
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
e3a67801-601e-0077-0c84-c7d138000000
cache-control
public, no-transform, max-age=296081
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 05 Jul 2024 16:56:21 GMT
omjewb8RA_1ed-86jqIwN_f_ON8.gz.js
r.bing.com/rp/
122 B
749 B
Script
General
Full URL
https://r.bing.com/rp/omjewb8RA_1ed-86jqIwN_f_ON8.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c080a3e65377d6591fbebde2cc4d6bd7632a8ee33a67d2d79b9eef1eb7f5301d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
pJTv5yfaSROS16mbMsRiww==
akamai-grn
0.56b31402.1719902500.9485f7f2
alt-svc
h3=":443"; ma=93600
content-length
120
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76C56925EF
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
209bb363-601e-0015-3c23-c2131f000000
cache-control
public, no-transform, max-age=130467
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 03 Jul 2024 18:56:07 GMT
4KExH6bvG2QXO5JrYLcSmRtj_YE.gz.js
r.bing.com/rp/
238 B
839 B
Script
General
Full URL
https://r.bing.com/rp/4KExH6bvG2QXO5JrYLcSmRtj_YE.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f3af998040f0e9eeb2b050ee53d1e998f52c4dd6f3048b516b2a0d2c1064545c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
RMGymcN4FPZNu0zKDmjTVA==
akamai-grn
0.56b31402.1719902500.9485f7d4
alt-svc
h3=":443"; ma=93600
content-length
210
x-ms-lease-status
unlocked
last-modified
Thu, 18 Apr 2024 02:25:58 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC5F4EE255FBE8
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
e49442ea-801e-0013-5454-916126000000
cache-control
public, no-transform, max-age=102723
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 03 Jul 2024 11:13:43 GMT
9RU9Mo45ZvCytDGnLCWS0LulULU.gz.js
r.bing.com/rp/
9 B
659 B
Script
General
Full URL
https://r.bing.com/rp/9RU9Mo45ZvCytDGnLCWS0LulULU.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
33bd503172697a7d135b910b460f49d5f9d21e59c4bf8a9acb27b00b5487286a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
RjqscWyNaEZdXYGhpMZDDA==
akamai-grn
0.56b31402.1719902500.9485f7d6
alt-svc
h3=":443"; ma=93600
content-length
29
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:02:53 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76AADE4FDC
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
a3fdea7c-e01e-00c0-6c70-cbfc92000000
cache-control
public, no-transform, max-age=338071
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 06 Jul 2024 04:36:11 GMT
svYzgo4yD9vzUlVytiD-v2lepRM.gz.js
r.bing.com/rp/
2 KB
2 KB
Script
General
Full URL
https://r.bing.com/rp/svYzgo4yD9vzUlVytiD-v2lepRM.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a30facad92aa6735199d47f7787e1a855b529f9596ee18ad096bd0b27c40b2e8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
rqqA8IqcCLkWLXbyQFOqyw==
akamai-grn
0.56b31402.1719902500.9485f7f0
alt-svc
h3=":443"; ma=93600
content-length
1125
x-ms-lease-status
unlocked
last-modified
Wed, 08 May 2024 20:03:45 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC6F99F7BD1FAE
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
2560a286-701e-0026-73e5-a14cb4000000
cache-control
public, no-transform, max-age=134601
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 03 Jul 2024 20:05:01 GMT
nh-cbrH5PR-ER51QfBlGhxzAaq4.js
r.bing.com/rb/5T/jnc,nj/
4 KB
3 KB
Script
General
Full URL
https://r.bing.com/rb/5T/jnc,nj/nh-cbrH5PR-ER51QfBlGhxzAaq4.js?bu=BacEqwStBO0DlgQ&or=w
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Kestrel /
Resource Hash
295335e20be3c34d200a634b7db2581852b69c9c2d80753a669df459558a6567

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
br
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
akamai-grn
0.56b31402.1719902500.9485f7d7
content-security-policy-report-only
script-src https: 'strict-dynamic' 'report-sample' 'nonce-ljYfH/GeExblDC/Y8jrm3gIRq464L8Li2hLD19hWKKI='; base-uri 'self';report-to csp-endpoint
cross-origin-resource-policy
cross-origin
x-as-machinename
DUBEEAP0000E03B
alt-svc
h3=":443"; ma=93600
content-length
1857
x-as-instrumentationoptions
AppServerLoggingMaster=1
last-modified
Mon, 01 Jul 2024 13:36:54 GMT
server
Kestrel
report-to
{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}, {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
x-eventid
66831652063846a29e25478444c7e92b
cache-control
public, max-age=396383
useragentreductionoptout
A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
timing-allow-origin
*
access-control-allow-headers
*
x-as-suppresssetcookie
1
expires
Sat, 06 Jul 2024 20:48:03 GMT
4zJev3dpmzfHy_t3ZFGlXr0tQ4o.gz.js
r.bing.com/rp/
400 B
877 B
Script
General
Full URL
https://r.bing.com/rp/4zJev3dpmzfHy_t3ZFGlXr0tQ4o.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3c6cbb0633c4a64c3ddf59d66d0167478b119b1ae63b1aee85a449ec1b263eeb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
93i8ow1nBRqnzYpdj1PqQQ==
akamai-grn
0.56b31402.1719902500.9485f7ef
alt-svc
h3=":443"; ma=93600
content-length
247
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:02:51 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76A98D8075
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
4e02f62c-401e-00bb-6e33-c2be0e000000
cache-control
public, no-transform, max-age=179714
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 04 Jul 2024 08:36:54 GMT
okEICPKIVqk4DGAl1c7kXieE-9M.gz.js
r.bing.com/rp/
3 KB
2 KB
Script
General
Full URL
https://r.bing.com/rp/okEICPKIVqk4DGAl1c7kXieE-9M.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9062c70fa349e6e953bc7833436fabc098d2371c74627d1bf6565d18a8457781

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
z8/dx0/Rts0mhuHb7nDz5g==
akamai-grn
0.56b31402.1719902500.9485f7d5
alt-svc
h3=":443"; ma=93600
content-length
1193
x-ms-lease-status
unlocked
last-modified
Thu, 04 Jan 2024 08:45:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC0D0186542806
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
15d7a0ce-501e-007c-7c13-c62a53000000
cache-control
public, no-transform, max-age=137357
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 03 Jul 2024 20:50:57 GMT
TSj0Olu98pyCJmMY_0MY_Uva-qk.gz.js
r.bing.com/rp/
6 KB
3 KB
Script
General
Full URL
https://r.bing.com/rp/TSj0Olu98pyCJmMY_0MY_Uva-qk.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c01f1113020ec6201098a6690849ca3df40dcbc0f6fe9c7827fb616bbf8fa05b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
i6e5TNV7pYTEUAgUixhjkw==
akamai-grn
0.56b31402.1719902500.9485f7ee
alt-svc
h3=":443"; ma=93600
content-length
2083
x-ms-lease-status
unlocked
last-modified
Mon, 22 Apr 2024 18:35:49 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC62FB0826EF56
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
10812e69-c01e-000c-7cfd-c993a4000000
cache-control
public, no-transform, max-age=178747
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 04 Jul 2024 08:20:47 GMT
FIoeFa6FxBzU35_-5QwyG27du7w.gz.js
r.bing.com/rp/
2 KB
2 KB
Script
General
Full URL
https://r.bing.com/rp/FIoeFa6FxBzU35_-5QwyG27du7w.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d9e102f9e838797794078979641d8dca5dc8512cb428dbbd6c382bc587269bdd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
kjS+f0lrpLdy8Ijj9wTAVg==
akamai-grn
0.56b31402.1719902500.9485f7d2
alt-svc
h3=":443"; ma=93600
content-length
1277
x-ms-lease-status
unlocked
last-modified
Mon, 24 Jun 2024 09:52:58 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC94336DCB94B5
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
a8c00bde-801e-009b-7494-c9c5a9000000
cache-control
public, no-transform, max-age=133899
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 03 Jul 2024 19:53:19 GMT
nIt_N_kpXwbKZc4NbcR2zfSrv0E.gz.js
r.bing.com/rp/
458 B
947 B
Script
General
Full URL
https://r.bing.com/rp/nIt_N_kpXwbKZc4NbcR2zfSrv0E.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
95afaa120dd81bcdbf0b34d71b457b13e7fd2ac679fadee582f4e081d9edcbe6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
hNev2qP7qHAD2Xn6S+7C+w==
akamai-grn
0.15d01702.1719655899.de5d8aa, 0.56b31402.1719902500.9485f7d1
alt-svc
h3=":443"; ma=93600
content-length
284
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:36 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76C4290CD9
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
4f2aefa8-601e-00bc-4fea-a9d26d000000
cache-control
public, no-transform, max-age=102344
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 03 Jul 2024 11:07:24 GMT
t9AubO8wkPnh48_Y05cOFrDG0FI.gz.js
r.bing.com/rp/
1 KB
1 KB
Script
General
Full URL
https://r.bing.com/rp/t9AubO8wkPnh48_Y05cOFrDG0FI.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1adef582c859ed9b4f071cd3196b66ac13503c1346176e78837abccb390249a1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
/nw+wIwsX42binh78RCRGg==
akamai-grn
0.56b31402.1719902500.9485f7d3
alt-svc
h3=":443"; ma=93600
content-length
611
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76C6763359
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
bd27b222-f01e-0028-8032-c76504000000
cache-control
public, no-transform, max-age=260692
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 05 Jul 2024 07:06:32 GMT
dLXNK3o3tyXzkXA3Jj8ciHATOYc.gz.js
r.bing.com/rp/
560 B
895 B
Script
General
Full URL
https://r.bing.com/rp/dLXNK3o3tyXzkXA3Jj8ciHATOYc.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f8fa36ab6505da51bef5521ef84793391be9c16de5abd6bb99c20fe4d1fb48cf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
JcCxsBEgq3pSE+SxVIOLFA==
akamai-grn
0.56b31402.1719902500.9485f7cb
alt-svc
h3=":443"; ma=93600
content-length
264
x-ms-lease-status
unlocked
last-modified
Fri, 09 Feb 2024 09:23:41 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC2950CE05A00D
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
0f4de173-901e-002e-3020-c556bb000000
cache-control
public, no-transform, max-age=195861
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 04 Jul 2024 13:06:01 GMT
bjrsBgLMT2dt5Ai4Vmi31ydUjAA.gz.js
r.bing.com/rp/
905 B
1 KB
Script
General
Full URL
https://r.bing.com/rp/bjrsBgLMT2dt5Ai4Vmi31ydUjAA.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b908d312f517d62b6ecf48bd2fcdd83918e098485fe9be42139aec090775fac6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
BrRigGzvrq8+KRcdQJeGlA==
akamai-grn
0.05d01702.1719105840.39d97810, 0.56b31402.1719902500.9485f7d0
alt-svc
h3=":443"; ma=93600
content-length
509
x-ms-lease-status
unlocked
last-modified
Wed, 21 Jun 2023 19:04:02 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB728A46B50B3B
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
ca5aecd1-801e-000d-6745-c1cc78000000
cache-control
public, no-transform, max-age=109200
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 03 Jul 2024 13:01:40 GMT
D2h49Yt54MK5yexhnpgtYV9iFcw.gz.js
r.bing.com/rp/
257 B
831 B
Script
General
Full URL
https://r.bing.com/rp/D2h49Yt54MK5yexhnpgtYV9iFcw.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7edfdddf8032cbff4286cb3ae77e68f478485bd96cbfc0c8a84852415e10a25c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
1wO/3hIL5Tu8UE1KwnRlmg==
akamai-grn
0.56b31402.1719902500.9485f7f7
alt-svc
h3=":443"; ma=93600
content-length
203
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:08 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76B3BCEE5B
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
1464409e-a01e-0057-7cff-c8aa9f000000
cache-control
public, no-transform, max-age=69671
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 03 Jul 2024 02:02:51 GMT
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
ICf9X-WMafiZOnS_3M9RpM8994E.gz.js
r.bing.com/rp/
1 B
0
Script
General
Full URL
https://r.bing.com/rp/ICf9X-WMafiZOnS_3M9RpM8994E.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
AtUQRHwMLfUWfUcUVx5RxQ==
akamai-grn
0.56b31402.1719902500.9485f7ab
alt-svc
h3=":443"; ma=93600
content-length
21
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:03 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76B0A213F0
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
34c703b5-601e-002a-4b24-cadbbc000000
cache-control
public, no-transform, max-age=195642
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 04 Jul 2024 13:02:22 GMT
3jZ6ApwZeLbHsqPmm1ZuGUIWN3M.gz.css
r.bing.com/rp/
241 KB
128 KB
Stylesheet
General
Full URL
https://r.bing.com/rp/3jZ6ApwZeLbHsqPmm1ZuGUIWN3M.gz.css
Requested by
Host: r.bing.com
URL: https://r.bing.com/rp/4zJev3dpmzfHy_t3ZFGlXr0tQ4o.gz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4252cfde4d8de071f9fa0f6adcff3c8413fd3c4d5e158c872210d593631db2f5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
tFgbUujLAUkc0AmI1edl4w==
akamai-grn
0.56b31402.1719902500.9485fc98
alt-svc
h3=":443"; ma=93600
content-length
130118
x-ms-lease-status
unlocked
last-modified
Wed, 26 Jun 2024 13:50:40 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC95E6F71E0994
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
61b488d2-c01e-006e-370b-c85183000000
cache-control
public, no-transform, max-age=353767
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 06 Jul 2024 08:57:47 GMT
vYhrUWJwQuxFDxb-DJDTggEaBl4.gz.css
r.bing.com/rp/
30 B
704 B
Stylesheet
General
Full URL
https://r.bing.com/rp/vYhrUWJwQuxFDxb-DJDTggEaBl4.gz.css
Requested by
Host: r.bing.com
URL: https://r.bing.com/rp/4zJev3dpmzfHy_t3ZFGlXr0tQ4o.gz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d7213c51946975f61ba549e0b3fa83567c854557c673d56c9dddcccab6fdad0a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
Z6CK/5uVYFe4GrvtnJzrYg==
akamai-grn
0.02d01702.1719761368.1c892c3c, 0.56b31402.1719902500.9485fca2
alt-svc
h3=":443"; ma=93600
content-length
50
x-ms-lease-status
unlocked
last-modified
Tue, 29 Aug 2023 02:28:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DBA837A7A71B1C
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
35ef20c7-d01e-002f-5f2d-c50967000000
cache-control
public, no-transform, max-age=38625
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 02 Jul 2024 17:25:25 GMT
l
tt2-plain-bonus-108a.oiudasi6.workers.dev/fd/ls/
0
450 B
Image
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&Type=Event.CPT&DATA={%22pp%22:{%22S%22:%22L%22,%22FC%22:-1,%22BC%22:-1,%22SE%22:-1,%22TC%22:-1,%22H%22:-1,%22BP%22:165,%22CT%22:170,%22IL%22:1},%22net%22:%22undefined%22}&P=SERP&DA=DUBE01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-cdn-traceid
0.0fd01702.1719902500.80fc13a
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oUYWlkGqomwM1Fv2ntBvWCeF964wo%2Fz5BjFIGyOqh3rphSgn2fhQETSv356Pr03o92kBmb39LZJWzzXVyoG5YUbHFMfCQ3kWNavpCXFLBQiMQNvblaOyR5ppHG0W4nXBTy6u431l5ilAX0%2F62s5Vds76rDu2wt580zzb8w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
89cca6c55edbbbf5-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
lsp.aspx
tt2-plain-bonus-108a.oiudasi6.workers.dev/fd/ls/
0
458 B
Ping
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/fd/ls/lsp.aspx?
Requested by
Host: r.bing.com
URL: https://r.bing.com/rb/5T/jnc,nj/nh-cbrH5PR-ER51QfBlGhxzAaq4.js?bu=BacEqwStBO0DlgQ&or=w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
Content-Type
text/plain;charset=UTF-8
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-cdn-traceid
0.0fd01702.1719902500.80fc136
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mqB%2FjA0vlXmULOif8JjAlDge7BjCPGV4dVX1Og1XCyUmWpNzbUesDXHGP%2F6lAUHjnSQcpplVyUV1%2BnYs4hNE7H3d2SZ%2FUVIlaQJ86WBSfzJ6zv%2B7Kq%2BNdrxx36Rf%2B3e98nOcyReM2d2zila2BMx3ekrTuM21TA9UIpowZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
89cca6c55edfbbf5-FRA
alt-svc
h3=":443"; ma=86400
Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/
19 KB
8 KB
Script
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Requested by
Host: r.bing.com
URL: https://r.bing.com/rp/oJtq_u9TBV7TshzGOx6yvnobEEU.gz.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c4df84d46da7cc013cf9fb07433c6bc40d75f00121993ad51036fcdcdd145bb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
sDXiQ3uFrwXeIPSX85ZrdQ==
akamai-grn
0.3bd01702.1719889263.1e678cd2
alt-svc
h3=":443"; ma=86400
content-length
7447
x-ms-lease-status
unlocked
last-modified
Thu, 06 Jun 2024 14:14:41 GMT
server
cloudflare
x-cdn-traceid
0.0dd01702.1719902500.ab77895
etag
0x8DC863301DC4450
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
e5bc6efa-e01e-001b-395c-b83aaf000000
cache-control
public, no-transform, max-age=161535
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
89cca6c55ee0bbf5-FRA
timing-allow-origin
*
expires
Wed, 03 Jul 2024 23:53:18 GMT
favicon-trans-bg-blue-mg-png.png
tt2-plain-bonus-108a.oiudasi6.workers.dev/sa/simg/
531 B
1 KB
Other
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/sa/simg/favicon-trans-bg-blue-mg-png.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c5bb9ca2fa67fe7851d145305e17a8370c4aec9d09f54e0920d32f6148f12fa

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:40 GMT
cf-cache-status
MISS
content-security-policy-report-only
script-src https: 'strict-dynamic' 'report-sample' 'nonce-QTajW+dnoTMJ6otUHKyLyIN8j5tM8vTBtek32PwA5Mo='; base-uri 'self';report-to csp-endpoint
alt-svc
h3=":443"; ma=86400
content-length
531
last-modified
Mon, 01 Jan 1601 00:00:00 GMT
server
cloudflare
x-cdn-traceid
0.05d01702.1719902500.1e624e79
vary
Accept-Encoding
report-to
{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
content-type
image/png
x-eventid
647302c802e1474dbbcf3eed146fb307
cache-control
public, max-age=15552000
useragentreductionoptout
A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
accept-ranges
bytes
cf-ray
89cca6c56ee6bbf5-FRA
zhTN3mRvIUl6DeUkf-ScDREqMqI.gz.js
r.bing.com/rp/
546 B
927 B
XHR
General
Full URL
https://r.bing.com/rp/zhTN3mRvIUl6DeUkf-ScDREqMqI.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
fd5483ad8cc2e5851b4d4f1826b693b21129352d41ab1a4a15e6d5fe938b95e1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
BiKkqECF9mWw9gBZONrSaA==
akamai-grn
0.56b31402.1719902500.9485fdee
alt-svc
h3=":443"; ma=93600
content-length
297
x-ms-lease-status
unlocked
last-modified
Sun, 02 Jun 2024 10:24:06 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC82EE21D8E5B1
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
d2d1f985-201e-0049-2975-b74647000000
cache-control
public, no-transform, max-age=87903
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 03 Jul 2024 07:06:43 GMT
sajeqQ-o1FtvXD1tFQh-v8BIIIE.gz.js
r.bing.com/rp/
674 B
970 B
XHR
General
Full URL
https://r.bing.com/rp/sajeqQ-o1FtvXD1tFQh-v8BIIIE.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3e371f38691430d58c417a3ccb0c9fb4f9f7ed8e92321c42d2cf6b680fb349f9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
W9q7aEQ/craXMZrOKr4pew==
akamai-grn
0.56b31402.1719902500.9485fdf3
alt-svc
h3=":443"; ma=93600
content-length
340
x-ms-lease-status
unlocked
last-modified
Sun, 02 Jun 2024 10:24:06 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC82EE21E3FCC9
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
37d233d1-201e-002b-5228-b58460000000
cache-control
public, no-transform, max-age=335325
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 06 Jul 2024 03:50:25 GMT
38IytkyyqfebMB5Vaub6CKZcfeA.gz.js
r.bing.com/rp/
2 KB
2 KB
XHR
General
Full URL
https://r.bing.com/rp/38IytkyyqfebMB5Vaub6CKZcfeA.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e05d916cf22b37cc2b463d1780c82db47cef51a1dfc4b381a2cd9f6af9fbced0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
v74zyw/72Z4o6aI3K1bGhQ==
akamai-grn
0.56b31402.1719902500.9485fdf4
alt-svc
h3=":443"; ma=93600
content-length
909
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:02:52 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76AA6A3E72
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
3ab513f8-301e-007a-17c4-bf19ec000000
cache-control
public, no-transform, max-age=156613
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 04 Jul 2024 02:11:53 GMT
OFlvso_bX_NngxloPyyJjfkYZ4M.gz.js
r.bing.com/rp/
37 KB
12 KB
XHR
General
Full URL
https://r.bing.com/rp/OFlvso_bX_NngxloPyyJjfkYZ4M.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5bb552beb00af20a3a39660decabba8520cf53ff43594d1cd923f9217081d169

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
ZIM4k9L+MXGBYJdHEBrVyw==
akamai-grn
0.b6257e68.1719809100.4e091ac9, 0.56b31402.1719902500.9485fdf5
alt-svc
h3=":443"; ma=93600
content-length
11722
x-ms-lease-status
unlocked
last-modified
Tue, 07 May 2024 17:04:45 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC6EB7CBBB26C4
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
897c22c4-501e-00c5-76d5-c32e49000000
cache-control
public, no-transform, max-age=95401
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 03 Jul 2024 09:11:41 GMT
2btleEXVAqzWmhWmb55mfOm2g1E.gz.js
r.bing.com/rp/
310 KB
66 KB
XHR
General
Full URL
https://r.bing.com/rp/2btleEXVAqzWmhWmb55mfOm2g1E.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e2e4d97c20d4478e8e947480c8f6c71a2c795776d405366be70db82e4ea4ba77

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
KSPDBiVoZAYaEeQmhB/ESg==
akamai-grn
0.26257e68.1719680216.3e8fc59, 0.56b31402.1719902500.9485fdfe
alt-svc
h3=":443"; ma=93600
content-length
66418
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:02:45 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76A6226EE7
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
8ff602ff-a01e-0047-33b7-bb6ff7000000
cache-control
public, no-transform, max-age=138523
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 03 Jul 2024 21:10:23 GMT
F9lIcAfSHR6GC4zltZTgRR6QPuk.gz.js
r.bing.com/rp/
13 KB
5 KB
XHR
General
Full URL
https://r.bing.com/rp/F9lIcAfSHR6GC4zltZTgRR6QPuk.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
429c376160336dc6f748e45c07ddc068b24635f25a816f9a23d2ac733aad914f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
dZKlx+3GUZcThHkxca+g+w==
akamai-grn
0.3bd01702.1719625078.10bea4ff, 0.56b31402.1719902500.9485fe04
alt-svc
h3=":443"; ma=93600
content-length
4904
x-ms-lease-status
unlocked
last-modified
Fri, 28 Jun 2024 18:20:43 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC979F05C9A365
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
1b0b5258-d01e-0062-24b5-c9c68b000000
cache-control
public, no-transform, max-age=147942
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 03 Jul 2024 23:47:22 GMT
jJe9r2khHDSpZ_YVzn0Vhh5TWgM.gz.js
r.bing.com/rp/
367 KB
138 KB
XHR
General
Full URL
https://r.bing.com/rp/jJe9r2khHDSpZ_YVzn0Vhh5TWgM.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
167259fb3f3e87f61085929764418fdb7f8f92f079ff57483aad9c977823d6df

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
+qi8eLApoGIomazm/SUR7Q==
akamai-grn
0.05d01702.1719515861.85e097b, 0.56b31402.1719902500.9485fe0a
alt-svc
h3=":443"; ma=93600
content-length
140543
x-ms-lease-status
unlocked
last-modified
Thu, 27 Jun 2024 09:18:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC968A183B3513
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
051b28a9-e01e-000b-08c2-c8ffc7000000
cache-control
public, no-transform, max-age=43434
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 02 Jul 2024 18:45:34 GMT
u7YJKAAtuh0wKEb3fFHJMq04qUs.gz.js
r.bing.com/rp/
561 B
906 B
XHR
General
Full URL
https://r.bing.com/rp/u7YJKAAtuh0wKEb3fFHJMq04qUs.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
88d86fe4ad7534bb5d79d6ceafdc527ade975d07f49a856ce0ee6783161516c3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
ji/AlYPinXLcWyszoLYLPw==
akamai-grn
0.56b31402.1719902500.9485fe0b
alt-svc
h3=":443"; ma=93600
content-length
276
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:35 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76C3C8E24F
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
2a80065b-101e-003e-128c-98d255000000
cache-control
public, no-transform, max-age=344440
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 06 Jul 2024 06:22:20 GMT
4rFaDZMNzBHws4yVseaNHKgzTXM.gz.js
r.bing.com/rp/
552 KB
89 KB
XHR
General
Full URL
https://r.bing.com/rp/4rFaDZMNzBHws4yVseaNHKgzTXM.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0bd4e3aff07fa67e913ddcab8cf93980a472626a9c6043da546253700f344d52

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
d+ibHJVDA6iqZa4Q4YwbUQ==
akamai-grn
0.15d01702.1719185923.515ef3b, 0.56b31402.1719902500.9485fe33
alt-svc
h3=":443"; ma=93600
content-length
90261
x-ms-lease-status
unlocked
last-modified
Wed, 24 Jan 2024 22:29:07 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC1D2BE0FAAE98
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
2acf85f1-201e-003b-2db9-c04108000000
cache-control
public, no-transform, max-age=91063
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 03 Jul 2024 07:59:23 GMT
eWL1v5ra6WZo7eNTsT5-6vAcI8E.gz.js
r.bing.com/rp/
3 KB
2 KB
XHR
General
Full URL
https://r.bing.com/rp/eWL1v5ra6WZo7eNTsT5-6vAcI8E.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0977ef68c1c4dd7f6759e2c9d200eb67490cd578a3013065a1aa43c893658cae

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Tue, 02 Jul 2024 20:50:09 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
MDoCy43ti82PyLe8G35Mkw==
akamai-grn
0.7c257e68.1719547366.479641d6, 0.1ed854b8.1719902500.42494b54
alt-svc
h3=":443"; ma=93600
content-length
1526
x-ms-lease-status
unlocked
last-modified
Tue, 13 Feb 2024 01:24:13 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC2C327D011BC2
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
b2245b2a-701e-004a-160c-9ae6a5000000
cache-control
public, no-transform, max-age=50909
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
ICf9X-WMafiZOnS_3M9RpM8994E.gz.js
r.bing.com/rp/
1 B
0
XHR
General
Full URL
https://r.bing.com/rp/ICf9X-WMafiZOnS_3M9RpM8994E.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
AtUQRHwMLfUWfUcUVx5RxQ==
akamai-grn
0.56b31402.1719902500.9485f7ab
alt-svc
h3=":443"; ma=93600
content-length
21
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:03 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76B0A213F0
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
34c703b5-601e-002a-4b24-cadbbc000000
cache-control
public, no-transform, max-age=195642
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 04 Jul 2024 13:02:22 GMT
peNl4yUB4P3PwDM4J7NWGzi8hKM.gz.js
r.bing.com/rp/
1 KB
655 B
XHR
General
Full URL
https://r.bing.com/rp/peNl4yUB4P3PwDM4J7NWGzi8hKM.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f332b88324f67c9deb79ca7d33bd57f161e39567e774e4fdd5c0509205e60b9b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 06 Jul 2024 17:52:35 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
rIypxcrnEXVi9Geg/fbGrA==
akamai-grn
0.1ed854b8.1719902500.42494bd3
alt-svc
h3=":443"; ma=93600
content-length
622
x-ms-lease-status
unlocked
last-modified
Wed, 29 Nov 2023 10:04:47 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DBF0C29E9A35AA
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
bae50d2f-b01e-005b-012f-c13d97000000
cache-control
public, no-transform, max-age=385855
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
pxzfjFIjWTDQikh0A5aT_cguYyc.js
r.bing.com/rs/6r/lz/nj/
559 B
426 B
XHR
General
Full URL
https://r.bing.com/rs/6r/lz/nj/pxzfjFIjWTDQikh0A5aT_cguYyc.js?or=w
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
543f13a90187beb6441890f93979f00b8efac566716c71d465ee731ba21b7d26

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 03 Jul 2024 20:27:09 GMT
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
akamai-grn
0.1ed854b8.1719902500.42494bdc
content-security-policy-report-only
script-src https: 'strict-dynamic' 'report-sample' 'nonce-rGw2AxSgPMoms7sQHvbQHsg5cVUxaV/Xp0bGYdGZm4w='; base-uri 'self';report-to csp-endpoint
cross-origin-resource-policy
cross-origin
x-as-machinename
DUBEEAP0000E0D7
alt-svc
h3=":443"; ma=93600
content-length
389
x-as-instrumentationoptions
AppServerLoggingMaster=1
last-modified
Mon, 24 Jun 2024 00:14:10 GMT
server
Kestrel
vary
Accept-Encoding
report-to
{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}, {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
x-eventid
667944e96b6942218368255406367c66
cache-control
public, max-age=135929
useragentreductionoptout
A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
timing-allow-origin
*
access-control-allow-headers
*
x-as-suppresssetcookie
1
quic-version
0x00000001
EmG-XMIMCcq8zmcVBBO7jkFERAE.js
r.bing.com/rs/6r/lN/nj/
655 B
475 B
XHR
General
Full URL
https://r.bing.com/rs/6r/lN/nj/EmG-XMIMCcq8zmcVBBO7jkFERAE.js?or=w
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
2d4a25ad08e943d4ea3f7fa7c1b17350ef6759b8c99fac2501f9b1920f2e9b48

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 04 Jul 2024 10:06:56 GMT
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
akamai-grn
0.1ed854b8.1719902500.42494be6
cross-origin-resource-policy
cross-origin
x-as-machinename
DUBEEAP0000E009
alt-svc
h3=":443"; ma=93600
content-length
440
x-as-instrumentationoptions
AppServerLoggingMaster=1
last-modified
Sat, 29 Jun 2024 01:13:19 GMT
server
Kestrel
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
x-eventid
667fdca5d1b54847bb3ad2cec78c8111
cache-control
public, max-age=185116
useragentreductionoptout
A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
timing-allow-origin
*
access-control-allow-headers
*
x-as-suppresssetcookie
1
quic-version
0x00000001
WcjdZpA0BrxQaj0DlAkYkwnWs_o.gz.js
r.bing.com/rp/
6 KB
3 KB
XHR
General
Full URL
https://r.bing.com/rp/WcjdZpA0BrxQaj0DlAkYkwnWs_o.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7f587ba921cf977c6fa590097a5f5b2955737d346225fb0fab0238f8e68c32ea

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Tue, 02 Jul 2024 17:51:19 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
n/E0j4dFAUzCa1i/w6Ml/w==
akamai-grn
0.09d01702.1719898078.f035d73, 0.1ed854b8.1719902500.42494be7
alt-svc
h3=":443"; ma=93600
content-length
2546
x-ms-lease-status
unlocked
last-modified
Tue, 27 Feb 2024 15:52:32 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC37AC1BE1204F
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
dd6b611c-801e-006f-491a-c50e5f000000
cache-control
public, no-transform, max-age=40179
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
N0NZj2UoTgAcpHMO-3FYmE5C7G4.gz.js
r.bing.com/rp/
257 B
195 B
XHR
General
Full URL
https://r.bing.com/rp/N0NZj2UoTgAcpHMO-3FYmE5C7G4.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a5b4181611e951faecd6c164d704569c633e95fe68d3d1934b911a089ebf70e8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 03 Jul 2024 07:09:55 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
Fsl7AHL1UDrd0rg5v5ti+A==
akamai-grn
0.1ed854b8.1719902500.42494be8
alt-svc
h3=":443"; ma=93600
content-length
160
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:02:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76AE53B5FB
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
5c407ff9-801e-000d-0b7c-bdcc78000000
cache-control
public, no-transform, max-age=88095
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
iuYNUHE3kZrz6Jrb0_Mf0yBFZN0.gz.js
r.bing.com/rp/
438 B
222 B
XHR
General
Full URL
https://r.bing.com/rp/iuYNUHE3kZrz6Jrb0_Mf0yBFZN0.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0902692225cf325455e896941a7def89a27e00efe6f30bea60f1ecf9d9651483

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 06 Jul 2024 18:04:16 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
DFwmXhYhry0BxM0oTHpLCQ==
akamai-grn
0.1ed854b8.1719902500.42494be9
alt-svc
h3=":443"; ma=93600
content-length
181
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:21 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76BB696D3B
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
7b9383bb-601e-003a-7b32-ba1ed4000000
cache-control
public, no-transform, max-age=386556
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
8srl0LOx92Ew0yyAq2m2e33cq7I.gz.js
r.bing.com/rp/
426 B
304 B
XHR
General
Full URL
https://r.bing.com/rp/8srl0LOx92Ew0yyAq2m2e33cq7I.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3ed65f33193430c0b9db61ffe7f5fe27b29f86a28563992c3afc47d4c22c23d7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 05 Jul 2024 07:51:09 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
v7tZ/ztkya0GBN4voj+crw==
akamai-grn
0.02d01702.1719804032.1ea27bba, 0.1ed854b8.1719902500.42494bea
alt-svc
h3=":443"; ma=93600
content-length
259
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:02:47 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76A743B126
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
e8b836ae-e01e-000b-155e-b9ffc7000000
cache-control
public, no-transform, max-age=263369
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
Mt62GUgrdySmO3Hz6WvsY51OVCM.gz.js
r.bing.com/rp/
423 B
335 B
XHR
General
Full URL
https://r.bing.com/rp/Mt62GUgrdySmO3Hz6WvsY51OVCM.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
af8c36defed55d79106513865f69933e546e1e4c361e41c29f65905ded009047

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 05 Jul 2024 06:41:40 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
nRjeKHDCzIA360jfIiZTGA==
akamai-grn
0.02d01702.1718569902.1e97806a, 0.1ed854b8.1719902500.42494beb
alt-svc
h3=":443"; ma=93600
content-length
290
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:06 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76B2849499
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
554ad7ab-301e-00b1-6602-c01ab9000000
cache-control
public, no-transform, max-age=259200
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
UftY3H8sJrNnIZTpnss0J5hwE5Y.gz.js
r.bing.com/rp/
734 B
533 B
XHR
General
Full URL
https://r.bing.com/rp/UftY3H8sJrNnIZTpnss0J5hwE5Y.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
95f4d78a736829fc67ad4f9e2cb530ba1295468cb815e1a7df3b7836b26a34b7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 03 Jul 2024 05:54:17 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
b1iDSpKzo5FD/erahL61OQ==
akamai-grn
0.1ed854b8.1719902500.42494c18
alt-svc
h3=":443"; ma=93600
content-length
489
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:20 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76BAA6D0BF
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
57bef37c-801e-00b4-8083-bec862000000
cache-control
public, no-transform, max-age=83557
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
jhk_5I4f9VeUBzSlHc_enKyc3Ko.gz.js
r.bing.com/rp/
938 B
556 B
XHR
General
Full URL
https://r.bing.com/rp/jhk_5I4f9VeUBzSlHc_enKyc3Ko.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f2c5677d58718ae60f7f4e98351643afeb8ad7fdfe4b2b6af0b7b63108cb7071

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 03 Jul 2024 04:58:36 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
IJYKxTXJToOmhJu5Y+Ge9g==
akamai-grn
0.1ed854b8.1719902500.42494c19
alt-svc
h3=":443"; ma=93600
content-length
512
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:22 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76BC23FC67
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
e3b04cc9-401e-002d-4b17-c9b7df000000
cache-control
public, no-transform, max-age=80216
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
yjXVFOxf6UdoTA2BOwEH6n4ClfI.gz.js
r.bing.com/rp/
1 KB
782 B
XHR
General
Full URL
https://r.bing.com/rp/yjXVFOxf6UdoTA2BOwEH6n4ClfI.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8e572950cbda0558f7b9563ce4f5017e06bc9c262cf487e33927a948f8d78f7f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 05 Jul 2024 19:30:13 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
IdwtZGA9MByocbZXe9uLtg==
akamai-grn
0.1ed854b8.1719902500.42494c1a
alt-svc
h3=":443"; ma=93600
content-length
738
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:43 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76C8CAA4A3
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
8af836a8-e01e-0056-1523-cbf543000000
cache-control
public, no-transform, max-age=305313
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
ihC7RhTVhw2ULO_1rMUWydIu_rA.gz.js
r.bing.com/rp/
2 KB
880 B
XHR
General
Full URL
https://r.bing.com/rp/ihC7RhTVhw2ULO_1rMUWydIu_rA.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
04a007926a68bb33e36202eb27f53882af7fd009c1ec3ad7177fba380a5fb96f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 03 Jul 2024 05:15:45 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
1TXsxNVn3RseZNq3n6BUeA==
akamai-grn
0.1ed01702.1719738455.a3b8b77, 0.1ed854b8.1719902500.42494c1b
alt-svc
h3=":443"; ma=93600
content-length
835
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:31 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76C150BD63
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
d23bf597-a01e-0047-5d57-b26ff7000000
cache-control
public, no-transform, max-age=81245
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
3kaLdUGF8ruB6UiNcDOjP75mSAM.gz.js
r.bing.com/rp/
287 B
287 B
XHR
General
Full URL
https://r.bing.com/rp/3kaLdUGF8ruB6UiNcDOjP75mSAM.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
217acb853dc6e85c93c8bfa3a6c1d75a921a431db1a84cc6bc7e7afd38bf4ad9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 03 Jul 2024 09:08:41 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
HSdqV/OsLFjS8rv4RIZumg==
akamai-grn
0.20d01702.1719472682.10917f9, 0.1ed854b8.1719902500.42494c1c
alt-svc
h3=":443"; ma=93600
content-length
242
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:02:49 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76A881D0DC
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
6d34d117-e01e-0067-2384-5055d6000000
cache-control
public, no-transform, max-age=95221
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
cJksCHwhB_Z32I0ytWPMUDsybak.gz.js
r.bing.com/rp/
226 B
222 B
XHR
General
Full URL
https://r.bing.com/rp/cJksCHwhB_Z32I0ytWPMUDsybak.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8b4d85985e62c264c03c88b31e68dbabdcc9bd42f40032a43800902261ff373f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 05 Jul 2024 16:57:34 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
bN4C0ra+ctbnBbTcyL619g==
akamai-grn
0.1ed854b8.1719902500.42494c1d
alt-svc
h3=":443"; ma=93600
content-length
178
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:25 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76BE181C6A
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
e3a6aa14-601e-0077-0b85-c7d138000000
cache-control
public, no-transform, max-age=296154
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
PgVOrYqTvqK49IEnVEVlZVYfA1U.gz.js
r.bing.com/rp/
576 B
437 B
XHR
General
Full URL
https://r.bing.com/rp/PgVOrYqTvqK49IEnVEVlZVYfA1U.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1562669ad323019cda49a6cf3bddece1672282e7275f9d963031b30ea845ffb2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 06 Jul 2024 06:09:09 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
GEN21UcxZJtjS9dUSwGqSA==
akamai-grn
0.1ed854b8.1719902500.42494c1e
alt-svc
h3=":443"; ma=93600
content-length
393
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:19 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76BA68ADFF
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
8e7dd81e-b01e-0037-4da9-9b9786000000
cache-control
public, no-transform, max-age=343649
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
njelUYNJ9xk_aIzI9GKLCNIsxD8.gz.js
r.bing.com/rp/
328 B
267 B
XHR
General
Full URL
https://r.bing.com/rp/njelUYNJ9xk_aIzI9GKLCNIsxD8.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
243d212a9ff764ccda9b19c3c823b2f408a0718e56a3e7a8b5b533e108db56cb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 04 Jul 2024 09:21:32 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
aWD4XETGiFm1C1Ea/JadzQ==
akamai-grn
0.15d01702.1717911099.37bbf6c3, 0.3dd01702.1719642934.d51e395, 0.1ed854b8.1719902500.42494c1f
alt-svc
h3=":443"; ma=93600
content-length
221
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76C37A7E1D
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
a2fb6335-001e-005e-48b7-a5ef4c000000
cache-control
public, no-transform, max-age=182392
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
BmRJAuTc8UgOeXgJh_NIObAa5HE.gz.js
r.bing.com/rp/
391 B
318 B
XHR
General
Full URL
https://r.bing.com/rp/BmRJAuTc8UgOeXgJh_NIObAa5HE.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
342c3dd52a8a456f53093671d8d91f7af5b3299d72d60edb28e4f506368c6467

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 04 Jul 2024 04:09:44 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
AMzTpWxqysnsqB3a4Wv0UA==
akamai-grn
0.1ed854b8.1719902500.42494c20
alt-svc
h3=":443"; ma=93600
content-length
274
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:03 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76B0E9EFD0
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
edc3ad21-701e-006b-7344-c68358000000
cache-control
public, no-transform, max-age=163684
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
pXVzgohStRjQefcwyp3z6bhIArA.gz.js
r.bing.com/rp/
924 B
553 B
XHR
General
Full URL
https://r.bing.com/rp/pXVzgohStRjQefcwyp3z6bhIArA.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
15ed1579bccf1571a7d8b888226e9fe455aca5628684419d1a18f7cda68af89e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 05 Jul 2024 20:50:08 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
x+G+lCZu47Kw0twNFcZMOg==
akamai-grn
0.16d01702.1719161845.20626d72, 0.36d01702.1719559741.9af4e9a, 0.1ed854b8.1719902500.42494c21
alt-svc
h3=":443"; ma=93600
content-length
507
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:33 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76C2B87D41
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
9ce66a54-a01e-008c-7807-b46ca2000000
cache-control
public, no-transform, max-age=310108
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
kzHfYwAwahpHm-ZU7kDOHkFbADU.gz.js
r.bing.com/rp/
3 KB
2 KB
XHR
General
Full URL
https://r.bing.com/rp/kzHfYwAwahpHm-ZU7kDOHkFbADU.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e482bf4baaa167335f326b9b4f4b83e806cc21fb428b988a4932c806d918771c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Tue, 02 Jul 2024 23:25:40 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
VXQKTAHYa3rUIFPlZfmQpQ==
akamai-grn
0.30d01702.1719564470.618809c, 0.1ed854b8.1719902500.42494c22
alt-svc
h3=":443"; ma=93600
content-length
1541
x-ms-lease-status
unlocked
last-modified
Wed, 21 Jun 2023 19:04:09 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB728A4B281ABB
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
494915e8-101e-00a6-0542-b3b3b2000000
cache-control
public, no-transform, max-age=60240
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
GK9SuRKiu0QbKYnVgoAlgmuWrNU.gz.js
r.bing.com/rp/
2 KB
1 KB
XHR
General
Full URL
https://r.bing.com/rp/GK9SuRKiu0QbKYnVgoAlgmuWrNU.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5ff6b0f0620aa14559d5d869dbeb96febc4014051fa7d5df20223b10b35312de

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 05 Jul 2024 18:06:48 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
NAaNjvwmKkp0KjjfVNG3Rw==
akamai-grn
0.1ed854b8.1719902500.42494c82
alt-svc
h3=":443"; ma=93600
content-length
1240
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:04 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76B1740888
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
0301a466-401e-0084-4a03-a676ad000000
cache-control
public, no-transform, max-age=300308
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
5g-N9K-X1ykUl3QHEadPjpOM0Tc.gz.js
r.bing.com/rp/
1 KB
715 B
XHR
General
Full URL
https://r.bing.com/rp/5g-N9K-X1ykUl3QHEadPjpOM0Tc.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
47cb84d180c1d6ba7578c379bdc396102043b31233544e25a5a6f738bb425ac9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 04 Jul 2024 13:23:52 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
IKmyoFF07l5ynRvHLd3rsg==
akamai-grn
0.0cd01702.1716549247.4a28c2a, 0.05d01702.1719804259.18a978f2, 0.1ed854b8.1719902500.42494c83
alt-svc
h3=":443"; ma=93600
content-length
660
x-ms-lease-status
unlocked
last-modified
Thu, 04 Jan 2024 20:52:51 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC0D671E09193E
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
4350894b-801e-001d-4ed9-ac0910000000
cache-control
public, no-transform, max-age=196932
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
nt6a1ZR520utsLoZmSYgwxdOPgI.js
r.bing.com/rs/6r/xg/nj/
606 B
451 B
XHR
General
Full URL
https://r.bing.com/rs/6r/xg/nj/nt6a1ZR520utsLoZmSYgwxdOPgI.js?or=w
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
54722cf65ab74a85441a039480691610df079e6dd3316c452667efe4a94ffd39

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 05 Jul 2024 23:28:27 GMT
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
br
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
akamai-grn
0.1ed854b8.1719902500.42494c84
content-security-policy-report-only
script-src https: 'strict-dynamic' 'report-sample' 'nonce-MT8cPrk+2w+1OvPF5WSF+7uRnQimbK2jf8xcnpnE6Q0='; base-uri 'self';report-to csp-endpoint
cross-origin-resource-policy
cross-origin
x-as-machinename
DUBEEAP0000E080
alt-svc
h3=":443"; ma=93600
content-length
399
x-as-instrumentationoptions
AppServerLoggingMaster=1
last-modified
Mon, 01 Apr 2024 12:01:59 GMT
server
Kestrel
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
report-to
{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}, {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
x-eventid
6681ea8c8e9e4ed49d2fe83c11aeaac2
cache-control
public, max-age=319607
useragentreductionoptout
A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
timing-allow-origin
*
access-control-allow-headers
*
x-as-suppresssetcookie
1
quic-version
0x00000001
byLmVJQA1UzOFcrs9Jrvys4jXhM.gz.js
r.bing.com/rp/
2 KB
841 B
XHR
General
Full URL
https://r.bing.com/rp/byLmVJQA1UzOFcrs9Jrvys4jXhM.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e90558eb19208ad73f0de1cd9839d0317594bf23da0514f51272bf27183f01da

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 04 Jul 2024 07:06:45 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
u0qbDsT+ibh0C2GP7wsf/A==
akamai-grn
0.1ed854b8.1719902500.42494c85
alt-svc
h3=":443"; ma=93600
content-length
786
x-ms-lease-status
unlocked
last-modified
Wed, 14 Feb 2024 19:38:04 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC2D9476926B98
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
3be349b7-a01e-0047-1a69-c66ff7000000
cache-control
public, no-transform, max-age=174305
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
ARoBVs97L6Gwx5KgtPU1a1RcF6s.gz.js
r.bing.com/rp/
33 KB
7 KB
XHR
General
Full URL
https://r.bing.com/rp/ARoBVs97L6Gwx5KgtPU1a1RcF6s.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2d790381800ec6ddb18f82658ff2515866a1e3e470b926d46dd8b46ffffa7403

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 04 Jul 2024 01:47:43 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
CPOksKq/D1ZRdIwlWVmRYw==
akamai-grn
0.21ff1302.1718790895.e883112, 0.17ff1302.1719557078.78d36d84, 0.1ed854b8.1719902500.42494c86
alt-svc
h3=":443"; ma=93600
content-length
6892
x-ms-lease-status
unlocked
last-modified
Fri, 24 May 2024 01:33:44 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC7B918CDEAA50
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
c3b0543f-d01e-005d-49c8-c00e28000000
cache-control
public, no-transform, max-age=155163
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
SO02eTikN8ZV7bCSXFKur4CKSoQ.gz.js
r.bing.com/rp/
242 B
216 B
XHR
General
Full URL
https://r.bing.com/rp/SO02eTikN8ZV7bCSXFKur4CKSoQ.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
06b77ee16a2cd34acd210b4f2b6e423762ea8874bb26ae5a37db9dd01a00ff70

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 04 Jul 2024 19:32:19 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
uJ47yL0Sp1fVl3nUOL3X8g==
akamai-grn
0.1ed854b8.1719902500.42494c87
alt-svc
h3=":443"; ma=93600
content-length
160
x-ms-lease-status
unlocked
last-modified
Tue, 06 Jun 2023 10:30:05 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB6678FE41854B
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
7411e18c-101e-0089-4347-c3be79000000
cache-control
public, no-transform, max-age=219039
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
zhTN3mRvIUl6DeUkf-ScDREqMqI.gz.js
r.bing.com/rp/
546 B
0
Script
General
Full URL
https://r.bing.com/rp/zhTN3mRvIUl6DeUkf-ScDREqMqI.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
fd5483ad8cc2e5851b4d4f1826b693b21129352d41ab1a4a15e6d5fe938b95e1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
BiKkqECF9mWw9gBZONrSaA==
akamai-grn
0.56b31402.1719902500.9485fdee
alt-svc
h3=":443"; ma=93600
content-length
297
x-ms-lease-status
unlocked
last-modified
Sun, 02 Jun 2024 10:24:06 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC82EE21D8E5B1
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
d2d1f985-201e-0049-2975-b74647000000
cache-control
public, no-transform, max-age=87903
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 03 Jul 2024 07:06:43 GMT
sajeqQ-o1FtvXD1tFQh-v8BIIIE.gz.js
r.bing.com/rp/
674 B
0
Script
General
Full URL
https://r.bing.com/rp/sajeqQ-o1FtvXD1tFQh-v8BIIIE.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3e371f38691430d58c417a3ccb0c9fb4f9f7ed8e92321c42d2cf6b680fb349f9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
W9q7aEQ/craXMZrOKr4pew==
akamai-grn
0.56b31402.1719902500.9485fdf3
alt-svc
h3=":443"; ma=93600
content-length
340
x-ms-lease-status
unlocked
last-modified
Sun, 02 Jun 2024 10:24:06 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC82EE21E3FCC9
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
37d233d1-201e-002b-5228-b58460000000
cache-control
public, no-transform, max-age=335325
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 06 Jul 2024 03:50:25 GMT
38IytkyyqfebMB5Vaub6CKZcfeA.gz.js
r.bing.com/rp/
2 KB
0
Script
General
Full URL
https://r.bing.com/rp/38IytkyyqfebMB5Vaub6CKZcfeA.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e05d916cf22b37cc2b463d1780c82db47cef51a1dfc4b381a2cd9f6af9fbced0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
v74zyw/72Z4o6aI3K1bGhQ==
akamai-grn
0.56b31402.1719902500.9485fdf4
alt-svc
h3=":443"; ma=93600
content-length
909
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:02:52 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76AA6A3E72
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
3ab513f8-301e-007a-17c4-bf19ec000000
cache-control
public, no-transform, max-age=156613
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 04 Jul 2024 02:11:53 GMT
OFlvso_bX_NngxloPyyJjfkYZ4M.gz.js
r.bing.com/rp/
37 KB
0
Script
General
Full URL
https://r.bing.com/rp/OFlvso_bX_NngxloPyyJjfkYZ4M.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5bb552beb00af20a3a39660decabba8520cf53ff43594d1cd923f9217081d169

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
ZIM4k9L+MXGBYJdHEBrVyw==
akamai-grn
0.b6257e68.1719809100.4e091ac9, 0.56b31402.1719902500.9485fdf5
alt-svc
h3=":443"; ma=93600
content-length
11722
x-ms-lease-status
unlocked
last-modified
Tue, 07 May 2024 17:04:45 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC6EB7CBBB26C4
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
897c22c4-501e-00c5-76d5-c32e49000000
cache-control
public, no-transform, max-age=95401
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 03 Jul 2024 09:11:41 GMT
5ece65c0-5646-4120-b482-d5a2e18d69bc
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
123 B
0
Script
General
Full URL
blob:https://tt2-plain-bonus-108a.oiudasi6.workers.dev/5ece65c0-5646-4120-b482-d5a2e18d69bc
Requested by
Host: r.bing.com
URL: https://r.bing.com/rp/OFlvso_bX_NngxloPyyJjfkYZ4M.gz.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc39d0c622e84271970c572740e2c597871f51dc8195e1aa942368cb5c2aaf58

Request headers

Referer
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
123
Content-Type
text/javascript
2btleEXVAqzWmhWmb55mfOm2g1E.gz.js
r.bing.com/rp/
310 KB
0
Script
General
Full URL
https://r.bing.com/rp/2btleEXVAqzWmhWmb55mfOm2g1E.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e2e4d97c20d4478e8e947480c8f6c71a2c795776d405366be70db82e4ea4ba77

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
KSPDBiVoZAYaEeQmhB/ESg==
akamai-grn
0.26257e68.1719680216.3e8fc59, 0.56b31402.1719902500.9485fdfe
alt-svc
h3=":443"; ma=93600
content-length
66418
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:02:45 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76A6226EE7
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
8ff602ff-a01e-0047-33b7-bb6ff7000000
cache-control
public, no-transform, max-age=138523
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 03 Jul 2024 21:10:23 GMT
78f8b6de-744f-43c3-a221-c95b383a2aef
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
27 B
0
Script
General
Full URL
blob:https://tt2-plain-bonus-108a.oiudasi6.workers.dev/78f8b6de-744f-43c3-a221-c95b383a2aef
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e62f15d7a4562d68e7b0fbfb8b97cdfa32463b7f548837b30a546301f44bb34

Request headers

Referer
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
27
Content-Type
text/javascript
F9lIcAfSHR6GC4zltZTgRR6QPuk.gz.js
r.bing.com/rp/
13 KB
0
Script
General
Full URL
https://r.bing.com/rp/F9lIcAfSHR6GC4zltZTgRR6QPuk.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
429c376160336dc6f748e45c07ddc068b24635f25a816f9a23d2ac733aad914f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
dZKlx+3GUZcThHkxca+g+w==
akamai-grn
0.3bd01702.1719625078.10bea4ff, 0.56b31402.1719902500.9485fe04
alt-svc
h3=":443"; ma=93600
content-length
4904
x-ms-lease-status
unlocked
last-modified
Fri, 28 Jun 2024 18:20:43 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC979F05C9A365
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
1b0b5258-d01e-0062-24b5-c9c68b000000
cache-control
public, no-transform, max-age=147942
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 03 Jul 2024 23:47:22 GMT
e5e36fb5-0917-49f4-a0a9-d03117abb033
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
11 B
0
Script
General
Full URL
blob:https://tt2-plain-bonus-108a.oiudasi6.workers.dev/e5e36fb5-0917-49f4-a0a9-d03117abb033
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: blob:https://tt2-plain-bonus-108a.oiudasi6.workers.dev/78f8b6de-744f-43c3-a221-c95b383a2aef
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
553d0321189b23dba5f3670ea4bdb552dce0ebb1a3201e3b094e3f04cf08a7fe

Request headers

Referer
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
11
Content-Type
text/javascript
jJe9r2khHDSpZ_YVzn0Vhh5TWgM.gz.js
r.bing.com/rp/
367 KB
0
Script
General
Full URL
https://r.bing.com/rp/jJe9r2khHDSpZ_YVzn0Vhh5TWgM.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
167259fb3f3e87f61085929764418fdb7f8f92f079ff57483aad9c977823d6df

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
+qi8eLApoGIomazm/SUR7Q==
akamai-grn
0.05d01702.1719515861.85e097b, 0.56b31402.1719902500.9485fe0a
alt-svc
h3=":443"; ma=93600
content-length
140543
x-ms-lease-status
unlocked
last-modified
Thu, 27 Jun 2024 09:18:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC968A183B3513
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
051b28a9-e01e-000b-08c2-c8ffc7000000
cache-control
public, no-transform, max-age=43434
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 02 Jul 2024 18:45:34 GMT
u7YJKAAtuh0wKEb3fFHJMq04qUs.gz.js
r.bing.com/rp/
561 B
0
Script
General
Full URL
https://r.bing.com/rp/u7YJKAAtuh0wKEb3fFHJMq04qUs.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
88d86fe4ad7534bb5d79d6ceafdc527ade975d07f49a856ce0ee6783161516c3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
ji/AlYPinXLcWyszoLYLPw==
akamai-grn
0.56b31402.1719902500.9485fe0b
alt-svc
h3=":443"; ma=93600
content-length
276
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:35 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76C3C8E24F
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
2a80065b-101e-003e-128c-98d255000000
cache-control
public, no-transform, max-age=344440
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 06 Jul 2024 06:22:20 GMT
truncated
/
478 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a267f0e8e6ed42476777f455a879cb8c21cce3b62801fe3ee0f1a057dd8efaf

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
176 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
feaaaeec0e4b14692fbafac182198f3af83a44265b8659eac94b23222644c00b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
carousel
tt2-plain-bonus-108a.oiudasi6.workers.dev/hp/api/v1/
20 KB
5 KB
Fetch
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/hp/api/v1/carousel?&format=json&ecount=20&efirst=0&&
Requested by
Host: r.bing.com
URL: https://r.bing.com/rp/jJe9r2khHDSpZ_YVzn0Vhh5TWgM.gz.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec1331a9a683f6d8af59e4674c39289ce88a688fb68ebb74bbc3a1bc502b8099

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
Content-type
application/json
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:41 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
content-security-policy-report-only
script-src https: 'strict-dynamic' 'report-sample' 'nonce-cJ0UE2862nNzpXT4sOO/ibw5BeNx+Pu0bcroaZCrRGw='; base-uri 'self';report-to csp-endpoint
p3p
CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
alt-svc
h3=":443"; ma=86400
content-length
3853
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
server
cloudflare
x-cdn-traceid
0.0cd01702.1719902501.1ee818a1
vary
Accept-Encoding
report-to
{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
content-type
application/json; charset=utf-8
x-eventid
6683a125b4ec433faf2d5e80f9361091
cache-control
private
useragentreductionoptout
A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
cf-ray
89cca6c95b29bbf5-FRA
model
tt2-plain-bonus-108a.oiudasi6.workers.dev/hp/api/
26 KB
11 KB
Fetch
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/hp/api/model
Requested by
Host: r.bing.com
URL: https://r.bing.com/rp/jJe9r2khHDSpZ_YVzn0Vhh5TWgM.gz.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9847af03b88766051ce18de4d71c1462ba9eb57be45845af598b0145ff97b7e4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
Content-type
application/json
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:41 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
content-security-policy-report-only
script-src https: 'strict-dynamic' 'report-sample' 'nonce-dE5LI7v489crw9gevnfX41bPAI307Flnkj/EAD2n42U='; base-uri 'self';report-to csp-endpoint
p3p
CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
alt-svc
h3=":443"; ma=86400
content-length
9271
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
server
cloudflare
x-cdn-traceid
0.0cd01702.1719902501.1ee818b3
vary
Accept-Encoding
report-to
{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
content-type
application/json; charset=utf-8
x-eventid
6683a125cd534a49b6e65264b43656e7
cache-control
private
useragentreductionoptout
A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
cf-ray
89cca6c96b41bbf5-FRA
widget-initializer.js
assets.msn.com/bundles/v1/bingHomepage/latest/
0
0

l
tt2-plain-bonus-108a.workers.dev/fd/ls/
0
0

l
tt2-plain-bonus-108a.workers.dev/fd/ls/
0
0

l
tt2-plain-bonus-108a.workers.dev/fd/ls/
0
0

l
tt2-plain-bonus-108a.workers.dev/fd/ls/
0
0

4rFaDZMNzBHws4yVseaNHKgzTXM.gz.js
r.bing.com/rp/
552 KB
0
Script
General
Full URL
https://r.bing.com/rp/4rFaDZMNzBHws4yVseaNHKgzTXM.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0bd4e3aff07fa67e913ddcab8cf93980a472626a9c6043da546253700f344d52

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
d+ibHJVDA6iqZa4Q4YwbUQ==
akamai-grn
0.15d01702.1719185923.515ef3b, 0.56b31402.1719902500.9485fe33
alt-svc
h3=":443"; ma=93600
content-length
90261
x-ms-lease-status
unlocked
last-modified
Wed, 24 Jan 2024 22:29:07 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC1D2BE0FAAE98
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
2acf85f1-201e-003b-2db9-c04108000000
cache-control
public, no-transform, max-age=91063
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 03 Jul 2024 07:59:23 GMT
l
tt2-plain-bonus-108a.workers.dev/fd/ls/
0
0

l
tt2-plain-bonus-108a.workers.dev/fd/ls/
0
0

momentsintime
tt2-plain-bonus-108a.oiudasi6.workers.dev/hp/api/v1/
92 B
2 KB
Fetch
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/hp/api/v1/momentsintime?format=json&ssd=20240701_0700&
Requested by
Host: r.bing.com
URL: https://r.bing.com/rp/jJe9r2khHDSpZ_YVzn0Vhh5TWgM.gz.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a74e6f08fcd7361596c75310cdec58592ada508b955a71f8353f85e27cdb13b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
Content-type
application/json
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:41 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
content-security-policy-report-only
script-src https: 'strict-dynamic' 'report-sample' 'nonce-eYXmN/HaaJ7q6uT8uOU3nBC42MdFHlHPzsbQ2cU9QI8='; base-uri 'self';report-to csp-endpoint
p3p
CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
alt-svc
h3=":443"; ma=86400
content-length
97
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
server
cloudflare
x-cdn-traceid
0.07d01702.1719902501.c8d578c
vary
Accept-Encoding
report-to
{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
content-type
application/json; charset=utf-8
x-eventid
6683a1250c434ab5b745cfa1a54c2285
cache-control
private
useragentreductionoptout
A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
cf-ray
89cca6ca9c94bbf5-FRA
imagegallery
tt2-plain-bonus-108a.oiudasi6.workers.dev/hp/api/v1/
12 KB
6 KB
Fetch
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/hp/api/v1/imagegallery?format=json&ssd=20240701_0700&
Requested by
Host: r.bing.com
URL: https://r.bing.com/rp/jJe9r2khHDSpZ_YVzn0Vhh5TWgM.gz.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d84ccee33a79b925dbf871d4560edea3d47f474a390e8bb433d9892bb39dd993

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
Content-type
application/json
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:41 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
content-security-policy-report-only
script-src https: 'strict-dynamic' 'report-sample' 'nonce-GPqizNx/CDFI+NBtAteDRWODoD0eVY5GTuUgtBJYXcY='; base-uri 'self';report-to csp-endpoint
p3p
CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
alt-svc
h3=":443"; ma=86400
content-length
4461
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
server
cloudflare
x-cdn-traceid
0.09d01702.1719902501.f30a0f0
vary
Accept-Encoding
report-to
{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
content-type
application/json; charset=utf-8
x-eventid
6683a125f670405381b5f6ad53f42300
cache-control
private
useragentreductionoptout
A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
cf-ray
89cca6ca9c97bbf5-FRA
l
tt2-plain-bonus-108a.workers.dev/fd/ls/
0
0

l
tt2-plain-bonus-108a.workers.dev/fd/ls/
0
0

l
tt2-plain-bonus-108a.workers.dev/fd/ls/
0
0

th
tt2-plain-bonus-108a.oiudasi6.workers.dev/
237 KB
237 KB
Image
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/th?id=OHR.FisgardLighthouse_ROW4028957094_1920x1080.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e7f31adb22e67432d230afc9b1060a3fa83bac5688a58483ec8f3de310cd8b9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:41 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
alt-svc
h3=":443"; ma=86400
content-length
242268
server
cloudflare
x-cdn-traceid
0.0fd01702.1719902501.80fc39c
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
cache-control
public, max-age=691200
cf-ray
89cca6caaca2bbf5-FRA
access-control-allow-headers
*
timing-allow-origin
*
l
tt2-plain-bonus-108a.workers.dev/fd/ls/
0
0

l
tt2-plain-bonus-108a.workers.dev/fd/ls/
0
0

l
tt2-plain-bonus-108a.workers.dev/fd/ls/
0
0

th
tt2-plain-bonus-108a.oiudasi6.workers.dev/
5 KB
5 KB
Image
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/th?id=OPN.TOBOS_9ACBE3951C5CF89FDB687690AFC09236&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c88dc47217c6cd40e4779961b9aad8327bd32c2723d8e518f63e10191a44664d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:41 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
alt-svc
h3=":443"; ma=86400
content-length
4615
server
cloudflare
x-cdn-traceid
0.05d01702.1719902501.1e625318
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
cache-control
public, max-age=2592000
cf-ray
89cca6cafd08bbf5-FRA
access-control-allow-headers
*
timing-allow-origin
*
th
tt2-plain-bonus-108a.oiudasi6.workers.dev/
6 KB
6 KB
Image
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/th?id=OPN.TOBOS_2F25C59D62AD8BC97906E61E85A49D17&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c12964a45a9ac93edc9cffd139bbef4fcc5031baa64fd4ef343eb1fd78c73c8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:41 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
alt-svc
h3=":443"; ma=86400
content-length
6015
server
cloudflare
x-cdn-traceid
0.3dd01702.1719902501.2e3b4a6
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
cache-control
public, max-age=2592000
cf-ray
89cca6cafd0abbf5-FRA
access-control-allow-headers
*
timing-allow-origin
*
th
tt2-plain-bonus-108a.oiudasi6.workers.dev/
6 KB
7 KB
Image
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/th?id=OPN.TOBOS_845D4504C2E8A20A128288E52BCA53DB&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f1ea3d6f3e30e3100cdbc4c23e1d44fed626befd9208ff250d30314a90e66d2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:41 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
alt-svc
h3=":443"; ma=86400
content-length
6331
server
cloudflare
x-cdn-traceid
0.0cd01702.1719902501.1ee81a41
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
cache-control
public, max-age=2592000
cf-ray
89cca6cafd10bbf5-FRA
access-control-allow-headers
*
timing-allow-origin
*
th
tt2-plain-bonus-108a.oiudasi6.workers.dev/
6 KB
6 KB
Image
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/th?id=OPN.TOBOS_0CFC963CA6C689609F7F501633AB584B&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f7e3795b60b732ce552ea1b513918ffad7f392059ba44fc1f953276a2851583

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:41 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
alt-svc
h3=":443"; ma=86400
content-length
5880
server
cloudflare
x-cdn-traceid
0.3dd01702.1719902501.2e3b4aa
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
cache-control
public, max-age=2592000
cf-ray
89cca6cafd1abbf5-FRA
access-control-allow-headers
*
timing-allow-origin
*
th
tt2-plain-bonus-108a.oiudasi6.workers.dev/
4 KB
5 KB
Image
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/th?id=OPN.TOBOS_5605A98326AB0EF32404485DEE888AE4&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4460184a4c7d8395c7d228d4f02268c9c2d28494f0c985b48d6691d72d008cb9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:41 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
alt-svc
h3=":443"; ma=86400
content-length
4502
server
cloudflare
x-cdn-traceid
0.09d01702.1719902501.f30a114
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
cache-control
public, max-age=2592000
cf-ray
89cca6cafd1bbbf5-FRA
access-control-allow-headers
*
timing-allow-origin
*
th
tt2-plain-bonus-108a.oiudasi6.workers.dev/
4 KB
5 KB
Image
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/th?id=OPN.TOBOS_2E70BA45FD5A66416E26CD3117DDA424&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa78cdd1bf71a08eed4dde4e72b42415cf5357d4e604c5091d82ce8e5c7e774f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:41 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
alt-svc
h3=":443"; ma=86400
content-length
4414
server
cloudflare
x-cdn-traceid
0.07d01702.1719902501.c8d582f
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
cache-control
public, max-age=2592000
cf-ray
89cca6cafd1ebbf5-FRA
access-control-allow-headers
*
timing-allow-origin
*
th
tt2-plain-bonus-108a.oiudasi6.workers.dev/
7 KB
7 KB
Image
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/th?id=OPN.TOBOS_0004F064BF4EDEDA94889F411859B691&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
161f867ac6d892f67ccef488c16ea0cbc6cf56fb6ebf78d3f9c6f66d17780796

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:41 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
alt-svc
h3=":443"; ma=86400
content-length
6810
server
cloudflare
x-cdn-traceid
0.07d01702.1719902501.c8d5828
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
cache-control
public, max-age=2592000
cf-ray
89cca6cafd1fbbf5-FRA
access-control-allow-headers
*
timing-allow-origin
*
th
tt2-plain-bonus-108a.oiudasi6.workers.dev/
7 KB
7 KB
Image
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/th?id=OPN.TOBOS_999EAD972E3267D1B41C76DCA0D1251F&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3b0586664bbcd2dc7996457b38a68a70b938d3bc4efc7978090fd0cd0570ffe

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:41 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
alt-svc
h3=":443"; ma=86400
content-length
6854
server
cloudflare
x-cdn-traceid
0.05d01702.1719902501.1e62531f
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
cache-control
public, max-age=2592000
cf-ray
89cca6cafd20bbf5-FRA
access-control-allow-headers
*
timing-allow-origin
*
th
tt2-plain-bonus-108a.oiudasi6.workers.dev/
5 KB
6 KB
Image
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/th?id=OPN.TOBOS_DE4A11E9981CEFBDC7AB04322E93C125&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
223558218ec0f80588b4bb4faa13c14e95e1dcb46a74205f27956888d5f167aa

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:41 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
alt-svc
h3=":443"; ma=86400
content-length
5623
server
cloudflare
x-cdn-traceid
0.09d01702.1719902501.f30a11f
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
cache-control
public, max-age=2592000
cf-ray
89cca6cafd22bbf5-FRA
access-control-allow-headers
*
timing-allow-origin
*
th
tt2-plain-bonus-108a.oiudasi6.workers.dev/
6 KB
6 KB
Image
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/th?id=OPN.TOBOS_B9D9E5109B01AD655746A8D7D28A14BC&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50cfda32ddc276a38038bfa699f4c27fb340b33562aba84fbd7a172a12eefa4a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:41 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
alt-svc
h3=":443"; ma=86400
content-length
5708
server
cloudflare
x-cdn-traceid
0.3dd01702.1719902501.2e3b4ad
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
cache-control
public, max-age=2592000
cf-ray
89cca6cafd23bbf5-FRA
access-control-allow-headers
*
timing-allow-origin
*
th
tt2-plain-bonus-108a.oiudasi6.workers.dev/
5 KB
5 KB
Image
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/th?id=OPN.TOBOS_442E64F303B095759E7DFAD443EDB08C&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a818e137ee571651b4bcd8dfc7a4c35977d7fe6e7e80343a5cc3f8e85bba510

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:41 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
alt-svc
h3=":443"; ma=86400
content-length
4811
server
cloudflare
x-cdn-traceid
0.0cd01702.1719902501.1ee81a43
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
cache-control
public, max-age=2592000
cf-ray
89cca6cafd25bbf5-FRA
access-control-allow-headers
*
timing-allow-origin
*
th
tt2-plain-bonus-108a.oiudasi6.workers.dev/
7 KB
7 KB
Image
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/th?id=OPN.TOBOS_B0193FC501BF8530ED87882BE9BC0575&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9867a31d0cc012987274839b8d1d9088ffee0035b1f8247bb631025e1c341797

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:41 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
alt-svc
h3=":443"; ma=86400
content-length
6759
server
cloudflare
x-cdn-traceid
0.3dd01702.1719902501.2e3b4b6
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
cache-control
public, max-age=2592000
cf-ray
89cca6cb0d29bbf5-FRA
access-control-allow-headers
*
timing-allow-origin
*
th
tt2-plain-bonus-108a.oiudasi6.workers.dev/
4 KB
4 KB
Image
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/th?id=OPN.TOBOS_E5B3991D0F868FBC37D8FA5E6AE32E70&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83971e2e0422c5bfb6c7b6cea4ee2fbb0ba4203dc37293873c1ec329d99b73e1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:41 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
alt-svc
h3=":443"; ma=86400
content-length
3674
server
cloudflare
x-cdn-traceid
0.05d01702.1719902501.1e625326
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
cache-control
public, max-age=2592000
cf-ray
89cca6cb0d2dbbf5-FRA
access-control-allow-headers
*
timing-allow-origin
*
th
tt2-plain-bonus-108a.oiudasi6.workers.dev/
6 KB
7 KB
Image
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/th?id=OPN.TOBOS_84482A0DCF4466B0AC7450C0C5E2D67C&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c58edf7d15eeaccf55e6a7f39e7b0f1449beb3a9f03aff177aaf70e117bb328d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:41 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
alt-svc
h3=":443"; ma=86400
content-length
6296
server
cloudflare
x-cdn-traceid
0.05d01702.1719902501.1e62532e
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
cache-control
public, max-age=2592000
cf-ray
89cca6cb1d45bbf5-FRA
access-control-allow-headers
*
timing-allow-origin
*
th
tt2-plain-bonus-108a.oiudasi6.workers.dev/
4 KB
4 KB
Image
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/th?id=OPN.TOBOS_123A27E59CF0CE59F92806F95E1CE536&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1010a432d5e026a01f865b568d05a78ddbcd6bf99314259391fc38ea7af7e57

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:41 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
alt-svc
h3=":443"; ma=86400
content-length
3589
server
cloudflare
x-cdn-traceid
0.3dd01702.1719902501.2e3b4ca
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
cache-control
public, max-age=2592000
cf-ray
89cca6cb2d5dbbf5-FRA
access-control-allow-headers
*
timing-allow-origin
*
th
tt2-plain-bonus-108a.oiudasi6.workers.dev/
6 KB
6 KB
Image
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/th?id=OPN.TOBOS_515069D8F2BCB7C8C890EC0D06F41B67&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
169c0baba6c49cf9e466b7e4bbe326a0ef3de2f251008d975806505cc53b422e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:41 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
alt-svc
h3=":443"; ma=86400
content-length
5688
server
cloudflare
x-cdn-traceid
0.09d01702.1719902501.f30a157
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
cache-control
public, max-age=2592000
cf-ray
89cca6cb3d73bbf5-FRA
access-control-allow-headers
*
timing-allow-origin
*
th
tt2-plain-bonus-108a.oiudasi6.workers.dev/
4 KB
4 KB
Image
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/th?id=OPN.TOBOS_6C2FEDEDE6E5A27E53985851490E9B31&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20ac7616b957a44e3025699949febba1a8e64890ac87debb28b072212963d575

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:41 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
alt-svc
h3=":443"; ma=86400
content-length
4097
server
cloudflare
x-cdn-traceid
0.3dd01702.1719902501.2e3b4d9
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
cache-control
public, max-age=2592000
cf-ray
89cca6cb3d75bbf5-FRA
access-control-allow-headers
*
timing-allow-origin
*
th
tt2-plain-bonus-108a.oiudasi6.workers.dev/
7 KB
7 KB
Image
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/th?id=OPN.TOBOS_41E4632B89EAF8C869A61519B3373E0C&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2afbb98fa020ce609ed3573b6382e18a36b2bafe0ffdb6fdaa92771fd6ff9b3e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:41 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
alt-svc
h3=":443"; ma=86400
content-length
6740
server
cloudflare
x-cdn-traceid
0.05d01702.1719902501.1e625347
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
cache-control
public, max-age=2592000
cf-ray
89cca6cb3d77bbf5-FRA
access-control-allow-headers
*
timing-allow-origin
*
th
tt2-plain-bonus-108a.oiudasi6.workers.dev/
5 KB
6 KB
Image
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/th?id=OPN.TOBOS_6113C9AC42FEFE5BCA543741F0AE661A&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04d7b4a62aeedba064406b5c82ceb52f06349104433756698471a7ac34729a31

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:41 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
alt-svc
h3=":443"; ma=86400
content-length
5384
server
cloudflare
x-cdn-traceid
0.0fd01702.1719902501.80fc3ec
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
cache-control
public, max-age=2592000
cf-ray
89cca6cb3d78bbf5-FRA
access-control-allow-headers
*
timing-allow-origin
*
th
tt2-plain-bonus-108a.oiudasi6.workers.dev/
8 KB
8 KB
Image
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/th?id=OPN.TOBOS_E92BA583BFBE3CB2781932CC0E7C3C59&w=186&h=88&c=7&rs=2&qlt=80&pid=PopNow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eefee1182bab4230970b9780e2327ee00d5bcefdf589e4ed0cd13712f4827936

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:41 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
alt-svc
h3=":443"; ma=86400
content-length
7945
server
cloudflare
x-cdn-traceid
0.0fd01702.1719902501.80fc3e9
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
cache-control
public, max-age=2592000
cf-ray
89cca6cb3d7abbf5-FRA
access-control-allow-headers
*
timing-allow-origin
*
eWL1v5ra6WZo7eNTsT5-6vAcI8E.gz.js
r.bing.com/rp/
3 KB
0
Script
General
Full URL
https://r.bing.com/rp/eWL1v5ra6WZo7eNTsT5-6vAcI8E.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0977ef68c1c4dd7f6759e2c9d200eb67490cd578a3013065a1aa43c893658cae

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Tue, 02 Jul 2024 20:50:09 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
MDoCy43ti82PyLe8G35Mkw==
akamai-grn
0.7c257e68.1719547366.479641d6, 0.1ed854b8.1719902500.42494b54
alt-svc
h3=":443"; ma=93600
content-length
1526
x-ms-lease-status
unlocked
last-modified
Tue, 13 Feb 2024 01:24:13 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC2C327D011BC2
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
b2245b2a-701e-004a-160c-9ae6a5000000
cache-control
public, no-transform, max-age=50909
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
l
tt2-plain-bonus-108a.workers.dev/fd/ls/
0
0

l
tt2-plain-bonus-108a.workers.dev/fd/ls/
0
0

l
tt2-plain-bonus-108a.workers.dev/fd/ls/
0
0

l
tt2-plain-bonus-108a.workers.dev/fd/ls/
0
0

th
tt2-plain-bonus-108a.oiudasi6.workers.dev/
86 KB
86 KB
Image
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/th?id=OHR.UbudBali_ROW3802411932_1920x1080.jpg&w=720
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e412c39a0ba1f89e5c6f010d0bb0e6e6be4fcb30dab67be605dafea43ca7d917

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:41 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
alt-svc
h3=":443"; ma=86400
content-length
87637
server
cloudflare
x-cdn-traceid
0.05d01702.1719902501.1e62540c
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
cache-control
public, max-age=691200
cf-ray
89cca6cc4e86bbf5-FRA
access-control-allow-headers
*
timing-allow-origin
*
th
tt2-plain-bonus-108a.oiudasi6.workers.dev/
16 KB
17 KB
Image
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/th?id=OHR.NienhagenMecklenburg_ROW3325679403_1920x1080.jpg&w=360
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce0f44ab8b91367d4711f2ac734209447b732f72ef18e9de25f27b3e746783ac

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:41 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
alt-svc
h3=":443"; ma=86400
content-length
16617
server
cloudflare
x-cdn-traceid
0.07d01702.1719902501.c8d5967
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
cache-control
public, max-age=691200
cf-ray
89cca6cc5ea0bbf5-FRA
access-control-allow-headers
*
timing-allow-origin
*
th
tt2-plain-bonus-108a.oiudasi6.workers.dev/
12 KB
13 KB
Image
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/th?id=OHR.ChauseyIslands_ROW7325592526_1920x1080.jpg&w=360
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da847d9e2d40d76fea2cb1cb6cc6c52af54cd1a8154b1a3b3a20cc669a6fe603

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:41 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
alt-svc
h3=":443"; ma=86400
content-length
12538
server
cloudflare
x-cdn-traceid
0.0cd01702.1719902501.1ee81b86
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
cache-control
public, max-age=691200
cf-ray
89cca6cc6ea9bbf5-FRA
access-control-allow-headers
*
timing-allow-origin
*
th
tt2-plain-bonus-108a.oiudasi6.workers.dev/
15 KB
15 KB
Image
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/th?id=OHR.FlorenceDuomo_ROW2872192157_1920x1080.jpg&w=360
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42c5087e51a072979c22f5aba8ecc0c57c46fccd8f8e61311dbdc92b3f3e7596

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:41 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
alt-svc
h3=":443"; ma=86400
content-length
14868
server
cloudflare
x-cdn-traceid
0.0fd01702.1719902501.80fc4df
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
cache-control
public, max-age=691200
cf-ray
89cca6cc6eb1bbf5-FRA
access-control-allow-headers
*
timing-allow-origin
*
th
tt2-plain-bonus-108a.oiudasi6.workers.dev/
14 KB
15 KB
Image
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/th?id=OHR.CardinalfishAnemone_ROW2406404077_1920x1080.jpg&w=360
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb769b938ad997d255342f5c7387fd67e446319416830c50ecca5b681a01673

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:41 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
alt-svc
h3=":443"; ma=86400
content-length
14609
server
cloudflare
x-cdn-traceid
0.0cd01702.1719902501.1ee81b8d
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
cache-control
public, max-age=691200
cf-ray
89cca6cc6eb2bbf5-FRA
access-control-allow-headers
*
timing-allow-origin
*
th
tt2-plain-bonus-108a.oiudasi6.workers.dev/
15 KB
15 KB
Image
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/th?id=OHR.FireWave_ROW7768526925_1920x1080.jpg&w=360
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc645e1088f23bcc5d6026b7693c4215f3d0d355d3cd747fa12218851f21bee7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:41 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
alt-svc
h3=":443"; ma=86400
content-length
15169
server
cloudflare
x-cdn-traceid
0.09d01702.1719902501.f30a1f2
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
cache-control
public, max-age=691200
cf-ray
89cca6cc6eb4bbf5-FRA
access-control-allow-headers
*
timing-allow-origin
*
th
tt2-plain-bonus-108a.oiudasi6.workers.dev/
16 KB
17 KB
Image
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/th?id=OHR.FloresIsland_ROW5747422444_1920x1080.jpg&w=360
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e3d7e40282f88a732459deea0785aa7a0e3aafb5a77ef36895c7c777cfbf4fb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:41 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
alt-svc
h3=":443"; ma=86400
content-length
16537
server
cloudflare
x-cdn-traceid
0.0cd01702.1719902501.1ee81b88
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
cache-control
public, max-age=691200
cf-ray
89cca6cc6eb5bbf5-FRA
access-control-allow-headers
*
timing-allow-origin
*
l
tt2-plain-bonus-108a.workers.dev/fd/ls/
0
0

l
tt2-plain-bonus-108a.workers.dev/fd/ls/
0
0

render
tt2-plain-bonus-108a.oiudasi6.workers.dev/notifications/
0
2 KB
XHR
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/notifications/render?bnptrigger=%7B%22PartnerId%22%3A%22HomePage%22%2C%22IID%22%3A%22Bnp%22%2C%22Attributes%22%3A%7B%22RawRequestURL%22%3A%22%2F%22%2C%22Referer%22%3A%22https%3A%2F%2Fwww.google.com%2Fsearch%3Fq%3Dedtunnel%22%7D%7D&IG=202968DFC88343DA8E95DA4FDC6A64CE&IID=Bnp
Requested by
Host: r.bing.com
URL: https://r.bing.com/rp/eWL1v5ra6WZo7eNTsT5-6vAcI8E.gz.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
content-security-policy-report-only
script-src https: 'strict-dynamic' 'report-sample' 'nonce-obSnbh/P+C5oEzaZndWJXrTt8HXEKVZL/9QK5hnJ0/E='; base-uri 'self';report-to csp-endpoint
p3p
CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
alt-svc
h3=":443"; ma=86400
pragma
no-cache
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-msedge-ref
Ref A: C5B1C5D2A2084DA784EE3F4020A1DF5E Ref B: FRA31EDGE0115 Ref C: 2024-07-02T06:41:41Z
x-cdn-traceid
0.05d01702.1719902501.1e625462
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
content-type
text/html
x-eventid
6683a12515da43619b2c13c9d14ac657
cache-control
no-cache
useragentreductionoptout
A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
cf-ray
89cca6cc8ecfbbf5-FRA
expires
-1
ICf9X-WMafiZOnS_3M9RpM8994E.gz.js
r.bing.com/rp/
1 B
0
Script
General
Full URL
https://r.bing.com/rp/ICf9X-WMafiZOnS_3M9RpM8994E.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
AtUQRHwMLfUWfUcUVx5RxQ==
akamai-grn
0.56b31402.1719902500.9485f7ab
alt-svc
h3=":443"; ma=93600
content-length
21
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:03 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76B0A213F0
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
34c703b5-601e-002a-4b24-cadbbc000000
cache-control
public, no-transform, max-age=195642
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 04 Jul 2024 13:02:22 GMT
peNl4yUB4P3PwDM4J7NWGzi8hKM.gz.js
r.bing.com/rp/
1 KB
0
Script
General
Full URL
https://r.bing.com/rp/peNl4yUB4P3PwDM4J7NWGzi8hKM.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f332b88324f67c9deb79ca7d33bd57f161e39567e774e4fdd5c0509205e60b9b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 06 Jul 2024 17:52:35 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
rIypxcrnEXVi9Geg/fbGrA==
akamai-grn
0.1ed854b8.1719902500.42494bd3
alt-svc
h3=":443"; ma=93600
content-length
622
x-ms-lease-status
unlocked
last-modified
Wed, 29 Nov 2023 10:04:47 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DBF0C29E9A35AA
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
bae50d2f-b01e-005b-012f-c13d97000000
cache-control
public, no-transform, max-age=385855
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
pxzfjFIjWTDQikh0A5aT_cguYyc.js
r.bing.com/rs/6r/lz/nj/
559 B
0
Script
General
Full URL
https://r.bing.com/rs/6r/lz/nj/pxzfjFIjWTDQikh0A5aT_cguYyc.js?or=w
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
543f13a90187beb6441890f93979f00b8efac566716c71d465ee731ba21b7d26

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 03 Jul 2024 20:27:09 GMT
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
akamai-grn
0.1ed854b8.1719902500.42494bdc
content-security-policy-report-only
script-src https: 'strict-dynamic' 'report-sample' 'nonce-rGw2AxSgPMoms7sQHvbQHsg5cVUxaV/Xp0bGYdGZm4w='; base-uri 'self';report-to csp-endpoint
cross-origin-resource-policy
cross-origin
x-as-machinename
DUBEEAP0000E0D7
alt-svc
h3=":443"; ma=93600
content-length
389
x-as-instrumentationoptions
AppServerLoggingMaster=1
last-modified
Mon, 24 Jun 2024 00:14:10 GMT
server
Kestrel
vary
Accept-Encoding
report-to
{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}, {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
x-eventid
667944e96b6942218368255406367c66
cache-control
public, max-age=135929
useragentreductionoptout
A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
timing-allow-origin
*
access-control-allow-headers
*
x-as-suppresssetcookie
1
quic-version
0x00000001
EmG-XMIMCcq8zmcVBBO7jkFERAE.js
r.bing.com/rs/6r/lN/nj/
655 B
0
Script
General
Full URL
https://r.bing.com/rs/6r/lN/nj/EmG-XMIMCcq8zmcVBBO7jkFERAE.js?or=w
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
2d4a25ad08e943d4ea3f7fa7c1b17350ef6759b8c99fac2501f9b1920f2e9b48

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 04 Jul 2024 10:06:56 GMT
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
akamai-grn
0.1ed854b8.1719902500.42494be6
cross-origin-resource-policy
cross-origin
x-as-machinename
DUBEEAP0000E009
alt-svc
h3=":443"; ma=93600
content-length
440
x-as-instrumentationoptions
AppServerLoggingMaster=1
last-modified
Sat, 29 Jun 2024 01:13:19 GMT
server
Kestrel
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
x-eventid
667fdca5d1b54847bb3ad2cec78c8111
cache-control
public, max-age=185116
useragentreductionoptout
A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
timing-allow-origin
*
access-control-allow-headers
*
x-as-suppresssetcookie
1
quic-version
0x00000001
WcjdZpA0BrxQaj0DlAkYkwnWs_o.gz.js
r.bing.com/rp/
6 KB
0
Script
General
Full URL
https://r.bing.com/rp/WcjdZpA0BrxQaj0DlAkYkwnWs_o.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7f587ba921cf977c6fa590097a5f5b2955737d346225fb0fab0238f8e68c32ea

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Tue, 02 Jul 2024 17:51:19 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
n/E0j4dFAUzCa1i/w6Ml/w==
akamai-grn
0.09d01702.1719898078.f035d73, 0.1ed854b8.1719902500.42494be7
alt-svc
h3=":443"; ma=93600
content-length
2546
x-ms-lease-status
unlocked
last-modified
Tue, 27 Feb 2024 15:52:32 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC37AC1BE1204F
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
dd6b611c-801e-006f-491a-c50e5f000000
cache-control
public, no-transform, max-age=40179
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
N0NZj2UoTgAcpHMO-3FYmE5C7G4.gz.js
r.bing.com/rp/
257 B
0
Script
General
Full URL
https://r.bing.com/rp/N0NZj2UoTgAcpHMO-3FYmE5C7G4.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a5b4181611e951faecd6c164d704569c633e95fe68d3d1934b911a089ebf70e8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 03 Jul 2024 07:09:55 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
Fsl7AHL1UDrd0rg5v5ti+A==
akamai-grn
0.1ed854b8.1719902500.42494be8
alt-svc
h3=":443"; ma=93600
content-length
160
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:02:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76AE53B5FB
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
5c407ff9-801e-000d-0b7c-bdcc78000000
cache-control
public, no-transform, max-age=88095
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
iuYNUHE3kZrz6Jrb0_Mf0yBFZN0.gz.js
r.bing.com/rp/
438 B
0
Script
General
Full URL
https://r.bing.com/rp/iuYNUHE3kZrz6Jrb0_Mf0yBFZN0.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0902692225cf325455e896941a7def89a27e00efe6f30bea60f1ecf9d9651483

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 06 Jul 2024 18:04:16 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
DFwmXhYhry0BxM0oTHpLCQ==
akamai-grn
0.1ed854b8.1719902500.42494be9
alt-svc
h3=":443"; ma=93600
content-length
181
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:21 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76BB696D3B
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
7b9383bb-601e-003a-7b32-ba1ed4000000
cache-control
public, no-transform, max-age=386556
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
8srl0LOx92Ew0yyAq2m2e33cq7I.gz.js
r.bing.com/rp/
426 B
0
Script
General
Full URL
https://r.bing.com/rp/8srl0LOx92Ew0yyAq2m2e33cq7I.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3ed65f33193430c0b9db61ffe7f5fe27b29f86a28563992c3afc47d4c22c23d7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 05 Jul 2024 07:51:09 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
v7tZ/ztkya0GBN4voj+crw==
akamai-grn
0.02d01702.1719804032.1ea27bba, 0.1ed854b8.1719902500.42494bea
alt-svc
h3=":443"; ma=93600
content-length
259
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:02:47 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76A743B126
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
e8b836ae-e01e-000b-155e-b9ffc7000000
cache-control
public, no-transform, max-age=263369
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
Mt62GUgrdySmO3Hz6WvsY51OVCM.gz.js
r.bing.com/rp/
423 B
0
Script
General
Full URL
https://r.bing.com/rp/Mt62GUgrdySmO3Hz6WvsY51OVCM.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
af8c36defed55d79106513865f69933e546e1e4c361e41c29f65905ded009047

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 05 Jul 2024 06:41:40 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
nRjeKHDCzIA360jfIiZTGA==
akamai-grn
0.02d01702.1718569902.1e97806a, 0.1ed854b8.1719902500.42494beb
alt-svc
h3=":443"; ma=93600
content-length
290
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:06 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76B2849499
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
554ad7ab-301e-00b1-6602-c01ab9000000
cache-control
public, no-transform, max-age=259200
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
UftY3H8sJrNnIZTpnss0J5hwE5Y.gz.js
r.bing.com/rp/
734 B
0
Script
General
Full URL
https://r.bing.com/rp/UftY3H8sJrNnIZTpnss0J5hwE5Y.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
95f4d78a736829fc67ad4f9e2cb530ba1295468cb815e1a7df3b7836b26a34b7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 03 Jul 2024 05:54:17 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
b1iDSpKzo5FD/erahL61OQ==
akamai-grn
0.1ed854b8.1719902500.42494c18
alt-svc
h3=":443"; ma=93600
content-length
489
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:20 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76BAA6D0BF
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
57bef37c-801e-00b4-8083-bec862000000
cache-control
public, no-transform, max-age=83557
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
jhk_5I4f9VeUBzSlHc_enKyc3Ko.gz.js
r.bing.com/rp/
938 B
0
Script
General
Full URL
https://r.bing.com/rp/jhk_5I4f9VeUBzSlHc_enKyc3Ko.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f2c5677d58718ae60f7f4e98351643afeb8ad7fdfe4b2b6af0b7b63108cb7071

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 03 Jul 2024 04:58:36 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
IJYKxTXJToOmhJu5Y+Ge9g==
akamai-grn
0.1ed854b8.1719902500.42494c19
alt-svc
h3=":443"; ma=93600
content-length
512
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:22 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76BC23FC67
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
e3b04cc9-401e-002d-4b17-c9b7df000000
cache-control
public, no-transform, max-age=80216
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
yjXVFOxf6UdoTA2BOwEH6n4ClfI.gz.js
r.bing.com/rp/
1 KB
0
Script
General
Full URL
https://r.bing.com/rp/yjXVFOxf6UdoTA2BOwEH6n4ClfI.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8e572950cbda0558f7b9563ce4f5017e06bc9c262cf487e33927a948f8d78f7f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 05 Jul 2024 19:30:13 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
IdwtZGA9MByocbZXe9uLtg==
akamai-grn
0.1ed854b8.1719902500.42494c1a
alt-svc
h3=":443"; ma=93600
content-length
738
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:43 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76C8CAA4A3
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
8af836a8-e01e-0056-1523-cbf543000000
cache-control
public, no-transform, max-age=305313
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
ihC7RhTVhw2ULO_1rMUWydIu_rA.gz.js
r.bing.com/rp/
2 KB
0
Script
General
Full URL
https://r.bing.com/rp/ihC7RhTVhw2ULO_1rMUWydIu_rA.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
04a007926a68bb33e36202eb27f53882af7fd009c1ec3ad7177fba380a5fb96f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 03 Jul 2024 05:15:45 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
1TXsxNVn3RseZNq3n6BUeA==
akamai-grn
0.1ed01702.1719738455.a3b8b77, 0.1ed854b8.1719902500.42494c1b
alt-svc
h3=":443"; ma=93600
content-length
835
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:31 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76C150BD63
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
d23bf597-a01e-0047-5d57-b26ff7000000
cache-control
public, no-transform, max-age=81245
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
3kaLdUGF8ruB6UiNcDOjP75mSAM.gz.js
r.bing.com/rp/
287 B
0
Script
General
Full URL
https://r.bing.com/rp/3kaLdUGF8ruB6UiNcDOjP75mSAM.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
217acb853dc6e85c93c8bfa3a6c1d75a921a431db1a84cc6bc7e7afd38bf4ad9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 03 Jul 2024 09:08:41 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
HSdqV/OsLFjS8rv4RIZumg==
akamai-grn
0.20d01702.1719472682.10917f9, 0.1ed854b8.1719902500.42494c1c
alt-svc
h3=":443"; ma=93600
content-length
242
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:02:49 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76A881D0DC
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
6d34d117-e01e-0067-2384-5055d6000000
cache-control
public, no-transform, max-age=95221
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
cJksCHwhB_Z32I0ytWPMUDsybak.gz.js
r.bing.com/rp/
226 B
0
Script
General
Full URL
https://r.bing.com/rp/cJksCHwhB_Z32I0ytWPMUDsybak.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8b4d85985e62c264c03c88b31e68dbabdcc9bd42f40032a43800902261ff373f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 05 Jul 2024 16:57:34 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
bN4C0ra+ctbnBbTcyL619g==
akamai-grn
0.1ed854b8.1719902500.42494c1d
alt-svc
h3=":443"; ma=93600
content-length
178
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:25 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76BE181C6A
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
e3a6aa14-601e-0077-0b85-c7d138000000
cache-control
public, no-transform, max-age=296154
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
PgVOrYqTvqK49IEnVEVlZVYfA1U.gz.js
r.bing.com/rp/
576 B
0
Script
General
Full URL
https://r.bing.com/rp/PgVOrYqTvqK49IEnVEVlZVYfA1U.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1562669ad323019cda49a6cf3bddece1672282e7275f9d963031b30ea845ffb2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 06 Jul 2024 06:09:09 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
GEN21UcxZJtjS9dUSwGqSA==
akamai-grn
0.1ed854b8.1719902500.42494c1e
alt-svc
h3=":443"; ma=93600
content-length
393
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:19 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76BA68ADFF
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
8e7dd81e-b01e-0037-4da9-9b9786000000
cache-control
public, no-transform, max-age=343649
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
njelUYNJ9xk_aIzI9GKLCNIsxD8.gz.js
r.bing.com/rp/
328 B
0
Script
General
Full URL
https://r.bing.com/rp/njelUYNJ9xk_aIzI9GKLCNIsxD8.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
243d212a9ff764ccda9b19c3c823b2f408a0718e56a3e7a8b5b533e108db56cb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 04 Jul 2024 09:21:32 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
aWD4XETGiFm1C1Ea/JadzQ==
akamai-grn
0.15d01702.1717911099.37bbf6c3, 0.3dd01702.1719642934.d51e395, 0.1ed854b8.1719902500.42494c1f
alt-svc
h3=":443"; ma=93600
content-length
221
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76C37A7E1D
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
a2fb6335-001e-005e-48b7-a5ef4c000000
cache-control
public, no-transform, max-age=182392
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
authorize
login.microsoftonline.com/common/oauth2/ Frame 3D6F
0
0
Document
General
Full URL
https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=fc5c836e-1a8a-48b6-8104-e747df153421&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%22202968DFC88343DA8E95DA4FDC6A64CE%22%7d
Requested by
Host: r.bing.com
URL: https://r.bing.com/rp/PgVOrYqTvqK49IEnVEVlZVYfA1U.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:c8::b Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
9022
Content-Type
text/html; charset=utf-8
Date
Tue, 02 Jul 2024 06:41:42 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-ests-server
2.1.18399.9 - NEULR1 ProdSlices
x-ms-request-id
f4f08006-03e2-43fa-bfc1-48f7a6220800
x-ms-srs
1.P
BmRJAuTc8UgOeXgJh_NIObAa5HE.gz.js
r.bing.com/rp/
391 B
0
Script
General
Full URL
https://r.bing.com/rp/BmRJAuTc8UgOeXgJh_NIObAa5HE.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
342c3dd52a8a456f53093671d8d91f7af5b3299d72d60edb28e4f506368c6467

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 04 Jul 2024 04:09:44 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
AMzTpWxqysnsqB3a4Wv0UA==
akamai-grn
0.1ed854b8.1719902500.42494c20
alt-svc
h3=":443"; ma=93600
content-length
274
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:03 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76B0E9EFD0
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
edc3ad21-701e-006b-7344-c68358000000
cache-control
public, no-transform, max-age=163684
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
pXVzgohStRjQefcwyp3z6bhIArA.gz.js
r.bing.com/rp/
924 B
0
Script
General
Full URL
https://r.bing.com/rp/pXVzgohStRjQefcwyp3z6bhIArA.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
15ed1579bccf1571a7d8b888226e9fe455aca5628684419d1a18f7cda68af89e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 05 Jul 2024 20:50:08 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
x+G+lCZu47Kw0twNFcZMOg==
akamai-grn
0.16d01702.1719161845.20626d72, 0.36d01702.1719559741.9af4e9a, 0.1ed854b8.1719902500.42494c21
alt-svc
h3=":443"; ma=93600
content-length
507
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:33 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76C2B87D41
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
9ce66a54-a01e-008c-7807-b46ca2000000
cache-control
public, no-transform, max-age=310108
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
kzHfYwAwahpHm-ZU7kDOHkFbADU.gz.js
r.bing.com/rp/
3 KB
0
Script
General
Full URL
https://r.bing.com/rp/kzHfYwAwahpHm-ZU7kDOHkFbADU.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e482bf4baaa167335f326b9b4f4b83e806cc21fb428b988a4932c806d918771c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Tue, 02 Jul 2024 23:25:40 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
VXQKTAHYa3rUIFPlZfmQpQ==
akamai-grn
0.30d01702.1719564470.618809c, 0.1ed854b8.1719902500.42494c22
alt-svc
h3=":443"; ma=93600
content-length
1541
x-ms-lease-status
unlocked
last-modified
Wed, 21 Jun 2023 19:04:09 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB728A4B281ABB
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
494915e8-101e-00a6-0542-b3b3b2000000
cache-control
public, no-transform, max-age=60240
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
GK9SuRKiu0QbKYnVgoAlgmuWrNU.gz.js
r.bing.com/rp/
2 KB
0
Script
General
Full URL
https://r.bing.com/rp/GK9SuRKiu0QbKYnVgoAlgmuWrNU.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5ff6b0f0620aa14559d5d869dbeb96febc4014051fa7d5df20223b10b35312de

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 05 Jul 2024 18:06:48 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
NAaNjvwmKkp0KjjfVNG3Rw==
akamai-grn
0.1ed854b8.1719902500.42494c82
alt-svc
h3=":443"; ma=93600
content-length
1240
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:03:04 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A76B1740888
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
0301a466-401e-0084-4a03-a676ad000000
cache-control
public, no-transform, max-age=300308
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
5g-N9K-X1ykUl3QHEadPjpOM0Tc.gz.js
r.bing.com/rp/
1 KB
0
Script
General
Full URL
https://r.bing.com/rp/5g-N9K-X1ykUl3QHEadPjpOM0Tc.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
47cb84d180c1d6ba7578c379bdc396102043b31233544e25a5a6f738bb425ac9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 04 Jul 2024 13:23:52 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
IKmyoFF07l5ynRvHLd3rsg==
akamai-grn
0.0cd01702.1716549247.4a28c2a, 0.05d01702.1719804259.18a978f2, 0.1ed854b8.1719902500.42494c83
alt-svc
h3=":443"; ma=93600
content-length
660
x-ms-lease-status
unlocked
last-modified
Thu, 04 Jan 2024 20:52:51 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC0D671E09193E
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
4350894b-801e-001d-4ed9-ac0910000000
cache-control
public, no-transform, max-age=196932
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
ncheader
tt2-plain-bonus-108a.oiudasi6.workers.dev/rewardsapp/
2 KB
2 KB
XHR
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rewardsapp/ncheader?ver=47711453&IID=SERP.5017&IG=202968DFC88343DA8E95DA4FDC6A64CE
Requested by
Host: r.bing.com
URL: https://r.bing.com/rp/5g-N9K-X1ykUl3QHEadPjpOM0Tc.gz.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04cc58c5199eed182da29c989c348bb02cc99875813c907a10967accfe201768

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
Content-type
application/x-www-form-urlencoded
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:42 GMT
content-encoding
br
cf-cache-status
DYNAMIC
content-security-policy-report-only
script-src https: 'strict-dynamic' 'report-sample' 'nonce-Wxh7TJzmufH6r+beUUVbJJaxYd4SjetUINXOP9ytIp4='; base-uri 'self';report-to csp-endpoint
p3p
CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
alt-svc
h3=":443"; ma=86400
pragma
no-cache
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
server
cloudflare
x-cdn-traceid
0.0fd01702.1719902502.80fc5a6
vary
Accept-Encoding
report-to
{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
content-type
text/html; charset=utf-8
x-eventid
6683a126ceb34d7f91f5f31c97412aff
cache-control
no-cache, no-store, must-revalidate
useragentreductionoptout
A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
cf-ray
89cca6cd9fd2bbf5-FRA
expires
-1
nt6a1ZR520utsLoZmSYgwxdOPgI.js
r.bing.com/rs/6r/xg/nj/
606 B
0
Script
General
Full URL
https://r.bing.com/rs/6r/xg/nj/nt6a1ZR520utsLoZmSYgwxdOPgI.js?or=w
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
54722cf65ab74a85441a039480691610df079e6dd3316c452667efe4a94ffd39

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 05 Jul 2024 23:28:27 GMT
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
br
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
akamai-grn
0.1ed854b8.1719902500.42494c84
content-security-policy-report-only
script-src https: 'strict-dynamic' 'report-sample' 'nonce-MT8cPrk+2w+1OvPF5WSF+7uRnQimbK2jf8xcnpnE6Q0='; base-uri 'self';report-to csp-endpoint
cross-origin-resource-policy
cross-origin
x-as-machinename
DUBEEAP0000E080
alt-svc
h3=":443"; ma=93600
content-length
399
x-as-instrumentationoptions
AppServerLoggingMaster=1
last-modified
Mon, 01 Apr 2024 12:01:59 GMT
server
Kestrel
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
report-to
{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}, {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
x-eventid
6681ea8c8e9e4ed49d2fe83c11aeaac2
cache-control
public, max-age=319607
useragentreductionoptout
A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
timing-allow-origin
*
access-control-allow-headers
*
x-as-suppresssetcookie
1
quic-version
0x00000001
byLmVJQA1UzOFcrs9Jrvys4jXhM.gz.js
r.bing.com/rp/
2 KB
0
Script
General
Full URL
https://r.bing.com/rp/byLmVJQA1UzOFcrs9Jrvys4jXhM.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e90558eb19208ad73f0de1cd9839d0317594bf23da0514f51272bf27183f01da

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 04 Jul 2024 07:06:45 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
u0qbDsT+ibh0C2GP7wsf/A==
akamai-grn
0.1ed854b8.1719902500.42494c85
alt-svc
h3=":443"; ma=93600
content-length
786
x-ms-lease-status
unlocked
last-modified
Wed, 14 Feb 2024 19:38:04 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC2D9476926B98
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
3be349b7-a01e-0047-1a69-c66ff7000000
cache-control
public, no-transform, max-age=174305
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
ARoBVs97L6Gwx5KgtPU1a1RcF6s.gz.js
r.bing.com/rp/
33 KB
0
Script
General
Full URL
https://r.bing.com/rp/ARoBVs97L6Gwx5KgtPU1a1RcF6s.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2d790381800ec6ddb18f82658ff2515866a1e3e470b926d46dd8b46ffffa7403

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 04 Jul 2024 01:47:43 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
CPOksKq/D1ZRdIwlWVmRYw==
akamai-grn
0.21ff1302.1718790895.e883112, 0.17ff1302.1719557078.78d36d84, 0.1ed854b8.1719902500.42494c86
alt-svc
h3=":443"; ma=93600
content-length
6892
x-ms-lease-status
unlocked
last-modified
Fri, 24 May 2024 01:33:44 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC7B918CDEAA50
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
c3b0543f-d01e-005d-49c8-c00e28000000
cache-control
public, no-transform, max-age=155163
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
SO02eTikN8ZV7bCSXFKur4CKSoQ.gz.js
r.bing.com/rp/
242 B
0
Script
General
Full URL
https://r.bing.com/rp/SO02eTikN8ZV7bCSXFKur4CKSoQ.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
06b77ee16a2cd34acd210b4f2b6e423762ea8874bb26ae5a37db9dd01a00ff70

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 04 Jul 2024 19:32:19 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:40 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
uJ47yL0Sp1fVl3nUOL3X8g==
akamai-grn
0.1ed854b8.1719902500.42494c87
alt-svc
h3=":443"; ma=93600
content-length
160
x-ms-lease-status
unlocked
last-modified
Tue, 06 Jun 2023 10:30:05 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB6678FE41854B
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
7411e18c-101e-0089-4347-c3be79000000
cache-control
public, no-transform, max-age=219039
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
reportActivity
tt2-plain-bonus-108a.oiudasi6.workers.dev/rewardsapp/
2 KB
3 KB
XHR
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rewardsapp/reportActivity?IG=202968DFC88343DA8E95DA4FDC6A64CE&IID=SERP.5026&&src=hp
Requested by
Host: r.bing.com
URL: https://r.bing.com/rs/6r/xg/nj/nt6a1ZR520utsLoZmSYgwxdOPgI.js?or=w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2213979f41b2db5bc98b83c893ef643b839dd2381f7f00fb453d4c7bedb3b29

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
Content-type
application/x-www-form-urlencoded
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:42 GMT
content-encoding
br
cf-cache-status
DYNAMIC
content-security-policy-report-only
script-src https: 'strict-dynamic' 'report-sample' 'nonce-nfpncafD+OrM6Oe0wT8Lo0hUAmAPyJB+DRMMr6XJcT8='; base-uri 'self';report-to csp-endpoint
p3p
CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
alt-svc
h3=":443"; ma=86400
pragma
no-cache
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
server
cloudflare
x-cdn-traceid
0.07d01702.1719902502.c8d5a66
vary
Accept-Encoding
report-to
{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
content-type
text/html; charset=utf-8
x-eventid
6683a126cb3c48b19a93ef72ce144576
cache-control
no-cache
useragentreductionoptout
A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
cf-ray
89cca6cdcff4bbf5-FRA
expires
-1
W8bLYGpay8IFp3H_SrUDKaBAn30.gz.js
r.bing.com/rp/
3 KB
1 KB
Script
General
Full URL
https://r.bing.com/rp/W8bLYGpay8IFp3H_SrUDKaBAn30.gz.js
Requested by
Host: tt2-plain-bonus-108a.oiudasi6.workers.dev
URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
795e9290718eb62a1fb00646dc738f6a6b715b1171dd54a3d2defa013a74f3da

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 06 Jul 2024 03:47:34 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:42 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
LKnj6r8gi/vMGaxQh/fz4g==
akamai-grn
0.1ed854b8.1719902502.42495cab
alt-svc
h3=":443"; ma=93600
content-length
1143
x-ms-lease-status
unlocked
last-modified
Thu, 09 Nov 2023 08:38:21 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DBE0FF3B370899
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
6b834b66-801e-00c6-6bba-b9cf2d000000
cache-control
public, no-transform, max-age=335152
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
Passport.aspx
www.bing.com/secure/ Frame 1D5C
Redirect Chain
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1719902500&rver=6.0.5286.0&wp=MBI_SSL&wreply=https:%2F%2fwww.bing.com%2Fsecure%2FPassport.aspx%3Fpopup%3D1%26ssl%3D1&lc=3081&id=264960&che...
  • https://www.bing.com/secure/Passport.aspx?popup=1&ssl=1
0
0
Document
General
Full URL
https://www.bing.com/secure/Passport.aspx?popup=1&ssl=1
Requested by
Host: r.bing.com
URL: https://r.bing.com/rp/3kaLdUGF8ruB6UiNcDOjP75mSAM.gz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:36::212:4016 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=93600
cache-control
no-cache,no-store
content-encoding
gzip
content-length
312
content-security-policy-report-only
script-src https: 'strict-dynamic' 'report-sample' 'nonce-/Pp6UVpUfrvUxfIL6a/XLoMJhe1w+8adJF8d1Y8E/aI='; base-uri 'self';report-to csp-endpoint
content-type
text/html; charset=utf-8
date
Tue, 02 Jul 2024 06:41:42 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
pragma
no-cache
report-to
{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
useragentreductionoptout
A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
vary
Accept-Encoding
x-cdn-traceid
0.56b31402.1719902502.94861b0d
x-eventid
6683a1265bb44fd3ac27ee5e6c556aa6
x-msedge-ref
Ref A: 4CDC707DAF7D45FA98DC07B58AACE3AF Ref B: FRA31EDGE0606 Ref C: 2024-07-02T06:41:42Z

Redirect headers

Cache-Control
no-store, no-cache
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Tue, 02 Jul 2024 06:41:41 GMT
Expires
Tue, 02 Jul 2024 06:40:42 GMT
Location
https://www.bing.com/secure/Passport.aspx?popup=1&ssl=1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
PPServer
PPV: 30 H: PH1PEPF00011E5A V: 0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
x-ms-request-id
0f98159d-a71e-4c8f-ad16-f381e44bee38
x-ms-route-info
C529_BAY
test
www2.bing.com/ipv6test/
0
0

test
tt2-plain-bonus-108a.oiudasi6.workers.dev/ipv6test/
64 B
2 KB
XHR
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/ipv6test/test?FORM=MONITR
Requested by
Host: r.bing.com
URL: https://r.bing.com/rp/W8bLYGpay8IFp3H_SrUDKaBAn30.gz.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2ba8fccfc980bcc8fc24e7a41bfcfee88cca9331c8d4d62890d7dfab4a12226

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:42 GMT
content-encoding
br
cf-cache-status
DYNAMIC
content-security-policy-report-only
script-src https: 'strict-dynamic' 'report-sample' 'nonce-1npt5plAb8T/nCa1FMdiOwXU86tjDgjspYFv9JB1/K4='; base-uri 'self';report-to csp-endpoint
p3p
CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
alt-svc
h3=":443"; ma=86400
pragma
no-cache
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
server
cloudflare
x-cdn-traceid
0.07d01702.1719902502.c8d5ae3
vary
Accept-Encoding
report-to
{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
content-type
text/html; charset=utf-8
x-eventid
6683a12633144c549670a182023ba255
cache-control
no-cache, no-store, must-revalidate
useragentreductionoptout
A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
cf-ray
89cca6ce78dbbbf5-FRA
expires
-1
g2mFaePdYzQOubI8JEItbebrED8.gz.css
r.bing.com/rp/
824 B
422 B
Stylesheet
General
Full URL
https://r.bing.com/rp/g2mFaePdYzQOubI8JEItbebrED8.gz.css
Requested by
Host: r.bing.com
URL: https://r.bing.com/rs/6r/lz/nj/pxzfjFIjWTDQikh0A5aT_cguYyc.js?or=w
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
21829c74fce2c9bbbb3099a7a487de71465ed712410c32bc6c69884db07a90dd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 04 Jul 2024 04:38:14 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:42 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
3/vZUXOW4wNHGLr6SU0xpQ==
akamai-grn
0.1ed854b8.1719902502.42495e6f
alt-svc
h3=":443"; ma=93600
content-length
389
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:01:02 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A7668AEE2D1
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
9b6c8958-c01e-000c-0f55-c693a4000000
cache-control
public, no-transform, max-age=165392
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
_ykiGO1K5rjAQeICdJheT3jfLeY.gz.css
r.bing.com/rp/
589 B
334 B
Stylesheet
General
Full URL
https://r.bing.com/rp/_ykiGO1K5rjAQeICdJheT3jfLeY.gz.css
Requested by
Host: r.bing.com
URL: https://r.bing.com/rs/6r/lz/nj/pxzfjFIjWTDQikh0A5aT_cguYyc.js?or=w
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
281d6234fd292800c2a5dbd14e524c9cee0d4438188b0b7d873abf41515a7666

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 03 Jul 2024 03:30:35 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:42 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
HJS5PMy7uv8AUjv1kxMX/A==
akamai-grn
0.1ed854b8.1719902502.42495e70
alt-svc
h3=":443"; ma=93600
content-length
301
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:00:47 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A765FC637D2
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
9b0f6ed5-a01e-0078-32bd-b5a754000000
cache-control
public, no-transform, max-age=74933
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
VbSztIaSY8XAi9dm3h6m51N3zH8.gz.css
r.bing.com/rp/
610 B
357 B
Stylesheet
General
Full URL
https://r.bing.com/rp/VbSztIaSY8XAi9dm3h6m51N3zH8.gz.css
Requested by
Host: r.bing.com
URL: https://r.bing.com/rs/6r/lz/nj/pxzfjFIjWTDQikh0A5aT_cguYyc.js?or=w
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ef156b16fdcf73f670e7d402d4e7980f6558609a39195729f7a144f2d7329bf3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 03 Jul 2024 22:17:10 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:42 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
laLCKUkbFiJ5cNd0Ixnxvg==
akamai-grn
0.95257e68.1719613247.295f4ad2, 0.1ed854b8.1719902502.42495e71
alt-svc
h3=":443"; ma=93600
content-length
323
x-ms-lease-status
unlocked
last-modified
Mon, 01 May 2023 19:00:33 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4A7657845BC1
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
28bd10a7-901e-00a6-6b31-9bf234000000
cache-control
public, no-transform, max-age=142528
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
tPLNa5UcMaQEzzg0acZfPM45N6I.gz.css
r.bing.com/rp/
2 KB
1 KB
Stylesheet
General
Full URL
https://r.bing.com/rp/tPLNa5UcMaQEzzg0acZfPM45N6I.gz.css
Requested by
Host: r.bing.com
URL: https://r.bing.com/rs/6r/lz/nj/pxzfjFIjWTDQikh0A5aT_cguYyc.js?or=w
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
dadf403df8cfe888e59e6a051aee3783a2bf0bcc60dc1d09a7797daaee726ca2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 06 Jul 2024 08:05:32 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:42 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
WX/sslb8tPUCRYKUX1pQ4A==
akamai-grn
0.1ed854b8.1719902502.42495e72
alt-svc
h3=":443"; ma=93600
content-length
1341
x-ms-lease-status
unlocked
last-modified
Wed, 14 Feb 2024 22:53:54 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC2DAFD2397761
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
981e0b35-b01e-0016-2755-a9f27b000000
cache-control
public, no-transform, max-age=350630
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
Pjj829CwRyC-8v2EBV3taqJnwMs.gz.js
r.bing.com/rp/
9 KB
4 KB
Script
General
Full URL
https://r.bing.com/rp/Pjj829CwRyC-8v2EBV3taqJnwMs.gz.js
Requested by
Host: r.bing.com
URL: https://r.bing.com/rs/6r/lz/nj/pxzfjFIjWTDQikh0A5aT_cguYyc.js?or=w
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.86.251.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-30.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
62064f220d628c1d64c67d806b85885dafc7c5679c835b216c9d87bfd58c63b6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Origin
https://tt2-plain-bonus-108a.oiudasi6.workers.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 03 Jul 2024 23:48:11 GMT
x-ms-blob-type
BlockBlob
date
Tue, 02 Jul 2024 06:41:42 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
KeVhOS1yqzShEX4dGW4/8g==
akamai-grn
0.1ed854b8.1719902502.42495e6e
alt-svc
h3=":443"; ma=93600
content-length
3612
x-ms-lease-status
unlocked
last-modified
Fri, 28 Jun 2024 19:06:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC97A57C717D0C
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
80f347e9-501e-006c-6eb5-c9ef3b000000
cache-control
public, no-transform, max-age=147989
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
0x00000001
l
tt2-plain-bonus-108a.oiudasi6.workers.dev/fd/ls/
0
456 B
Image
General
Full URL
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&Type=Event.ClientInst&DATA=[{%22T%22:%22CI.BM%22,%22FID%22:%22CI%22,%22Name%22:%22HV%22}]
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 06:41:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-cdn-traceid
0.0cd01702.1719902502.1ee81ce8
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HD88B5QpOTMZIwTcYxJo3su3gRWCCHfVsbgHEnuimMd1qQhNGiLR%2Bz%2BwpNAF2zDrejD4YZH0pzeRNwPRNQsmEo9nikTgEjDDttcvc%2Fcg13rPLpap%2FQ2mowWkGg6W1zlEjaTM%2BYfzl0ik9LeUnmISpgr2xkRs5rdiW%2BTG5g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
89cca6ce88e9bbf5-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
l
tt2-plain-bonus-108a.workers.dev/fd/ls/
0
0

l
tt2-plain-bonus-108a.workers.dev/fd/ls/
0
0

l
tt2-plain-bonus-108a.workers.dev/fd/ls/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
assets.msn.com
URL
https://assets.msn.com/bundles/v1/bingHomepage/latest/widget-initializer.js
Domain
tt2-plain-bonus-108a.workers.dev
URL
https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1719902500768%2C%22Name%22%3A%22Base%22%2C%22FID%22%3A%22CI%22%7D%2C%7B%22width%22%3A%221600%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1719902500768%2C%22Name%22%3A%22XW%22%2C%22FID%22%3A%22BRW%22%7D%2C%7B%22height%22%3A%221200%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1719902500769%2C%22Name%22%3A%22T%22%2C%22FID%22%3A%22BRH%22%7D%2C%7B%22RawDPR%22%3A%221.0%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1719902500769%2C%22Name%22%3A%221.0%22%2C%22FID%22%3A%22DPR%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1719902500769%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DM%22%7D%2C%7B%22time%22%3A2035%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1719902501379%2C%22Name%22%3A%22WelcomeGreeting%22%2C%22FID%22%3A%22HP%22%7D%5D
Domain
tt2-plain-bonus-108a.workers.dev
URL
https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fcarousel%3F%26format%3Djson%26ecount%3D20%26efirst%3D0%26%26%22%2C%22format%22%3A%22json%22%2C%22time%22%3A2083%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1719902501427%2C%22Name%22%3A%22requested%22%2C%22FID%22%3A%22HP%22%7D%5D
Domain
tt2-plain-bonus-108a.workers.dev
URL
https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useDynamicModules%22%2C%22module%22%3A%22rms-answers-HomepageVNext-PeregrineWidgets%22%2C%22error%22%3A%22%22%2C%22time%22%3A2099%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1719902501443%2C%22Name%22%3A%22Importing%22%2C%22FID%22%3A%22HP%22%7D%5D
Domain
tt2-plain-bonus-108a.workers.dev
URL
https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fmodel%22%2C%22format%22%3A%22json%22%2C%22time%22%3A2117%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1719902501460%2C%22Name%22%3A%22requested%22%2C%22FID%22%3A%22HP%22%7D%5D
Domain
tt2-plain-bonus-108a.workers.dev
URL
https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fmodel%22%2C%22format%22%3A%22json%22%2C%22status%22%3A200%2C%22time%22%3A2146%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1719902501489%2C%22Name%22%3A%22fetched%22%2C%22FID%22%3A%22HP%22%7D%5D
Domain
tt2-plain-bonus-108a.workers.dev
URL
https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fcarousel%3F%26format%3Djson%26ecount%3D20%26efirst%3D0%26%26%22%2C%22format%22%3A%22json%22%2C%22status%22%3A200%2C%22time%22%3A2152%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1719902501496%2C%22Name%22%3A%22fetched%22%2C%22FID%22%3A%22HP%22%7D%5D
Domain
tt2-plain-bonus-108a.workers.dev
URL
https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useDynamicModules%22%2C%22module%22%3A%22rms-answers-HomepageVNext-PeregrineWidgets%22%2C%22error%22%3A%22TypeError%3A%20Failed%20to%20fetch%20dynamically%20imported%20module%3A%20https%3A%2F%2Fassets.msn.com%2Fbundles%2Fv1%2FbingHomepage%2Flatest%2Fwidget-initializer.js%22%2C%22time%22%3A2190%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1719902501533%2C%22Name%22%3A%22ImportError%22%2C%22FID%22%3A%22HP%22%7D%5D
Domain
tt2-plain-bonus-108a.workers.dev
URL
https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fmodel%22%2C%22format%22%3A%22json%22%2C%22time%22%3A2191%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1719902501535%2C%22Name%22%3A%22parsed%22%2C%22FID%22%3A%22HP%22%7D%5D
Domain
tt2-plain-bonus-108a.workers.dev
URL
https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22time%22%3A2192%2C%22T%22%3A%22CI.Error%22%2C%22TS%22%3A1719902501536%2C%22Name%22%3A%22ImportedWidgetModuleErrorEvent%22%2C%22FID%22%3A%22HP%22%7D%5D
Domain
tt2-plain-bonus-108a.workers.dev
URL
https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fmomentsintime%3Fformat%3Djson%26ssd%3D20240701_0700%26%22%2C%22format%22%3A%22json%22%2C%22time%22%3A2217%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1719902501561%2C%22Name%22%3A%22requested%22%2C%22FID%22%3A%22HP%22%7D%5D
Domain
tt2-plain-bonus-108a.workers.dev
URL
https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fimagegallery%3Fformat%3Djson%26ssd%3D20240701_0700%26%22%2C%22format%22%3A%22json%22%2C%22time%22%3A2219%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1719902501562%2C%22Name%22%3A%22requested%22%2C%22FID%22%3A%22HP%22%7D%5D
Domain
tt2-plain-bonus-108a.workers.dev
URL
https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fcarousel%3F%26format%3Djson%26ecount%3D20%26efirst%3D0%26%26%22%2C%22format%22%3A%22json%22%2C%22time%22%3A2220%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1719902501563%2C%22Name%22%3A%22parsed%22%2C%22FID%22%3A%22HP%22%7D%5D
Domain
tt2-plain-bonus-108a.workers.dev
URL
https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22carousel%22%2C%22count%22%3A1%2C%22time%22%3A2443%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1719902501786%2C%22Name%22%3A%22fetched%22%2C%22FID%22%3A%22HP%22%7D%5D
Domain
tt2-plain-bonus-108a.workers.dev
URL
https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fmomentsintime%3Fformat%3Djson%26ssd%3D20240701_0700%26%22%2C%22format%22%3A%22json%22%2C%22status%22%3A200%2C%22time%22%3A2449%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1719902501792%2C%22Name%22%3A%22fetched%22%2C%22FID%22%3A%22HP%22%7D%5D
Domain
tt2-plain-bonus-108a.workers.dev
URL
https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fimagegallery%3Fformat%3Djson%26ssd%3D20240701_0700%26%22%2C%22format%22%3A%22json%22%2C%22status%22%3A200%2C%22time%22%3A2452%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1719902501796%2C%22Name%22%3A%22fetched%22%2C%22FID%22%3A%22HP%22%7D%5D
Domain
tt2-plain-bonus-108a.workers.dev
URL
https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22Count%22%3A20%2C%22time%22%3A2453%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1719902501797%2C%22Name%22%3A%22ProactiveTrendingNowTiles%22%2C%22FID%22%3A%22HP%22%7D%5D
Domain
tt2-plain-bonus-108a.workers.dev
URL
https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fmomentsintime%3Fformat%3Djson%26ssd%3D20240701_0700%26%22%2C%22format%22%3A%22json%22%2C%22time%22%3A2480%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1719902501823%2C%22Name%22%3A%22parsed%22%2C%22FID%22%3A%22HP%22%7D%5D
Domain
tt2-plain-bonus-108a.workers.dev
URL
https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fimagegallery%3Fformat%3Djson%26ssd%3D20240701_0700%26%22%2C%22format%22%3A%22json%22%2C%22time%22%3A2481%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1719902501825%2C%22Name%22%3A%22parsed%22%2C%22FID%22%3A%22HP%22%7D%5D
Domain
www2.bing.com
URL
https://www2.bing.com/ipv6test/test
Domain
tt2-plain-bonus-108a.workers.dev
URL
https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.ClientInst%22%2C%22TS%22%3A1719902501970%2C%22Name%22%3A%22OrgId%22%2C%22FID%22%3A%22NoSignInAttempt%22%7D%2C%7B%22correlationId%22%3A%226683a123ed764aa39712ac60ae4af8ca%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1719902502001%2C%22Name%22%3A%22loadJsModule%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22correlationId%22%3A%226683a123ed764aa39712ac60ae4af8ca%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1719902502002%2C%22Name%22%3A%22undirectflow%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22Fallback%22%3A%221%22%2C%22IsRewardUser%22%3A%22%22%2C%22IsAutoOpenFlyout%22%3A%22%22%2C%22SuppressionReason%22%3A%22NoTrigger%3APathIsNotSerp%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AutoOpenFlyoutFired%22%2C%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1719902502165%2C%22Name%22%3A%22AutoOpenFlyoutFired%22%7D%5D
Domain
tt2-plain-bonus-108a.workers.dev
URL
https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22Fallback%22%3A%221%22%2C%22ShowAnimation%22%3A%22%22%2C%22RedDotAnimation%22%3A%22true%22%2C%22RedemptionAnimationState%22%3A%22%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AnimationLoad%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1719902502168%2C%22Name%22%3A%22AnimationLoad%22%7D%5D
Domain
tt2-plain-bonus-108a.workers.dev
URL
https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22Error%22%3A%22JSONP%20call%20resulted%20in%20error.%22%2C%22T%22%3A%22CI.ipv6test%22%2C%22TS%22%3A1719902502204%2C%22Name%22%3A%22IPv6TestError%22%2C%22FID%22%3A%22IPv6Test%20Dom_%20www2%22%7D%5D

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 undefined| event object| fence object| sharedStorage object| img_p object| preloadBg function| si_T object| _G string| curUrl object| _model object| _vs object| si_ST object| _H object| _w object| _d boolean| sb_ie boolean| sb_i6 function| _ge function| _qs function| sb_st function| sb_rst function| sb_ct function| sb_gt function| sj_gx function| sj_ce object| sj_cook function| sk_merge object| ChatMergeLogHelper string| bbe object| amd function| define function| require function| fb_is object| rms object| sj_evt function| sj_jb function| sj_wf function| sj_pd function| sj_sp function| sj_be function| sj_go function| sj_ev function| sj_ue function| sj_et object| Log function| sj_mo function| sj_so function| lb function| si_sbwu object| ClTrCo number| ctcc object| clc object| SerpMode function| si_ct object| perf function| si_PP function| PostloadResources function| getBrowserWidth_Desk function| getBrowserHeight_Desk function| getBrowserScrollWidth_Desk function| getBrowserScrollHeight_Desk number| WResizeCNT number| WResizeTS string| DMMode object| ClientObserver object| SAUpsellTrigger object| sa_config object| sa_loc function| sa_loader boolean| sa_eL object| ipd object| BM object| Identity number| wlc_d number| wlc_t boolean| wlc_wfa function| FallBackToDefaultProfilePic object| BingAtWork string| data_iid object| Lib object| bepcfg function| __spreadArray object| LightLogger object| sch object| customEvents object| fallbackReplay object| EventLoggingModule function| sj_anim function| sj_fader object| EventsToDuplicate boolean| useSharedLocalStorage object| sj_b object| sb_de function| sj_mi function| sj_we function| sj_lc function| sb_si function| sj_ic function| sj_fa boolean| LogUploadCapFeatureEnabled object| InstLogQueueKeyFetcher object| Shared2 function| sj_log2 function| cspi_log object| LogAccessibilityEvents function| mcp_banner function| importShim object| msal undefined| _esmsi object| preact object| preactHooks function| __assign function| __rest function| __awaiter function| __generator function| __extends function| OutlinePolyfil object| SpeechSDK object| Bnp object| Feedback function| sj_appHTML function| sj_ajax object| lirab undefined| liraa object| ShareDialogConfig object| ShareDialog string| wln function| wlc object| SsoFrame object| AccountLink object| RewardsHeaderSVG function| sj_rra object| RewardsCreditRefresh object| ModernRewards function| RewardsReportActivity object| IPv6Tests object| bepns

18 Cookies

Domain/Path Name / Value
tt2-plain-bonus-108a.oiudasi6.workers.dev/ Name: MUIDB
Value: 23CCA27FC0B46BC20237B6CFC1DC6A39
.login.microsoftonline.com/ Name: esctx-6rEEe1YKhY
Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMY3ZeFWcjx9mp7OO3H9l7aC6Uq_28n3Erkm0ZiARpvtZ8B8ykJchtIi_qwXM9KJ0E8Ao8hfRq2_SbJhxq6XKBvg9pupXYvzICM-S5Iv8m_SSCC4naDxMwUEmgIqCIIHrnnZGAd9dSbQ1Gq78BXlmu9TyAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMYFzj8ddIyXXSNahCxOw98b1aYXVjFrDkMg0kuAuj3LRWEzIrBCVYE7kOwiZxcYMMuvEWML4RjuOTzhdNgFzPX_2EcT6xz8GON_qe_s9lGT2e2uhzV_miQDa2wcLf1H5z_GuHBem4D9p2vJMv6YKwMoaVIlFAyDUYMLIuVNBSKxGMgAA
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.live.com/ Name: uaid
Value: fdd4f9df280e417e8d0e20a390357af5
.login.live.com/ Name: MSPRequ
Value: id=264960&lt=1719902502&co=1
.login.live.com/ Name: OParams
Value: 11O.DqfRta9whaxJ4v8UdpK7fVAwsp2D0HvIU43nO!zuw9GyYI0Z8gkvYKWuA6L5BxzlPX6hXUxN2AaFLk3t1wtzXEmpxNBZ*BnfLlee3IpkF21NHijvGIUC*ELHe2BDHrQCdk8bg9VhS9BiJ6UEieuDhpR60mkdBEVfU*UFR9n9C38DTMx6FFufiWHuo2vtCIisPfs3begisayIix4N0asAQpTudzgP0JU8KHGUQ9E0OmYsHVRr6!tKdln!Jwuq!0hkxDeZ8zO!viZEKnsar6JoDCzmRVSA2tXz!ogcvh6ZJzJV0VQpzqe4psMzc*m8g5N9OlMWe!R2wg!kuyPrzYAq2JI$
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.AS8AMe_N-B6jSkuT5F9XHpElWnmtoZ62_ZpPi8MrcPluNMcBAAA.AQABGgEAAAApTwJmzXqdR4BN2miheQMYVU8zs_39IEhrjycaM9MykdCnwjgqOjUx5E9pAbe5KR1vXNVkVNwT-DRvI50rdWr27TfmZXC-DlyxWrZ5DVblGRuFkTrmS_LIsT4QkPuzP2sgAA
login.microsoftonline.com/ Name: fpc
Value: Ahmb2KafjzNDtvs52IvZKU6CeMQLAQAAACaYFd4OAAAA
.bing.com/ Name: MUID
Value: 2D63CB955539691E3630DF2554B268DA
.bing.com/ Name: SRCHD
Value: AF=NOFORM
.bing.com/ Name: SRCHUID
Value: V=2&GUID=2F7F9A263B0D4790862877BD1FA7005B&dmnchg=1
.bing.com/ Name: SRCHUSR
Value: DOB=20240702
.bing.com/ Name: _SS
Value: SID=0CAFB6E79EA961B72A8BA2579F2260E5
.bing.com/ Name: SRCHHPGUSR
Value: SRCHLANG=en

28 Console Messages

Source Level URL
Text
security error URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Message:
[Report Only] Refused to load the script 'https://r.bing.com/rp/ICf9X-WMafiZOnS_3M9RpM8994E.gz.js' because it violates the following Content Security Policy directive: "script-src https: 'strict-dynamic' 'report-sample' 'nonce-GmhtOAC7xEgdHSnw4gYPAmyX5sIbNsgyqsnlZtNyEqY='". Note that 'strict-dynamic' is present, so host-based allowlisting is disabled. Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
other warning URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Message:
A preload for 'https://r.bing.com/rp/ICf9X-WMafiZOnS_3M9RpM8994E.gz.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
network error URL: https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1719902500768%2C%22Name%22%3A%22Base%22%2C%22FID%22%3A%22CI%22%7D%2C%7B%22width%22%3A%221600%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1719902500768%2C%22Name%22%3A%22XW%22%2C%22FID%22%3A%22BRW%22%7D%2C%7B%22height%22%3A%221200%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1719902500769%2C%22Name%22%3A%22T%22%2C%22FID%22%3A%22BRH%22%7D%2C%7B%22RawDPR%22%3A%221.0%22%2C%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1719902500769%2C%22Name%22%3A%221.0%22%2C%22FID%22%3A%22DPR%22%7D%2C%7B%22T%22%3A%22CI.Info%22%2C%22TS%22%3A1719902500769%2C%22Name%22%3A%220%22%2C%22FID%22%3A%22DM%22%7D%2C%7B%22time%22%3A2035%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1719902501379%2C%22Name%22%3A%22WelcomeGreeting%22%2C%22FID%22%3A%22HP%22%7D%5D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useDynamicModules%22%2C%22module%22%3A%22rms-answers-HomepageVNext-PeregrineWidgets%22%2C%22error%22%3A%22%22%2C%22time%22%3A2099%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1719902501443%2C%22Name%22%3A%22Importing%22%2C%22FID%22%3A%22HP%22%7D%5D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fcarousel%3F%26format%3Djson%26ecount%3D20%26efirst%3D0%26%26%22%2C%22format%22%3A%22json%22%2C%22time%22%3A2083%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1719902501427%2C%22Name%22%3A%22requested%22%2C%22FID%22%3A%22HP%22%7D%5D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fmodel%22%2C%22format%22%3A%22json%22%2C%22time%22%3A2117%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1719902501460%2C%22Name%22%3A%22requested%22%2C%22FID%22%3A%22HP%22%7D%5D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript error URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Message:
Access to script at 'https://assets.msn.com/bundles/v1/bingHomepage/latest/widget-initializer.js' from origin 'https://tt2-plain-bonus-108a.oiudasi6.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://assets.msn.com/bundles/v1/bingHomepage/latest/widget-initializer.js
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fcarousel%3F%26format%3Djson%26ecount%3D20%26efirst%3D0%26%26%22%2C%22format%22%3A%22json%22%2C%22status%22%3A200%2C%22time%22%3A2152%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1719902501496%2C%22Name%22%3A%22fetched%22%2C%22FID%22%3A%22HP%22%7D%5D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fmodel%22%2C%22format%22%3A%22json%22%2C%22status%22%3A200%2C%22time%22%3A2146%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1719902501489%2C%22Name%22%3A%22fetched%22%2C%22FID%22%3A%22HP%22%7D%5D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fmodel%22%2C%22format%22%3A%22json%22%2C%22time%22%3A2191%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1719902501535%2C%22Name%22%3A%22parsed%22%2C%22FID%22%3A%22HP%22%7D%5D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useDynamicModules%22%2C%22module%22%3A%22rms-answers-HomepageVNext-PeregrineWidgets%22%2C%22error%22%3A%22TypeError%3A%20Failed%20to%20fetch%20dynamically%20imported%20module%3A%20https%3A%2F%2Fassets.msn.com%2Fbundles%2Fv1%2FbingHomepage%2Flatest%2Fwidget-initializer.js%22%2C%22time%22%3A2190%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1719902501533%2C%22Name%22%3A%22ImportError%22%2C%22FID%22%3A%22HP%22%7D%5D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22time%22%3A2192%2C%22T%22%3A%22CI.Error%22%2C%22TS%22%3A1719902501536%2C%22Name%22%3A%22ImportedWidgetModuleErrorEvent%22%2C%22FID%22%3A%22HP%22%7D%5D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fmomentsintime%3Fformat%3Djson%26ssd%3D20240701_0700%26%22%2C%22format%22%3A%22json%22%2C%22time%22%3A2217%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1719902501561%2C%22Name%22%3A%22requested%22%2C%22FID%22%3A%22HP%22%7D%5D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fimagegallery%3Fformat%3Djson%26ssd%3D20240701_0700%26%22%2C%22format%22%3A%22json%22%2C%22time%22%3A2219%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1719902501562%2C%22Name%22%3A%22requested%22%2C%22FID%22%3A%22HP%22%7D%5D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fcarousel%3F%26format%3Djson%26ecount%3D20%26efirst%3D0%26%26%22%2C%22format%22%3A%22json%22%2C%22time%22%3A2220%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1719902501563%2C%22Name%22%3A%22parsed%22%2C%22FID%22%3A%22HP%22%7D%5D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fimagegallery%3Fformat%3Djson%26ssd%3D20240701_0700%26%22%2C%22format%22%3A%22json%22%2C%22status%22%3A200%2C%22time%22%3A2452%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1719902501796%2C%22Name%22%3A%22fetched%22%2C%22FID%22%3A%22HP%22%7D%5D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22Count%22%3A20%2C%22time%22%3A2453%2C%22T%22%3A%22CI.Show%22%2C%22TS%22%3A1719902501797%2C%22Name%22%3A%22ProactiveTrendingNowTiles%22%2C%22FID%22%3A%22HP%22%7D%5D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fmomentsintime%3Fformat%3Djson%26ssd%3D20240701_0700%26%22%2C%22format%22%3A%22json%22%2C%22status%22%3A200%2C%22time%22%3A2449%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1719902501792%2C%22Name%22%3A%22fetched%22%2C%22FID%22%3A%22HP%22%7D%5D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22carousel%22%2C%22count%22%3A1%2C%22time%22%3A2443%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1719902501786%2C%22Name%22%3A%22fetched%22%2C%22FID%22%3A%22HP%22%7D%5D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other warning URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/rp/Qv0Qmkr6gTkjO7zSw-CS-5ZVfHE.gz.js
Message:
A preload for 'https://r.bing.com/rp/ICf9X-WMafiZOnS_3M9RpM8994E.gz.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
network error URL: https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fimagegallery%3Fformat%3Djson%26ssd%3D20240701_0700%26%22%2C%22format%22%3A%22json%22%2C%22time%22%3A2481%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1719902501825%2C%22Name%22%3A%22parsed%22%2C%22FID%22%3A%22HP%22%7D%5D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22func%22%3A%22useFetch%22%2C%22url%22%3A%22%2Fhp%2Fapi%2Fv1%2Fmomentsintime%3Fformat%3Djson%26ssd%3D20240701_0700%26%22%2C%22format%22%3A%22json%22%2C%22time%22%3A2480%2C%22T%22%3A%22CI.Data%22%2C%22TS%22%3A1719902501823%2C%22Name%22%3A%22parsed%22%2C%22FID%22%3A%22HP%22%7D%5D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.ClientInst%22%2C%22TS%22%3A1719902501970%2C%22Name%22%3A%22OrgId%22%2C%22FID%22%3A%22NoSignInAttempt%22%7D%2C%7B%22correlationId%22%3A%226683a123ed764aa39712ac60ae4af8ca%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1719902502001%2C%22Name%22%3A%22loadJsModule%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22correlationId%22%3A%226683a123ed764aa39712ac60ae4af8ca%22%2C%22T%22%3A%22CI.acclink%22%2C%22TS%22%3A1719902502002%2C%22Name%22%3A%22undirectflow%22%2C%22FID%22%3A%22init%22%7D%2C%7B%22Fallback%22%3A%221%22%2C%22IsRewardUser%22%3A%22%22%2C%22IsAutoOpenFlyout%22%3A%22%22%2C%22SuppressionReason%22%3A%22NoTrigger%3APathIsNotSerp%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AutoOpenFlyoutFired%22%2C%22T%22%3A%22CI.Init%22%2C%22TS%22%3A1719902502165%2C%22Name%22%3A%22AutoOpenFlyoutFired%22%7D%5D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22Fallback%22%3A%221%22%2C%22ShowAnimation%22%3A%22%22%2C%22RedDotAnimation%22%3A%22true%22%2C%22RedemptionAnimationState%22%3A%22%22%2C%22FID%22%3A%22ModernRewardsFlyout%22%2C%22EventName%22%3A%22AnimationLoad%22%2C%22T%22%3A%22CI.Load%22%2C%22TS%22%3A1719902502168%2C%22Name%22%3A%22AnimationLoad%22%7D%5D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://www2.bing.com/ipv6test/test
Message:
Failed to load resource: net::ERR_SSL_VERSION_OR_CIPHER_MISMATCH
network error URL: https://tt2-plain-bonus-108a.workers.dev/fd/ls/l?IG=202968DFC88343DA8E95DA4FDC6A64CE&CID=23CCA27FC0B46BC20237B6CFC1DC6A39&TYPE=Event.ClientInst&DATA=%5B%7B%22Error%22%3A%22JSONP%20call%20resulted%20in%20error.%22%2C%22T%22%3A%22CI.ipv6test%22%2C%22TS%22%3A1719902502204%2C%22Name%22%3A%22IPv6TestError%22%2C%22FID%22%3A%22IPv6Test%20Dom_%20www2%22%7D%5D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript warning URL: https://tt2-plain-bonus-108a.oiudasi6.workers.dev/
Message:
The resource https://r.bing.com/rp/ICf9X-WMafiZOnS_3M9RpM8994E.gz.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.msn.com
login.live.com
login.microsoftonline.com
r.bing.com
tt2-plain-bonus-108a.oiudasi6.workers.dev
tt2-plain-bonus-108a.workers.dev
www.bing.com
www2.bing.com
assets.msn.com
tt2-plain-bonus-108a.workers.dev
www2.bing.com
172.67.167.127
184.86.251.30
20.190.159.68
2603:1026:3000:c8::b
2606:4700:3034::ac43:a77f
2a02:26f0:480:36::212:4016
04a007926a68bb33e36202eb27f53882af7fd009c1ec3ad7177fba380a5fb96f
04cc58c5199eed182da29c989c348bb02cc99875813c907a10967accfe201768
04d7b4a62aeedba064406b5c82ceb52f06349104433756698471a7ac34729a31
06b77ee16a2cd34acd210b4f2b6e423762ea8874bb26ae5a37db9dd01a00ff70
0902692225cf325455e896941a7def89a27e00efe6f30bea60f1ecf9d9651483
0977ef68c1c4dd7f6759e2c9d200eb67490cd578a3013065a1aa43c893658cae
0bd4e3aff07fa67e913ddcab8cf93980a472626a9c6043da546253700f344d52
0fe549864979dbffac8705503e30c6ce1c2abbbdcafa4bc3e5f0dfbcebe16568
1562669ad323019cda49a6cf3bddece1672282e7275f9d963031b30ea845ffb2
15ed1579bccf1571a7d8b888226e9fe455aca5628684419d1a18f7cda68af89e
161f867ac6d892f67ccef488c16ea0cbc6cf56fb6ebf78d3f9c6f66d17780796
167259fb3f3e87f61085929764418fdb7f8f92f079ff57483aad9c977823d6df
169c0baba6c49cf9e466b7e4bbe326a0ef3de2f251008d975806505cc53b422e
1adef582c859ed9b4f071cd3196b66ac13503c1346176e78837abccb390249a1
20ac7616b957a44e3025699949febba1a8e64890ac87debb28b072212963d575
217acb853dc6e85c93c8bfa3a6c1d75a921a431db1a84cc6bc7e7afd38bf4ad9
21829c74fce2c9bbbb3099a7a487de71465ed712410c32bc6c69884db07a90dd
223558218ec0f80588b4bb4faa13c14e95e1dcb46a74205f27956888d5f167aa
243d212a9ff764ccda9b19c3c823b2f408a0718e56a3e7a8b5b533e108db56cb
281d6234fd292800c2a5dbd14e524c9cee0d4438188b0b7d873abf41515a7666
295335e20be3c34d200a634b7db2581852b69c9c2d80753a669df459558a6567
2afbb98fa020ce609ed3573b6382e18a36b2bafe0ffdb6fdaa92771fd6ff9b3e
2d4a25ad08e943d4ea3f7fa7c1b17350ef6759b8c99fac2501f9b1920f2e9b48
2d790381800ec6ddb18f82658ff2515866a1e3e470b926d46dd8b46ffffa7403
2e3d7e40282f88a732459deea0785aa7a0e3aafb5a77ef36895c7c777cfbf4fb
2f1ea3d6f3e30e3100cdbc4c23e1d44fed626befd9208ff250d30314a90e66d2
33bd503172697a7d135b910b460f49d5f9d21e59c4bf8a9acb27b00b5487286a
342c3dd52a8a456f53093671d8d91f7af5b3299d72d60edb28e4f506368c6467
343ec2ee385eb80cd489788276279cf5aa3895b9890ce37503b814f791b9fb67
36b0e5676d92356ea8ffd12828ca7583c41c4aff88ea7dc76c073bffb73a2036
3c12964a45a9ac93edc9cffd139bbef4fcc5031baa64fd4ef343eb1fd78c73c8
3c6cbb0633c4a64c3ddf59d66d0167478b119b1ae63b1aee85a449ec1b263eeb
3e371f38691430d58c417a3ccb0c9fb4f9f7ed8e92321c42d2cf6b680fb349f9
3eb769b938ad997d255342f5c7387fd67e446319416830c50ecca5b681a01673
3ed65f33193430c0b9db61ffe7f5fe27b29f86a28563992c3afc47d4c22c23d7
3ff1f2d316ffa27fb945344e0186d3dbfebbd3508f9add75666b7e2e397723ad
4252cfde4d8de071f9fa0f6adcff3c8413fd3c4d5e158c872210d593631db2f5
429c376160336dc6f748e45c07ddc068b24635f25a816f9a23d2ac733aad914f
42c5087e51a072979c22f5aba8ecc0c57c46fccd8f8e61311dbdc92b3f3e7596
4460184a4c7d8395c7d228d4f02268c9c2d28494f0c985b48d6691d72d008cb9
47cb84d180c1d6ba7578c379bdc396102043b31233544e25a5a6f738bb425ac9
50cfda32ddc276a38038bfa699f4c27fb340b33562aba84fbd7a172a12eefa4a
543f13a90187beb6441890f93979f00b8efac566716c71d465ee731ba21b7d26
54722cf65ab74a85441a039480691610df079e6dd3316c452667efe4a94ffd39
553d0321189b23dba5f3670ea4bdb552dce0ebb1a3201e3b094e3f04cf08a7fe
5bb552beb00af20a3a39660decabba8520cf53ff43594d1cd923f9217081d169
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
5ff6b0f0620aa14559d5d869dbeb96febc4014051fa7d5df20223b10b35312de
62064f220d628c1d64c67d806b85885dafc7c5679c835b216c9d87bfd58c63b6
643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511
6a818e137ee571651b4bcd8dfc7a4c35977d7fe6e7e80343a5cc3f8e85bba510
6d7a20272af13789aa1f9a56d737ea94fb4637c714356b4f851802669330593f
72deb2e187f8a52261bc64b02f143536ee36416f5c2b8de97b2bc9e0ebcad421
73cb3a9b4b4b6009e31efcf846a4db0999685b932494ee2bc3e44daf0bdeb07c
7474a8b3ff79ef4978d048750414478d0ea5b07b80ef115eff19a032b4d403ec
795e9290718eb62a1fb00646dc738f6a6b715b1171dd54a3d2defa013a74f3da
7c317940549467b3210d2f72da000bac3481abfde3ac5358d398eb64dcbc8532
7c5bb9ca2fa67fe7851d145305e17a8370c4aec9d09f54e0920d32f6148f12fa
7edfdddf8032cbff4286cb3ae77e68f478485bd96cbfc0c8a84852415e10a25c
7f587ba921cf977c6fa590097a5f5b2955737d346225fb0fab0238f8e68c32ea
7f7e3795b60b732ce552ea1b513918ffad7f392059ba44fc1f953276a2851583
83971e2e0422c5bfb6c7b6cea4ee2fbb0ba4203dc37293873c1ec329d99b73e1
88d86fe4ad7534bb5d79d6ceafdc527ade975d07f49a856ce0ee6783161516c3
8b4d85985e62c264c03c88b31e68dbabdcc9bd42f40032a43800902261ff373f
8e572950cbda0558f7b9563ce4f5017e06bc9c262cf487e33927a948f8d78f7f
9062c70fa349e6e953bc7833436fabc098d2371c74627d1bf6565d18a8457781
95afaa120dd81bcdbf0b34d71b457b13e7fd2ac679fadee582f4e081d9edcbe6
95f4d78a736829fc67ad4f9e2cb530ba1295468cb815e1a7df3b7836b26a34b7
9847af03b88766051ce18de4d71c1462ba9eb57be45845af598b0145ff97b7e4
9867a31d0cc012987274839b8d1d9088ffee0035b1f8247bb631025e1c341797
9a267f0e8e6ed42476777f455a879cb8c21cce3b62801fe3ee0f1a057dd8efaf
9a74e6f08fcd7361596c75310cdec58592ada508b955a71f8353f85e27cdb13b
9c4df84d46da7cc013cf9fb07433c6bc40d75f00121993ad51036fcdcdd145bb
9dca95742d5b4f71596ce1cc91ca8cf545011c573fb1cf52104a1db869d9a1cc
9e62f15d7a4562d68e7b0fbfb8b97cdfa32463b7f548837b30a546301f44bb34
9e7f31adb22e67432d230afc9b1060a3fa83bac5688a58483ec8f3de310cd8b9
a2213979f41b2db5bc98b83c893ef643b839dd2381f7f00fb453d4c7bedb3b29
a30facad92aa6735199d47f7787e1a855b529f9596ee18ad096bd0b27c40b2e8
a5b4181611e951faecd6c164d704569c633e95fe68d3d1934b911a089ebf70e8
aa78cdd1bf71a08eed4dde4e72b42415cf5357d4e604c5091d82ce8e5c7e774f
af8c36defed55d79106513865f69933e546e1e4c361e41c29f65905ded009047
b908d312f517d62b6ecf48bd2fcdd83918e098485fe9be42139aec090775fac6
bc39d0c622e84271970c572740e2c597871f51dc8195e1aa942368cb5c2aaf58
c01f1113020ec6201098a6690849ca3df40dcbc0f6fe9c7827fb616bbf8fa05b
c080a3e65377d6591fbebde2cc4d6bd7632a8ee33a67d2d79b9eef1eb7f5301d
c0dd10c9ea3f3615612a444dd5ea8ece9a3bba238b2dca28827da4cb311fb217
c1010a432d5e026a01f865b568d05a78ddbcd6bf99314259391fc38ea7af7e57
c2ba8fccfc980bcc8fc24e7a41bfcfee88cca9331c8d4d62890d7dfab4a12226
c58edf7d15eeaccf55e6a7f39e7b0f1449beb3a9f03aff177aaf70e117bb328d
c88dc47217c6cd40e4779961b9aad8327bd32c2723d8e518f63e10191a44664d
ce0f44ab8b91367d4711f2ac734209447b732f72ef18e9de25f27b3e746783ac
d3b0586664bbcd2dc7996457b38a68a70b938d3bc4efc7978090fd0cd0570ffe
d7213c51946975f61ba549e0b3fa83567c854557c673d56c9dddcccab6fdad0a
d84ccee33a79b925dbf871d4560edea3d47f474a390e8bb433d9892bb39dd993
d9e102f9e838797794078979641d8dca5dc8512cb428dbbd6c382bc587269bdd
da847d9e2d40d76fea2cb1cb6cc6c52af54cd1a8154b1a3b3a20cc669a6fe603
dac8d589b6835cd7ca53316af17d61f225fd51a3746dac9b4f48fa79eca5850e
dadf403df8cfe888e59e6a051aee3783a2bf0bcc60dc1d09a7797daaee726ca2
dc065bf8683425b4f24b5e0271ac77ed583efcca3b3cb6a987cbde358141e371
e05d916cf22b37cc2b463d1780c82db47cef51a1dfc4b381a2cd9f6af9fbced0
e161107d9351b29c17a7db7f57b6a0ccf914c267b71c976807ce0ae71fd24505
e2e4d97c20d4478e8e947480c8f6c71a2c795776d405366be70db82e4ea4ba77
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e412c39a0ba1f89e5c6f010d0bb0e6e6be4fcb30dab67be605dafea43ca7d917
e482bf4baaa167335f326b9b4f4b83e806cc21fb428b988a4932c806d918771c
e90558eb19208ad73f0de1cd9839d0317594bf23da0514f51272bf27183f01da
ec1331a9a683f6d8af59e4674c39289ce88a688fb68ebb74bbc3a1bc502b8099
eefee1182bab4230970b9780e2327ee00d5bcefdf589e4ed0cd13712f4827936
ef156b16fdcf73f670e7d402d4e7980f6558609a39195729f7a144f2d7329bf3
f2c5677d58718ae60f7f4e98351643afeb8ad7fdfe4b2b6af0b7b63108cb7071
f332b88324f67c9deb79ca7d33bd57f161e39567e774e4fdd5c0509205e60b9b
f3af998040f0e9eeb2b050ee53d1e998f52c4dd6f3048b516b2a0d2c1064545c
f8fa36ab6505da51bef5521ef84793391be9c16de5abd6bb99c20fe4d1fb48cf
fc645e1088f23bcc5d6026b7693c4215f3d0d355d3cd747fa12218851f21bee7
fd5483ad8cc2e5851b4d4f1826b693b21129352d41ab1a4a15e6d5fe938b95e1
feaaaeec0e4b14692fbafac182198f3af83a44265b8659eac94b23222644c00b