URL: https://gov.dreamplusgames.com/
Submission: On July 22 via api from US — Scanned from CA

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 57 HTTP transactions. The main IP is 198.11.182.124, located in United States and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is gov.dreamplusgames.com.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on July 9th 2024. Valid for: a year.
This is the only time gov.dreamplusgames.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
37 198.11.182.124 45102 (ALIBABA-C...)
3 8 2a02:6b8::1:119 13238 (YANDEX)
2 14.215.183.79 4134 (CHINANET-...)
2 2a03:2880:f00... 32934 (FACEBOOK)
8 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f10... 32934 (FACEBOOK)
1 35.244.248.121 15169 (GOOGLE)
57 8
Apex Domain
Subdomains
Transfer
45 dreamplusgames.com
gov.dreamplusgames.com
cmp.dreamplusgames.com
activity.dreamplusgames.com
4 MB
6 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 6787
3 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
72 KB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 8226
12 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2503
71 KB
1 mjyx.com
public-tools.mjyx.com — Cisco Umbrella Rank: 779094
431 B
57 7
Domain Requested by
37 gov.dreamplusgames.com gov.dreamplusgames.com
6 mc.yandex.com 2 redirects gov.dreamplusgames.com
mc.yandex.ru
6 cmp.dreamplusgames.com gov.dreamplusgames.com
cmp.dreamplusgames.com
2 www.facebook.com gov.dreamplusgames.com
2 activity.dreamplusgames.com gov.dreamplusgames.com
2 connect.facebook.net gov.dreamplusgames.com
connect.facebook.net
2 hm.baidu.com gov.dreamplusgames.com
2 mc.yandex.ru 1 redirects gov.dreamplusgames.com
1 public-tools.mjyx.com gov.dreamplusgames.com
57 9

This site contains links to these domains. Also see Links.

Domain
www.dreamplusgames.com
Subject Issuer Validity Valid
*.dreamplusgames.com
Encryption Everywhere DV TLS CA - G1
2024-07-09 -
2025-08-02
a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018
2024-05-23 -
2024-11-02
5 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018
2024-07-08 -
2025-08-09
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-04-30 -
2024-07-29
3 months crt.sh
*.mjyx.com
Encryption Everywhere DV TLS CA - G1
2024-01-11 -
2025-02-04
a year crt.sh

This page contains 3 frames:

Primary Page: https://gov.dreamplusgames.com/
Frame ID: EB3F78C235052E52D5880114E6250895
Requests: 59 HTTP requests in this frame

Frame: https://cmp.dreamplusgames.com/
Frame ID: CA4827606198EE6968AEBD1DD9DC6256
Requests: 6 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 68E961163B836309CEDEC40740D3F8D4
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Game of Vampires: Twilight Sun

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

57
Requests

96 %
HTTPS

57 %
IPv6

7
Domains

9
Subdomains

8
IPs

3
Countries

4167 kB
Transfer

4783 kB
Size

22
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10437.Moi4cBUq-ieTeuiyC-f5vhHAhAazU5FRVuaQn1TohXgX4DQPmJ85uBfBFwTZsCc1.OJoIOmZXLY922yNgtYoJ8V0UnTU%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10437.3Lr8sY2l8grLoHi-mnttNqFTJk754LKeTl2HIZ18YC4OrlZl0y69TgAyQ11826eV4eDZKwyyRPsrNwdB-G_AP1DKAlOZadhT4pyq4_mvg4WKpX3X9mBT7B-iXSEuW_uitr_t3iaFMzjRQB3HDyr10Gc9tB_5rCAf9zsmV5vKcdvMntbN6qsawyO2p6seY2n7NGtd69vg-x6_hAkPbzxTh8l-h9WfjUjdFIPkioc09Tg%2C.hZJTqYmkcFxPJMyzZMhOkVLfUfk%2C
Request Chain 64
  • https://mc.yandex.com/watch/97770422?wmode=7&page-url=https%3A%2F%2Fgov.dreamplusgames.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgh60k7s18a5hi3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A1390%3Acn%3A1%3Adp%3A0%3Als%3A1086394594687%3Ahid%3A578730230%3Az%3A-420%3Ai%3A20240721183233%3Aet%3A1721611953%3Ac%3A1%3Arn%3A688818374%3Arqn%3A1%3Au%3A1721611953782844584%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2096%3Awv%3A2%3Ads%3A0%2C413%2C222%2C1%2C0%2C0%2C%2C520%2C0%2C%2C%2C%2C1646%3Aco%3A0%3Acpf%3A1%3Ans%3A1721611950534%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1721611954%3At%3AGame%20of%20Vampires%3A%20Twilight%20Sun&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21561856)ti(1) HTTP 302
  • https://mc.yandex.com/watch/97770422/1?wmode=7&page-url=https%3A%2F%2Fgov.dreamplusgames.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgh60k7s18a5hi3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A1390%3Acn%3A1%3Adp%3A0%3Als%3A1086394594687%3Ahid%3A578730230%3Az%3A-420%3Ai%3A20240721183233%3Aet%3A1721611953%3Ac%3A1%3Arn%3A688818374%3Arqn%3A1%3Au%3A1721611953782844584%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2096%3Awv%3A2%3Ads%3A0%2C413%2C222%2C1%2C0%2C0%2C%2C520%2C0%2C%2C%2C%2C1646%3Aco%3A0%3Acpf%3A1%3Ans%3A1721611950534%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1721611954%3At%3AGame%20of%20Vampires%3A%20Twilight%20Sun&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821561856%29ti%281%29

57 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
gov.dreamplusgames.com/
5 KB
3 KB
Document
General
Full URL
https://gov.dreamplusgames.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
955fc2ad0f270db94e51da0fb0cd50725df7bdb2c1d7e9d25d0a98f0bf1f6359

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Mon, 22 Jul 2024 01:32:31 GMT
Last-Modified
Fri, 19 Jul 2024 02:59:43 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
polyfills-100e0bb2.js
gov.dreamplusgames.com/static/js/
95 KB
95 KB
Script
General
Full URL
https://gov.dreamplusgames.com/static/js/polyfills-100e0bb2.js
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
976e76b64cb323c54359d20d1032941c808251abbbb09a4e81ee9518cb3cb24f

Request headers

Referer
https://gov.dreamplusgames.com/
Origin
https://gov.dreamplusgames.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:31 GMT
Last-Modified
Fri, 19 Jul 2024 02:59:40 GMT
Server
nginx
ETag
"6699d69c-17a22"
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
96802
index-5d564805.js
gov.dreamplusgames.com/static/js/
314 KB
314 KB
Script
General
Full URL
https://gov.dreamplusgames.com/static/js/index-5d564805.js
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
71e28ccf2cc54e15230d31e89907e94ce72f64cd947622c7886a7fe72c0fc804

Request headers

Referer
https://gov.dreamplusgames.com/
Origin
https://gov.dreamplusgames.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:31 GMT
Last-Modified
Fri, 19 Jul 2024 02:59:28 GMT
Server
nginx
ETag
"6699d690-4e6f9"
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
321273
index-ac6ecc05.css
gov.dreamplusgames.com/static/css/
76 KB
36 KB
Stylesheet
General
Full URL
https://gov.dreamplusgames.com/static/css/index-ac6ecc05.css
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
ac6ecc05635cf29b8ce6c352917746bdcdeaa23b2f0d0fd89e25bd09c8542d56

Request headers

Referer
https://gov.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:31 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Jun 2024 09:21:43 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
tag.js
mc.yandex.ru/metrika/
202 KB
70 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
9fc0f105fe1e12a87554e5973a997446b02184422130d16e261e020707d1af5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://gov.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
date
Mon, 22 Jul 2024 01:32:32 GMT
last-modified
Thu, 18 Jul 2024 14:00:06 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"66991fe6-11588"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
71048
expires
Mon, 22 Jul 2024 02:32:32 GMT
hm.js
hm.baidu.com/
29 KB
12 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?88fffb0f9afd943cdbfc833323c1de86
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.183.79 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
fdd9c386d6466e06ecffe442c7b3217da67eff9cb6295cdb719a4d4d2d8b6d13
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://gov.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:33 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
107b3fb0a990c2c404fd5f8233e3c351
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11302
fbevents.js
connect.facebook.net/en_US/
224 KB
60 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/static/js/index-5d564805.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://gov.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 22 Jul 2024 01:32:32 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58677
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=13, mss=1392, tbw=2769, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
1JdZzSBw+/VrJ61/gAbvmkxNadr6pnuICXkbsuQQ6HERoRyWA8KHRpxtxiUoHNxznFsN46GmlwNj3iihrwd99w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
pc-1e5f1ea0.js
gov.dreamplusgames.com/static/js/
9 KB
10 KB
Script
General
Full URL
https://gov.dreamplusgames.com/static/js/pc-1e5f1ea0.js
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/static/js/index-5d564805.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
e99ff429d11894d631c7c53e55c66b178b3c7ed2e4a38594d29b15c4c0b714cc

Request headers

Referer
Origin
https://gov.dreamplusgames.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:32 GMT
Last-Modified
Fri, 19 Jul 2024 02:59:37 GMT
Server
nginx
ETag
"6699d699-259f"
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9631
activityInfo-098ffb85.js
gov.dreamplusgames.com/static/js/
284 KB
284 KB
Script
General
Full URL
https://gov.dreamplusgames.com/static/js/activityInfo-098ffb85.js
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/static/js/index-5d564805.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
2c01ad25fa0068a6876742df36842e25f38166cb46390d787ee565ba7e216830

Request headers

Referer
Origin
https://gov.dreamplusgames.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:32 GMT
Last-Modified
Fri, 19 Jul 2024 02:59:22 GMT
Server
nginx
ETag
"6699d68a-46fa1"
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
290721
activityInfo-2c72048e.css
gov.dreamplusgames.com/static/css/
12 KB
4 KB
Stylesheet
General
Full URL
https://gov.dreamplusgames.com/static/css/activityInfo-2c72048e.css
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/static/js/index-5d564805.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
2c72048ee4f406eaff16d1f166efff0de232e5b6bbf25cc7e56cf0d7aa2b6c1c

Request headers

Referer
https://gov.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:32 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Jun 2024 09:21:41 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
pc-48159b72.css
gov.dreamplusgames.com/static/css/
29 KB
17 KB
Stylesheet
General
Full URL
https://gov.dreamplusgames.com/static/css/pc-48159b72.css
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/static/js/index-5d564805.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
48159b72bdcbef0a49b9c6fac81c1b60a8e392ff9e37ba9967df71dce44f6b7e

Request headers

Referer
https://gov.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 Jul 2024 08:35:17 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
appsflyer.js
gov.dreamplusgames.com/
45 KB
45 KB
Script
General
Full URL
https://gov.dreamplusgames.com/appsflyer.js?v=1721611952565
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/static/js/index-5d564805.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
d62e6e40bc47cc6467c3cc03179f93929b0b93ad7fcecd3e4fe4c0c002fc4645

Request headers

Referer
https://gov.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:32 GMT
Last-Modified
Mon, 03 Jun 2024 09:21:39 GMT
Server
nginx
ETag
"665d8b23-b425"
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46117
/
cmp.dreamplusgames.com/ Frame CA48
3 KB
1 KB
Document
General
Full URL
https://cmp.dreamplusgames.com/
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/static/js/index-5d564805.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8005e9f62b20818daff6e59ab2141119dc24b523277fb14cc744827fb87adb04

Request headers

Referer
https://gov.dreamplusgames.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a6fad72ad8faaf7-YYZ
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 22 Jul 2024 01:32:33 GMT
last-modified
Wed, 28 Feb 2024 12:04:04 GMT
server
cloudflare
vary
Accept-Encoding
get_activity_info
activity.dreamplusgames.com/api/mj/activity/ Frame
0
0
Preflight
General
Full URL
https://activity.dreamplusgames.com/api/mj/activity/get_activity_info?code=gov-mjapp-download&timestamp=1721611952
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gov.dreamplusgames.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credential
true
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://gov.dreamplusgames.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a6fad730eeeabc7-YYZ
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 22 Jul 2024 01:32:33 GMT
server
cloudflare
vary
Accept-Encoding
xdomainrequestallowed
1
banner-3d3d225d.png
gov.dreamplusgames.com/static/png/
196 KB
196 KB
Image
General
Full URL
https://gov.dreamplusgames.com/static/png/banner-3d3d225d.png
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/static/css/pc-48159b72.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
3d3d225d744ca2fa08602fe62da07f4279685870daf1884f74183ee5be572885

Request headers

Referer
https://gov.dreamplusgames.com/static/css/pc-48159b72.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:32 GMT
Last-Modified
Mon, 03 Jun 2024 09:25:49 GMT
Server
nginx
ETag
"665d8c1d-30f14"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
200468
changeLang-b4a841ae.svg
gov.dreamplusgames.com/static/svg/
11 KB
12 KB
Image
General
Full URL
https://gov.dreamplusgames.com/static/svg/changeLang-b4a841ae.svg
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/static/css/pc-48159b72.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
b4a841aeb852766c652de7411cc6e3c91ce85d45dd87e5a05dd57a121ea10fb3

Request headers

Referer
https://gov.dreamplusgames.com/static/css/pc-48159b72.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:32 GMT
Last-Modified
Fri, 12 Jul 2024 08:35:42 GMT
Server
nginx
ETag
"6690eade-2d22"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11554
android-dc0d0fbd.png
gov.dreamplusgames.com/static/png/
6 KB
6 KB
Image
General
Full URL
https://gov.dreamplusgames.com/static/png/android-dc0d0fbd.png
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
dc0d0fbd6598f1b6cfaeb01e67814b6a1f79f99109553390844a7859859e98ee

Request headers

Referer
https://gov.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:32 GMT
Last-Modified
Mon, 03 Jun 2024 09:25:47 GMT
Server
nginx
ETag
"665d8c1b-1824"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6180
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e9ecb934c62c15d3cc7ffa42de7412750ffd31a8fa3546fbd7ebb78bfa10d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
google-ed4db7d1.png
gov.dreamplusgames.com/static/png/
9 KB
9 KB
Image
General
Full URL
https://gov.dreamplusgames.com/static/png/google-ed4db7d1.png
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
ed4db7d195c3733632401d8c5fb028ac9e90a3c0474783ca4fe247f49213a032

Request headers

Referer
https://gov.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:32 GMT
Last-Modified
Mon, 03 Jun 2024 09:26:09 GMT
Server
nginx
ETag
"665d8c31-2201"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8705
gameDesc-4dca613b.png
gov.dreamplusgames.com/static/png/
785 KB
785 KB
Image
General
Full URL
https://gov.dreamplusgames.com/static/png/gameDesc-4dca613b.png
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/static/css/pc-48159b72.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
4dca613b3118fe7ea02992e8b6b86c1938e35e708205ce351cc36404ea232aa7

Request headers

Referer
https://gov.dreamplusgames.com/static/css/pc-48159b72.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:32 GMT
Last-Modified
Mon, 03 Jun 2024 09:26:06 GMT
Server
nginx
ETag
"665d8c2e-c435c"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
803676
truncated
/
722 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99d86682c0182b4dfcbd13ad22a298a2e8db190a06e03773916e1e1952bae216

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
border-3ebbfa9d.png
gov.dreamplusgames.com/static/png/
4 KB
5 KB
Image
General
Full URL
https://gov.dreamplusgames.com/static/png/border-3ebbfa9d.png
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/static/css/pc-48159b72.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
3ebbfa9de163198abbf566457c63e24179cc5e16ce3e5b0e2eb981ce6a54b544

Request headers

Referer
https://gov.dreamplusgames.com/static/css/pc-48159b72.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:33 GMT
Last-Modified
Mon, 08 Jul 2024 01:33:32 GMT
Server
nginx
ETag
"668b41ec-116a"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4458
prize_border-39aae786.png
gov.dreamplusgames.com/static/png/
4 KB
4 KB
Image
General
Full URL
https://gov.dreamplusgames.com/static/png/prize_border-39aae786.png
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/static/css/pc-48159b72.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
39aae786694a8c4acbfb9d7f9012e09329c81ae3e5c7581b5f6f35c8b1467a47

Request headers

Referer
https://gov.dreamplusgames.com/static/css/pc-48159b72.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:33 GMT
Last-Modified
Tue, 25 Jun 2024 03:23:04 GMT
Server
nginx
ETag
"667a3818-1071"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4209
downloadBtn-00145ef0.png
gov.dreamplusgames.com/static/png/
32 KB
32 KB
Image
General
Full URL
https://gov.dreamplusgames.com/static/png/downloadBtn-00145ef0.png
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
00145ef06aaf25c6768bf920bcf76deeb1a3598ffcf070358c2b5cd0edf95f48

Request headers

Referer
https://gov.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:33 GMT
Last-Modified
Tue, 25 Jun 2024 03:23:03 GMT
Server
nginx
ETag
"667a3817-7eed"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32493
prizeBg-4675bc47.png
gov.dreamplusgames.com/static/png/
181 KB
182 KB
Image
General
Full URL
https://gov.dreamplusgames.com/static/png/prizeBg-4675bc47.png
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/static/css/pc-48159b72.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
4675bc47f0bd4e7b362d6f8a58b45d73ed7cacb31b404eb35a54593ea7c9651e

Request headers

Referer
https://gov.dreamplusgames.com/static/css/pc-48159b72.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:33 GMT
Last-Modified
Mon, 03 Jun 2024 09:26:37 GMT
Server
nginx
ETag
"665d8c4d-2d574"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
185716
rose1-1e216aec.png
gov.dreamplusgames.com/static/png/
34 KB
35 KB
Image
General
Full URL
https://gov.dreamplusgames.com/static/png/rose1-1e216aec.png
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/static/css/pc-48159b72.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
1e216aec61d05443ae59c982c0cab1fa2a34ac6cca9666cc96b6f03157388a44

Request headers

Referer
https://gov.dreamplusgames.com/static/css/pc-48159b72.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:33 GMT
Last-Modified
Mon, 03 Jun 2024 09:26:40 GMT
Server
nginx
ETag
"665d8c50-89fc"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35324
dialog-91f63189.png
gov.dreamplusgames.com/static/png/
23 KB
23 KB
Image
General
Full URL
https://gov.dreamplusgames.com/static/png/dialog-91f63189.png
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/static/css/pc-48159b72.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
91f631897b26a71eb7defaac6d7227d560905a5331a228982820a0ee34b3f5ab

Request headers

Referer
https://gov.dreamplusgames.com/static/css/pc-48159b72.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:33 GMT
Last-Modified
Mon, 03 Jun 2024 09:25:56 GMT
Server
nginx
ETag
"665d8c24-5b10"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23312
rose2-3849c24b.png
gov.dreamplusgames.com/static/png/
100 KB
101 KB
Image
General
Full URL
https://gov.dreamplusgames.com/static/png/rose2-3849c24b.png
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/static/css/pc-48159b72.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
3849c24bbe5a98246c62b504305e9adc5099d1f288b5bdd98d6435941d194ade

Request headers

Referer
https://gov.dreamplusgames.com/static/css/pc-48159b72.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:33 GMT
Last-Modified
Mon, 03 Jun 2024 09:26:43 GMT
Server
nginx
ETag
"665d8c53-191c1"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
102849
icon-96f4250e.png
gov.dreamplusgames.com/static/png/
18 KB
18 KB
Image
General
Full URL
https://gov.dreamplusgames.com/static/png/icon-96f4250e.png
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/static/css/pc-48159b72.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
96f4250e99f14d28fd9491324aba79bd755642144592af97d6e95b875dae4826

Request headers

Referer
https://gov.dreamplusgames.com/static/css/pc-48159b72.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:33 GMT
Last-Modified
Mon, 03 Jun 2024 09:26:27 GMT
Server
nginx
ETag
"665d8c43-48b9"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18617
logo-en-4263f9e5.png
gov.dreamplusgames.com/static/png/
12 KB
12 KB
Image
General
Full URL
https://gov.dreamplusgames.com/static/png/logo-en-4263f9e5.png
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
4263f9e5cfba81fb08c7b0633a252afcdde2d26cc609d829a869141b5a7592b9

Request headers

Referer
https://gov.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:32 GMT
Last-Modified
Mon, 03 Jun 2024 09:26:33 GMT
Server
nginx
ETag
"665d8c49-2f19"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12057
special-4951789d.png
gov.dreamplusgames.com/static/png/
42 KB
42 KB
Image
General
Full URL
https://gov.dreamplusgames.com/static/png/special-4951789d.png
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
4951789d5aee4b537b9c06f2e99b8dd2d6416ebdaf52328e0db527746d2338e2

Request headers

Referer
https://gov.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:32 GMT
Last-Modified
Tue, 25 Jun 2024 03:23:05 GMT
Server
nginx
ETag
"667a3819-a647"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42567
1-ab150cd0.png
gov.dreamplusgames.com/static/png/
60 KB
60 KB
Image
General
Full URL
https://gov.dreamplusgames.com/static/png/1-ab150cd0.png
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
ab150cd06f0de0133781684741061d2d65e3ccb3b2e929919f98026144f73665

Request headers

Referer
https://gov.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:33 GMT
Last-Modified
Mon, 08 Jul 2024 01:33:29 GMT
Server
nginx
ETag
"668b41e9-ee9d"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
61085
2-e03b772c.png
gov.dreamplusgames.com/static/png/
48 KB
48 KB
Image
General
Full URL
https://gov.dreamplusgames.com/static/png/2-e03b772c.png
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
e03b772c10ba6a7e8d9c6e35eb9645d09f0343f0d173a37e29db88dd84bc6372

Request headers

Referer
https://gov.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:33 GMT
Last-Modified
Mon, 08 Jul 2024 01:33:31 GMT
Server
nginx
ETag
"668b41eb-bf3b"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
48955
3-59bcb484.png
gov.dreamplusgames.com/static/png/
37 KB
37 KB
Image
General
Full URL
https://gov.dreamplusgames.com/static/png/3-59bcb484.png
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
59bcb484e914b64878c8704f0f4c844c0ab79a8750c14aa4143bc70bbf421f2b

Request headers

Referer
https://gov.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:33 GMT
Last-Modified
Thu, 04 Jul 2024 02:59:10 GMT
Server
nginx
ETag
"66860ffe-92b3"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37555
4-3eec82ba.png
gov.dreamplusgames.com/static/png/
39 KB
39 KB
Image
General
Full URL
https://gov.dreamplusgames.com/static/png/4-3eec82ba.png
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
3eec82ba5040c4ad5456873f59aec4fbd0be8e8a3e3849456d3f762f7e4d5900

Request headers

Referer
https://gov.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:33 GMT
Last-Modified
Thu, 04 Jul 2024 02:59:11 GMT
Server
nginx
ETag
"66860fff-9c60"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
40032
1-67e1674c.png
gov.dreamplusgames.com/static/png/
41 KB
41 KB
Image
General
Full URL
https://gov.dreamplusgames.com/static/png/1-67e1674c.png
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
67e1674c362cf31873bb1a37d7117712a598d8eb86e908cbca75038f622359bf

Request headers

Referer
https://gov.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:33 GMT
Last-Modified
Mon, 03 Jun 2024 09:24:37 GMT
Server
nginx
ETag
"665d8bd5-a399"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
41881
3-c89ef273.png
gov.dreamplusgames.com/static/png/
39 KB
39 KB
Image
General
Full URL
https://gov.dreamplusgames.com/static/png/3-c89ef273.png
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
c89ef273970fd97d9ca4e64ff34dd6b4bacd2f9366862b150420f2cf128446eb

Request headers

Referer
https://gov.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:33 GMT
Last-Modified
Mon, 03 Jun 2024 09:25:18 GMT
Server
nginx
ETag
"665d8bfe-9b93"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39827
1-a0c52486.jpg
gov.dreamplusgames.com/static/jpg/
236 KB
237 KB
Image
General
Full URL
https://gov.dreamplusgames.com/static/jpg/1-a0c52486.jpg
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
a0c52486bd99f143a061efd91b775238f7bf8a7971c215c9caf7eebd76b8a894

Request headers

Referer
https://gov.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:33 GMT
Last-Modified
Mon, 03 Jun 2024 09:22:02 GMT
Server
nginx
ETag
"665d8b3a-3b12a"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
241962
2-6201bbf6.jpg
gov.dreamplusgames.com/static/jpg/
263 KB
263 KB
Image
General
Full URL
https://gov.dreamplusgames.com/static/jpg/2-6201bbf6.jpg
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
6201bbf62d92b1c7cf1b1e26d1c5e67be10ac008658677e6bd17ca5deeaad95e

Request headers

Referer
https://gov.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:33 GMT
Last-Modified
Mon, 03 Jun 2024 09:22:18 GMT
Server
nginx
ETag
"665d8b4a-41bf7"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
269303
3-a83fd968.jpg
gov.dreamplusgames.com/static/jpg/
269 KB
269 KB
Image
General
Full URL
https://gov.dreamplusgames.com/static/jpg/3-a83fd968.jpg
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
a83fd96812dc2eb8182f14cb146f0524bfbdd30ab83f3f9c7e1df658e7d40b5a

Request headers

Referer
https://gov.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:33 GMT
Last-Modified
Mon, 03 Jun 2024 09:22:44 GMT
Server
nginx
ETag
"665d8b64-43499"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
275609
4-5e278ed5.jpg
gov.dreamplusgames.com/static/jpg/
249 KB
250 KB
Image
General
Full URL
https://gov.dreamplusgames.com/static/jpg/4-5e278ed5.jpg
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
5e278ed57acceb52bbe249f6e05bd1923219d2f8c0b800a518492044e47b75f7

Request headers

Referer
https://gov.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:33 GMT
Last-Modified
Mon, 03 Jun 2024 09:23:02 GMT
Server
nginx
ETag
"665d8b76-3e5ea"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
255466
5-ed96275a.jpg
gov.dreamplusgames.com/static/jpg/
309 KB
309 KB
Image
General
Full URL
https://gov.dreamplusgames.com/static/jpg/5-ed96275a.jpg
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
ed96275a371f708ecac254dada8c1b0d288f775a2b6e9b8a0efd70028ec69dd3

Request headers

Referer
https://gov.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:33 GMT
Last-Modified
Mon, 03 Jun 2024 09:24:01 GMT
Server
nginx
ETag
"665d8bb1-4d2b3"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
316083
get_activity_info
activity.dreamplusgames.com/api/mj/activity/
1 KB
716 B
XHR
General
Full URL
https://activity.dreamplusgames.com/api/mj/activity/get_activity_info?code=gov-mjapp-download&timestamp=1721611952
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/static/js/activityInfo-098ffb85.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
934054f1db4c3a1dc3642d064094e36f107ccef0ba690bd2ce4deb8a1f4c5a3e

Request headers

Accept
application/json, text/plain, */*
Referer
https://gov.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 22 Jul 2024 01:32:33 GMT
xdomainrequestallowed
1
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-credential
true
access-control-max-age
86400
access-control-allow-methods
*
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gov.dreamplusgames.com
access-control-allow-credentials
true
cf-ray
8a6fad74c8f0abc7-YYZ
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
truncated
/
243 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cff06af7b19781f042ccc5ef9919182c4d7d0fa52c85a6e4b3ff0416caa2f735

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
245 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae0899f7525bc706cd00892e5acf0a315d7a62e7adaf9bf608fb30aefdbbdca5

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
758964702804881
connect.facebook.net/signals/config/
58 KB
12 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/758964702804881?v=2.9.162&r=stable&domain=gov.dreamplusgames.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e94d842f9b7a51dc06acf1fe6a78d03eb0c8db18af78f5e22ab455033b8b605f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://gov.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 22 Jul 2024 01:32:33 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=24, rtx=0, c=62, mss=1392, tbw=64158, tp=-1, tpl=-1, uplat=198, ullat=0
pragma
public
x-fb-debug
oWjlcj3yhKSSFNJ9TGgnh0nxeLINfZzqNN6MfvGaiS7oCp2hkMO5N/202LBlU85Vvl5UlVIJaYRJEyVv/n8lew==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10437.Moi4cBUq-ieTeuiyC-f5vhHAhAazU5FRVuaQn1TohXgX4DQPmJ85uBfBFwTZsCc1.OJoIOmZXLY922yNgtYoJ8V0UnTU%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10437.3Lr8sY2l8grLoHi-mnttNqFTJk754LKeTl2HIZ18YC4OrlZl0y69TgAyQ11826eV4eDZKwyyRPsrNwdB-G_AP1DKAlOZadhT4pyq4_mvg4WKpX3X9mBT7B-iXSEuW_uitr_t3iaFMz...
43 B
480 B
Image
General
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10437.3Lr8sY2l8grLoHi-mnttNqFTJk754LKeTl2HIZ18YC4OrlZl0y69TgAyQ11826eV4eDZKwyyRPsrNwdB-G_AP1DKAlOZadhT4pyq4_mvg4WKpX3X9mBT7B-iXSEuW_uitr_t3iaFMzjRQB3HDyr10Gc9tB_5rCAf9zsmV5vKcdvMntbN6qsawyO2p6seY2n7NGtd69vg-x6_hAkPbzxTh8l-h9WfjUjdFIPkioc09Tg%2C.hZJTqYmkcFxPJMyzZMhOkVLfUfk%2C
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gov.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 Jul 2024 01:32:34 GMT
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10437.3Lr8sY2l8grLoHi-mnttNqFTJk754LKeTl2HIZ18YC4OrlZl0y69TgAyQ11826eV4eDZKwyyRPsrNwdB-G_AP1DKAlOZadhT4pyq4_mvg4WKpX3X9mBT7B-iXSEuW_uitr_t3iaFMzjRQB3HDyr10Gc9tB_5rCAf9zsmV5vKcdvMntbN6qsawyO2p6seY2n7NGtd69vg-x6_hAkPbzxTh8l-h9WfjUjdFIPkioc09Tg%2C.hZJTqYmkcFxPJMyzZMhOkVLfUfk%2C
strict-transport-security
max-age=31536000
date
Mon, 22 Jul 2024 01:32:33 GMT
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/
43 B
619 B
Image
General
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://gov.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 01:32:34 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 18 Jul 2024 14:00:06 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"66991fe6-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 22 Jul 2024 02:32:34 GMT
polyfills-fb7e768b.js
cmp.dreamplusgames.com/static/js/ Frame CA48
73 KB
30 KB
Script
General
Full URL
https://cmp.dreamplusgames.com/static/js/polyfills-fb7e768b.js
Requested by
Host: cmp.dreamplusgames.com
URL: https://cmp.dreamplusgames.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c78df2facedcbcaad027d03cf837a3ea8c291624eebbf829293d79a87d1051c

Request headers

Referer
https://cmp.dreamplusgames.com/
Origin
https://cmp.dreamplusgames.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 01:32:33 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 28 Feb 2024 12:04:00 GMT
server
cloudflare
etag
W/"65df2130-12485"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
8a6fad747f25aaf7-YYZ
alt-svc
h3=":443"; ma=86400
expires
Mon, 22 Jul 2024 05:32:33 GMT
index-eb024d58.js
cmp.dreamplusgames.com/static/js/ Frame CA48
151 KB
57 KB
Script
General
Full URL
https://cmp.dreamplusgames.com/static/js/index-eb024d58.js
Requested by
Host: cmp.dreamplusgames.com
URL: https://cmp.dreamplusgames.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fdc0c834372a63dab4c08ae9fad5345276d4b5d2db56e78a30e1ce550c56bbc

Request headers

Referer
https://cmp.dreamplusgames.com/
Origin
https://cmp.dreamplusgames.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 01:32:33 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 28 Feb 2024 12:03:52 GMT
server
cloudflare
etag
W/"65df2128-25aaf"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
8a6fad747f26aaf7-YYZ
alt-svc
h3=":443"; ma=86400
expires
Mon, 22 Jul 2024 05:32:33 GMT
index-88cd71cb.css
cmp.dreamplusgames.com/static/css/ Frame CA48
80 KB
37 KB
Stylesheet
General
Full URL
https://cmp.dreamplusgames.com/static/css/index-88cd71cb.css
Requested by
Host: cmp.dreamplusgames.com
URL: https://cmp.dreamplusgames.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88cd71cb64c7ad4f00a386021f9db5ff774ac02a6e9ee281ce5194db8cfcac8a

Request headers

Referer
https://cmp.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 01:32:33 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 28 Feb 2024 09:17:45 GMT
server
cloudflare
etag
W/"65defa39-14182"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
8a6fad747f22aaf7-YYZ
alt-svc
h3=":443"; ma=86400
expires
Mon, 22 Jul 2024 05:32:33 GMT
metrika_match.html
mc.yandex.com/metrika/ Frame 68E9
0
0
Document
General
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://gov.dreamplusgames.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
1048
content-type
text/html
date
Mon, 22 Jul 2024 01:32:34 GMT
etag
"66991fe6-418"
expires
Mon, 22 Jul 2024 02:32:34 GMT
last-modified
Thu, 18 Jul 2024 14:00:06 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?hca=23851A7D083E7F5A&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-ca&lo=0&rnd=1574032238&si=88fffb0f9afd943cdbfc833323c1de86&v=1.3.2&lv=1&sn=7503&r=0&ww=1600&u=https%3A%2F%2Fgov.dreamplusgames.com%2F&tt=Game%20of%20Vampires%3A%20Twilight%20Sun
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.183.79 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://gov.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jul 2024 01:32:34 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf4f063bbb3fc95d81f46e32b6254b15029ae12ced739d2352e24eecbfd89857

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb90e8f3cead0d795711b9ab16f7e3c967d683d2811a457cdeee2c043fdaf22c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90e0727fd3eae9856f8e048891a357848248140da680be67ce49a28cdd310b94

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
discord_icon-68367104.png
gov.dreamplusgames.com/static/png/
8 KB
9 KB
Image
General
Full URL
https://gov.dreamplusgames.com/static/png/discord_icon-68367104.png
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/static/css/pc-48159b72.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
68367104920195be78277e0c54ce73dc895d144df6b858636d8eb384a688f19a

Request headers

Referer
https://gov.dreamplusgames.com/static/css/pc-48159b72.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:33 GMT
Last-Modified
Mon, 03 Jun 2024 09:25:59 GMT
Server
nginx
ETag
"665d8c27-21d9"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8665
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cbc22e02fbe8827caf0c4c3d64798311ff4e2121a4e2e8c7403b8f78f677b35d

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9888f7e5e1b45545354950554c987a414ebb228d5a27c53f63cbd87c7465589c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b42007e69cbf8a8926b7c9e10f8a7e516817212ad7b98c33e808d8e12d2bd11

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
index-5eb15327.js
cmp.dreamplusgames.com/static/js/ Frame CA48
13 KB
5 KB
Script
General
Full URL
https://cmp.dreamplusgames.com/static/js/index-5eb15327.js
Requested by
Host: cmp.dreamplusgames.com
URL: https://cmp.dreamplusgames.com/static/js/index-eb024d58.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab7907dac851ff34fd48516024027966b85fd8013c9d0434874df46cb085f3f4

Request headers

Referer
Origin
https://cmp.dreamplusgames.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 01:32:33 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 28 Feb 2024 12:03:49 GMT
server
cloudflare
etag
W/"65df2125-3571"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
8a6fad773934aba2-YYZ
alt-svc
h3=":443"; ma=86400
expires
Mon, 22 Jul 2024 05:32:33 GMT
index-47f13bf1.css
cmp.dreamplusgames.com/static/css/ Frame CA48
7 KB
2 KB
Stylesheet
General
Full URL
https://cmp.dreamplusgames.com/static/css/index-47f13bf1.css
Requested by
Host: cmp.dreamplusgames.com
URL: https://cmp.dreamplusgames.com/static/js/index-eb024d58.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47f13bf1af2fcac6f0bfa0a9166517e8296606a2d9e40cec1d8084d45d733752

Request headers

Referer
https://cmp.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 01:32:33 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 28 Feb 2024 09:17:43 GMT
server
cloudflare
etag
W/"65defa37-1cd1"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
8a6fad773935aba2-YYZ
alt-svc
h3=":443"; ma=86400
expires
Mon, 22 Jul 2024 05:32:33 GMT
/
www.facebook.com/tr/
0
274 B
Image
General
Full URL
https://www.facebook.com/tr/?id=758964702804881&ev=PageView&dl=https%3A%2F%2Fgov.dreamplusgames.com%2F&rl=&if=false&ts=1721611953900&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1721611953898.143639382995295314&ler=empty&cdl=API_unavailable&it=1721611952819&coo=false&rqm=GET
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://gov.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1392, tbw=2774, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 22 Jul 2024 01:32:34 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
3 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=758964702804881&ev=PageView&dl=https%3A%2F%2Fgov.dreamplusgames.com%2F&rl=&if=false&ts=1721611953900&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1721611953898.143639382995295314&ler=empty&cdl=API_unavailable&it=1721611952819&coo=false&rqm=FGET
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://gov.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Mon, 22 Jul 2024 01:32:34 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7394267039864633279", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1392, tbw=3092, tp=-1, tpl=-1, uplat=64, ullat=0
pragma
no-cache
x-fb-debug
Fj2crOVOsngNq0lwcJvrROF3Ui2Q7SwxBK5YEjheOMdb7AGLwTUur7v49lmNxoLFsVZyHYEYFt+9p2qlmD5hXg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7394267039864633279"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
Ip
public-tools.mjyx.com/api/
104 B
431 B
XHR
General
Full URL
https://public-tools.mjyx.com/api/Ip?app_id=99999&timestamp=1721611954&sign=bda54efd1150c8396303a32277108585
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/static/js/activityInfo-098ffb85.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.248.121 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
121.248.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2f3634f88b415e5e6e67f4b248626b99e56ee855313db459b00b924092f0821c

Request headers

Accept
application/json, text/plain, */*
Referer
https://gov.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 01:32:34 GMT
content-encoding
gzip
via
1.1 google
server
nginx
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, max-age=0, No-store, private
access-control-allow-credentials
true
access-control-allow-headers
accept-language,Keep-Alive,User-Agent,Cache-Control,Content-Type
content-length
112
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1
mc.yandex.com/watch/97770422/
Redirect Chain
  • https://mc.yandex.com/watch/97770422?wmode=7&page-url=https%3A%2F%2Fgov.dreamplusgames.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgh60k7s18a5hi3%3Afu%3A0%3Aen%3Autf-...
  • https://mc.yandex.com/watch/97770422/1?wmode=7&page-url=https%3A%2F%2Fgov.dreamplusgames.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgh60k7s18a5hi3%3Afu%3A0%3Aen%3Aut...
464 B
784 B
Fetch
General
Full URL
https://mc.yandex.com/watch/97770422/1?wmode=7&page-url=https%3A%2F%2Fgov.dreamplusgames.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgh60k7s18a5hi3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A1390%3Acn%3A1%3Adp%3A0%3Als%3A1086394594687%3Ahid%3A578730230%3Az%3A-420%3Ai%3A20240721183233%3Aet%3A1721611953%3Ac%3A1%3Arn%3A688818374%3Arqn%3A1%3Au%3A1721611953782844584%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2096%3Awv%3A2%3Ads%3A0%2C413%2C222%2C1%2C0%2C0%2C%2C520%2C0%2C%2C%2C%2C1646%3Aco%3A0%3Acpf%3A1%3Ans%3A1721611950534%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1721611954%3At%3AGame%20of%20Vampires%3A%20Twilight%20Sun&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821561856%29ti%281%29
Requested by
Host: gov.dreamplusgames.com
URL: https://gov.dreamplusgames.com/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
0dc6e9866f72c6571db30136d96f02f1fa86713f5721fca998eb6900da835350
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gov.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jul 2024 01:32:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 22-Jul-2024 01:32:34 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gov.dreamplusgames.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
464
x-xss-protection
1; mode=block
expires
Mon, 22-Jul-2024 01:32:34 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Jul 2024 01:32:34 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 22-Jul-2024 01:32:34 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
https://gov.dreamplusgames.com
location
/watch/97770422/1?wmode=7&page-url=https%3A%2F%2Fgov.dreamplusgames.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgh60k7s18a5hi3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A1390%3Acn%3A1%3Adp%3A0%3Als%3A1086394594687%3Ahid%3A578730230%3Az%3A-420%3Ai%3A20240721183233%3Aet%3A1721611953%3Ac%3A1%3Arn%3A688818374%3Arqn%3A1%3Au%3A1721611953782844584%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2096%3Awv%3A2%3Ads%3A0%2C413%2C222%2C1%2C0%2C0%2C%2C520%2C0%2C%2C%2C%2C1646%3Aco%3A0%3Acpf%3A1%3Ans%3A1721611950534%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1721611954%3At%3AGame%20of%20Vampires%3A%20Twilight%20Sun&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821561856%29ti%281%29
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Mon, 22-Jul-2024 01:32:34 GMT
favicon.ico
gov.dreamplusgames.com/
4 KB
4 KB
Other
General
Full URL
https://gov.dreamplusgames.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.11.182.124 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
7e747dfd1ddb722a09c54c814340d3272e56459bbe25771f5bfdbea335dd9156

Request headers

Referer
https://gov.dreamplusgames.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:32:34 GMT
Last-Modified
Mon, 03 Jun 2024 09:21:40 GMT
Server
nginx
ETag
"665d8b24-10be"
Content-Type
image/x-icon
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4286

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| ym function| gtag object| dataLayer object| googlefc object| _hmt object| __VUE_HMR_RUNTIME__ object| devtoolsFormatters function| fbq function| _fbq boolean| __VUE__ object| __VUE_DEVTOOLS_PLUGINS__ boolean| __vite_is_modern_browser function| _iterableToArrayLimit function| ownKeys function| _objectSpread2 function| _typeof function| _defineProperty function| _slicedToArray function| _arrayWithHoles function| _unsupportedIterableToArray function| _arrayLikeToArray function| _nonIterableRest function| _toPrimitive function| _toPropertyKey string| AF_URL_SCHEME number| VALID_AF_URL_PARTS_LENGTH string| GOOGLE_CLICK_ID string| ASSOCIATED_AD_KEYWORD string| AF_KEYWORDS object| AF_CUSTOM_EXCLUDE_PARAMS_KEYS object| GCLID_EXCLUDE_PARAMS_KEYS object| LOCAL_STORAGE_VALUES function| isSkippedURL function| getGoogleClickIdParameters function| stringifyParameters function| getParameterValue function| isIOS function| isUACHSupported function| getQueryParamsAndSaveToLocalStorage function| isValidUrl function| getCurrentUrl function| getReferrerUrl function| isSameOrigin function| saveWebReferrer function| removeExpiredLocalStorageItems function| aggregateValuesFromParameters function| getCurrentURLParams function| isOneLinkURLValid function| validatedMs function| isSkipListsValid function| extractCustomParams function| validateAndMappedParams function| isPlatformValid function| getUserAgentData function| createImpressionsLink function| getHexColorAfterValidation function| QRCode string| version string| formatVersion string| oneLinkURL object| mediaSource object| campaign object| custom_ss_ui object| result object| AF_SMART_SCRIPT object| Ya object| yaCounter97770422 boolean| _bdhm_loaded_88fffb0f9afd943cdbfc833323c1de86

22 Cookies

Domain/Path Name / Value
.yandex.ru/ Name: i
Value: 6syslH6f1MhfaMQKaJLJSihemEGFf1zQoDdgvdCi9oMB/gG2IuaY/SFu0sZKVI479vzEIeYbWGmVPZMkc5IZuX+2Zqk=
.yandex.ru/ Name: yandexuid
Value: 7693435481721611952
.yandex.ru/ Name: yashr
Value: 6021784851721611952
.dreamplusgames.com/ Name: _ym_uid
Value: 1721611953782844584
.dreamplusgames.com/ Name: _ym_d
Value: 1721611953
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 23851A7D083E7F5A
.gov.dreamplusgames.com/ Name: Hm_lvt_88fffb0f9afd943cdbfc833323c1de86
Value: 1721611953
.gov.dreamplusgames.com/ Name: Hm_lpvt_88fffb0f9afd943cdbfc833323c1de86
Value: 1721611953
.gov.dreamplusgames.com/ Name: HMACCOUNT
Value: 23851A7D083E7F5A
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 1943775886fake
.dreamplusgames.com/ Name: _fbp
Value: fb.1.1721611953898.143639382995295314
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1725518293fake
.dreamplusgames.com/ Name: _ym_isad
Value: 2
.yandex.com/ Name: yuidss
Value: 7693435481721611952
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.com/ Name: i
Value: xolaaRD9GUVY+4H9SENjAOSwwSK4Ixdk+aVQfU2e9YV+6OPcbJPPjEDzdVpFhZI4UuSfKo4KOeE7XwD2ChCEjFrbEJg=
.yandex.com/ Name: yashr
Value: 457816601721611954
mc.yandex.com/ Name: yabs-sid
Value: 1554694421721611954
.yandex.com/ Name: yandexuid
Value: 7693435481721611952
.yandex.com/ Name: ymex
Value: 2036971954.yrts.1721611954
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.com/ Name: bh
Value: KgI/MGCy7fa0Bg==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

activity.dreamplusgames.com
cmp.dreamplusgames.com
connect.facebook.net
gov.dreamplusgames.com
hm.baidu.com
mc.yandex.com
mc.yandex.ru
public-tools.mjyx.com
www.facebook.com
14.215.183.79
198.11.182.124
2606:4700::6812:d9e
2a02:6b8::1:119
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
35.244.248.121
00145ef06aaf25c6768bf920bcf76deeb1a3598ffcf070358c2b5cd0edf95f48
0dc6e9866f72c6571db30136d96f02f1fa86713f5721fca998eb6900da835350
1e216aec61d05443ae59c982c0cab1fa2a34ac6cca9666cc96b6f03157388a44
2c01ad25fa0068a6876742df36842e25f38166cb46390d787ee565ba7e216830
2c72048ee4f406eaff16d1f166efff0de232e5b6bbf25cc7e56cf0d7aa2b6c1c
2f3634f88b415e5e6e67f4b248626b99e56ee855313db459b00b924092f0821c
3849c24bbe5a98246c62b504305e9adc5099d1f288b5bdd98d6435941d194ade
39aae786694a8c4acbfb9d7f9012e09329c81ae3e5c7581b5f6f35c8b1467a47
3d3d225d744ca2fa08602fe62da07f4279685870daf1884f74183ee5be572885
3ebbfa9de163198abbf566457c63e24179cc5e16ce3e5b0e2eb981ce6a54b544
3eec82ba5040c4ad5456873f59aec4fbd0be8e8a3e3849456d3f762f7e4d5900
4263f9e5cfba81fb08c7b0633a252afcdde2d26cc609d829a869141b5a7592b9
4675bc47f0bd4e7b362d6f8a58b45d73ed7cacb31b404eb35a54593ea7c9651e
47f13bf1af2fcac6f0bfa0a9166517e8296606a2d9e40cec1d8084d45d733752
48159b72bdcbef0a49b9c6fac81c1b60a8e392ff9e37ba9967df71dce44f6b7e
4951789d5aee4b537b9c06f2e99b8dd2d6416ebdaf52328e0db527746d2338e2
4dca613b3118fe7ea02992e8b6b86c1938e35e708205ce351cc36404ea232aa7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59bcb484e914b64878c8704f0f4c844c0ab79a8750c14aa4143bc70bbf421f2b
5e278ed57acceb52bbe249f6e05bd1923219d2f8c0b800a518492044e47b75f7
6201bbf62d92b1c7cf1b1e26d1c5e67be10ac008658677e6bd17ca5deeaad95e
67e1674c362cf31873bb1a37d7117712a598d8eb86e908cbca75038f622359bf
68367104920195be78277e0c54ce73dc895d144df6b858636d8eb384a688f19a
6b42007e69cbf8a8926b7c9e10f8a7e516817212ad7b98c33e808d8e12d2bd11
6fdc0c834372a63dab4c08ae9fad5345276d4b5d2db56e78a30e1ce550c56bbc
71e28ccf2cc54e15230d31e89907e94ce72f64cd947622c7886a7fe72c0fc804
7e747dfd1ddb722a09c54c814340d3272e56459bbe25771f5bfdbea335dd9156
7e9ecb934c62c15d3cc7ffa42de7412750ffd31a8fa3546fbd7ebb78bfa10d1d
8005e9f62b20818daff6e59ab2141119dc24b523277fb14cc744827fb87adb04
88cd71cb64c7ad4f00a386021f9db5ff774ac02a6e9ee281ce5194db8cfcac8a
8c78df2facedcbcaad027d03cf837a3ea8c291624eebbf829293d79a87d1051c
90e0727fd3eae9856f8e048891a357848248140da680be67ce49a28cdd310b94
91f631897b26a71eb7defaac6d7227d560905a5331a228982820a0ee34b3f5ab
934054f1db4c3a1dc3642d064094e36f107ccef0ba690bd2ce4deb8a1f4c5a3e
955fc2ad0f270db94e51da0fb0cd50725df7bdb2c1d7e9d25d0a98f0bf1f6359
96f4250e99f14d28fd9491324aba79bd755642144592af97d6e95b875dae4826
976e76b64cb323c54359d20d1032941c808251abbbb09a4e81ee9518cb3cb24f
9888f7e5e1b45545354950554c987a414ebb228d5a27c53f63cbd87c7465589c
99d86682c0182b4dfcbd13ad22a298a2e8db190a06e03773916e1e1952bae216
9fc0f105fe1e12a87554e5973a997446b02184422130d16e261e020707d1af5a
a0c52486bd99f143a061efd91b775238f7bf8a7971c215c9caf7eebd76b8a894
a83fd96812dc2eb8182f14cb146f0524bfbdd30ab83f3f9c7e1df658e7d40b5a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab150cd06f0de0133781684741061d2d65e3ccb3b2e929919f98026144f73665
ab7907dac851ff34fd48516024027966b85fd8013c9d0434874df46cb085f3f4
ac6ecc05635cf29b8ce6c352917746bdcdeaa23b2f0d0fd89e25bd09c8542d56
ae0899f7525bc706cd00892e5acf0a315d7a62e7adaf9bf608fb30aefdbbdca5
b4a841aeb852766c652de7411cc6e3c91ce85d45dd87e5a05dd57a121ea10fb3
bf4f063bbb3fc95d81f46e32b6254b15029ae12ced739d2352e24eecbfd89857
c89ef273970fd97d9ca4e64ff34dd6b4bacd2f9366862b150420f2cf128446eb
cb90e8f3cead0d795711b9ab16f7e3c967d683d2811a457cdeee2c043fdaf22c
cbc22e02fbe8827caf0c4c3d64798311ff4e2121a4e2e8c7403b8f78f677b35d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff06af7b19781f042ccc5ef9919182c4d7d0fa52c85a6e4b3ff0416caa2f735
d62e6e40bc47cc6467c3cc03179f93929b0b93ad7fcecd3e4fe4c0c002fc4645
dc0d0fbd6598f1b6cfaeb01e67814b6a1f79f99109553390844a7859859e98ee
e03b772c10ba6a7e8d9c6e35eb9645d09f0343f0d173a37e29db88dd84bc6372
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e94d842f9b7a51dc06acf1fe6a78d03eb0c8db18af78f5e22ab455033b8b605f
e99ff429d11894d631c7c53e55c66b178b3c7ed2e4a38594d29b15c4c0b714cc
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
ed4db7d195c3733632401d8c5fb028ac9e90a3c0474783ca4fe247f49213a032
ed96275a371f708ecac254dada8c1b0d288f775a2b6e9b8a0efd70028ec69dd3
fdd9c386d6466e06ecffe442c7b3217da67eff9cb6295cdb719a4d4d2d8b6d13