win-halo.link-oke.click Open in urlscan Pro
172.67.160.90  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response win-halo.link-oke.click/	78 KB 16 KB	366ms 320ms	Document text/html	172.67.160.90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://win-halo.link-oke.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.160.90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 549aacf3a12e204d376af9c1d41ee676a9bfd406f4acbdf7aed022d262ece999 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8f9bb9414c0fd2c6-FRA content-encoding zstd content-type text/html date Sun, 29 Dec 2024 18:06:23 GMT last-modified Sun, 29 Dec 2024 12:51:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=idvrobjfzN8mUNBwlaSHJlY8nYF51qPt2K%2FR%2B%2FN7IcVF45iyn%2Fktbju9eas8ubWyrZ2XWL7eoJCi3aUKtcjzA5tc5fxYmbHpmOHRZoICdfcm59WfXZhV%2FLj9AlTX3xHy43CrI6zLtWxNDA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=16287&min_rtt=10756&rtt_var=6471&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4177&recv_bytes=4489&delivery_rate=577&cwnd=12000&unsent_bytes=0&cid=1c1754972dc01f29&ts=315&x=1" cfExtPri cfHdrFlush;dur=0 vary Accept-Encoding
GET H2	200	amp-analytics-0.1.js Show response cdn.ampproject.org/v0/	110 KB 32 KB	236ms 111ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-analytics-0.1.js Requested by Host: win-halo.link-oke.click URL: https://win-halo.link-oke.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 338328dedc97f4e8af0f96a11f4277add199f68669d1538cf9bb00e7d7e4761d Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://win-halo.link-oke.click/ Response headers content-encoding br etag "0fb6a320dcd73fbe" report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Sun, 29 Dec 2024 18:06:23 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Dec 2024 18:06:23 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control private, max-age=604800, stale-while-revalidate=604800 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 32184 x-xss-protection 0 server sffe
GET H3	200	logo-halobet.webp hlt.asets.click//logo/	3 KB 4 KB	125ms 29ms	Image image/webp	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hlt.asets.click//logo/logo-halobet.webp Requested by Host: win-halo.link-oke.click URL: https://win-halo.link-oke.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 531c367b59836a3e4af45f28df4a9bc9669b3dea4a313a26f1abb5cfa016f40c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://win-halo.link-oke.click/ Response headers cf-cache-status HIT etag "c8c-651abde6-c18e0;;;" age 18886 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cfbY7h%2FEA7NpjEo88I8cXcXJxRXpaCs%2FyMGfEPBCVrwXn%2FU015xeiHtl7YEqIkVKTzg7vLHGWwt2vAo7hBkGs5lquqXVsnCHL1exWWXaibtnkTqnpA%2FDL9w0HyoQlNypnhY%3D"}],"group":"cf-nel","max_age":604800} expires Wed, 04 Dec 2024 23:19:32 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=10162&min_rtt=10065&rtt_var=3843&sent=12&recv=8&lost=0&retrans=0&sent_bytes=4203&recv_bytes=4366&delivery_rate=253452&cwnd=12000&unsent_bytes=0&cid=683888a9fc04e1da&ts=87&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 29 Dec 2024 18:06:23 GMT content-type image/webp last-modified Mon, 02 Oct 2023 12:56:06 GMT vary Accept-Encoding priority u=3,i cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f9bb9441e92dba5-FRA accept-ranges bytes content-length 3212 server cloudflare
GET H3	200	bonus-live-casino-badakbet.jpg asets.click/bdk/bm/	185 KB 186 KB	135ms 39ms	Image image/jpeg	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://asets.click/bdk/bm/bonus-live-casino-badakbet.jpg Requested by Host: win-halo.link-oke.click URL: https://win-halo.link-oke.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 43632b353e0b91b9a25a89f1dd389e810a8e41215d5f519fc1ca404d6324151c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://win-halo.link-oke.click/ Response headers cf-cache-status HIT etag "2e4ac-65ddc5f4-c19e0;;;" age 261525 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N1PWgRCvgU2ZaptHlR82x%2F%2BOGE4p3P%2FmVrCdBzlu2GBm5StKJhy5jhwetVc%2BVjoqN7bwJo4YT9c7xbRZoP1X3GjnjdR6rdsT5SSs%2FsxsTp2x72u647%2B4TxJc7kq5uQ%3D%3D"}],"group":"cf-nel","max_age":604800} expires Sun, 29 Dec 2024 09:13:54 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=8882&min_rtt=8686&rtt_var=3397&sent=13&recv=9&lost=0&retrans=0&sent_bytes=6249&recv_bytes=4726&delivery_rate=224990&cwnd=12000&unsent_bytes=0&cid=ba8e330155a5f97e&ts=85&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 29 Dec 2024 18:06:23 GMT content-type image/jpeg last-modified Tue, 27 Feb 2024 11:22:28 GMT vary Accept-Encoding priority u=3,i cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f9bb9441e461e4c-FRA accept-ranges bytes content-length 189612 server cloudflare
GET H3	200	pragmaticplay.webp asets.click/provider-icon/	1 KB 2 KB	133ms 37ms	Image image/webp	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://asets.click/provider-icon/pragmaticplay.webp Requested by Host: win-halo.link-oke.click URL: https://win-halo.link-oke.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd53d212dc016750c318fc053f4ee98d38991b9f4f67d5771ba0ed1ed4cdd7dd Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://win-halo.link-oke.click/ Response headers cf-cache-status HIT etag "4ec-65ddfee3-c19ef;;;" age 110798 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kWY9x4KPUrHZ8HNz8pnMkvP8XI0YJXHUdH4IRH%2BJb%2FlRijyWi%2BSJndNAWE%2FCyKu1lH5TbqGCio92tWnmmX4rVU0I2RDMlhOKNu7s2vcv70Lq68lrWKKmGVOWovkNHA%3D%3D"}],"group":"cf-nel","max_age":604800} expires Sun, 08 Dec 2024 01:18:38 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=8882&min_rtt=8686&rtt_var=3397&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4180&recv_bytes=4726&delivery_rate=224990&cwnd=12000&unsent_bytes=0&cid=ba8e330155a5f97e&ts=84&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 29 Dec 2024 18:06:23 GMT content-type image/webp last-modified Tue, 27 Feb 2024 15:25:23 GMT vary Accept-Encoding priority u=3,i cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f9bb9441e481e4c-FRA accept-ranges bytes content-length 1260 server cloudflare
GET H2	200	amp-twitter-0.1.js Show response cdn.ampproject.org/v0/	19 KB 7 KB	224ms 103ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-twitter-0.1.js Requested by Host: win-halo.link-oke.click URL: https://win-halo.link-oke.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 98091fbd930303d762bac99e29cfb2cb4dc8e99417eae7cc9619bee0b0bbfc06 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://win-halo.link-oke.click/ Response headers content-encoding br etag "03cfabae62d446e6" report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Sun, 29 Dec 2024 18:06:23 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Dec 2024 18:06:23 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control private, max-age=604800, stale-while-revalidate=604800 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 7191 x-xss-protection 0 server sffe
GET H2	200	amp-iframe-0.1.js Show response cdn.ampproject.org/v0/	25 KB 9 KB	227ms 106ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-iframe-0.1.js Requested by Host: win-halo.link-oke.click URL: https://win-halo.link-oke.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 90a0a692795e552c341d7bd98cb76ce5fc5a9ace287a92ac44ce0e6fe93b034f Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://win-halo.link-oke.click/ Response headers content-encoding br etag "77dcc70a0a78da30" report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Sun, 29 Dec 2024 18:06:23 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Dec 2024 18:06:23 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control private, max-age=604800, stale-while-revalidate=604800 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 8921 x-xss-protection 0 server sffe
GET H2	200	amp-carousel-0.1.js Show response cdn.ampproject.org/v0/	38 KB 11 KB	279ms 158ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-carousel-0.1.js Requested by Host: win-halo.link-oke.click URL: https://win-halo.link-oke.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b26e9d1dd9dffd00871f9994bf1248edb1fe4faafc99196c91fb5176000593e8 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://win-halo.link-oke.click/ Response headers content-encoding br etag "9925a53ff9d805bc" report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Sun, 29 Dec 2024 18:06:23 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Dec 2024 18:06:23 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control private, max-age=604800, stale-while-revalidate=604800 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 11524 x-xss-protection 0 server sffe
GET H2	200	v0.js Show response cdn.ampproject.org/	278 KB 72 KB	173ms 53ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0.js Requested by Host: win-halo.link-oke.click URL: https://win-halo.link-oke.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e1df1ea5eb3649c271f9251dd0f522f71583f47396dbf6495bb6507ed06c84ed Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://win-halo.link-oke.click/ Response headers content-encoding br etag "6cd5bd85d22351ce" report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Sun, 29 Dec 2024 18:06:23 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Dec 2024 18:06:23 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control private, max-age=3000, stale-while-revalidate=1206600 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 73112 x-xss-protection 0 server sffe
GET H2	200	amp-sidebar-0.1.js Show response cdn.ampproject.org/v0/	31 KB 9 KB	282ms 162ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-sidebar-0.1.js Requested by Host: win-halo.link-oke.click URL: https://win-halo.link-oke.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8ac498c33fba0e0be977df8bb06207fd1bbd2892ddd33d0dfa5e48838e5a7e81 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://win-halo.link-oke.click/ Response headers content-encoding br etag "e8f022bde01b1e0a" report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Sun, 29 Dec 2024 18:06:23 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Dec 2024 18:06:23 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control private, max-age=604800, stale-while-revalidate=604800 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 9629 x-xss-protection 0 server sffe
GET H2	200	amp-position-observer-0.1.js Show response cdn.ampproject.org/v0/	10 KB 4 KB	180ms 178ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-position-observer-0.1.js Requested by Host: win-halo.link-oke.click URL: https://win-halo.link-oke.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash dcb93840695b301a1748277b0354f10298e04cd834512d3af2cb17e6ad9ddabb Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://win-halo.link-oke.click/ Response headers content-encoding br etag "947b4329f166920d" report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Sun, 29 Dec 2024 18:06:23 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Dec 2024 18:06:23 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control private, max-age=604800, stale-while-revalidate=604800 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 3686 x-xss-protection 0 server sffe
GET H2	200	amp-animation-0.1.js Show response cdn.ampproject.org/v0/	82 KB 19 KB	181ms 179ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-animation-0.1.js Requested by Host: win-halo.link-oke.click URL: https://win-halo.link-oke.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 44a6935eb5366847873e657029231d032986994916b8897da60317f9bde6abc0 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://win-halo.link-oke.click/ Response headers content-encoding br etag "c9e778cac6ff2099" report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Sun, 29 Dec 2024 18:06:23 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Dec 2024 18:06:23 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control private, max-age=604800, stale-while-revalidate=604800 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 18999 x-xss-protection 0 server sffe
GET H3	200	whatsapp.gif x-cdn.id/images/	51 KB 52 KB	433ms 86ms	Image image/gif	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://x-cdn.id/images/whatsapp.gif Requested by Host: win-halo.link-oke.click URL: https://win-halo.link-oke.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1aa3598e3effa3c9be12f72b0b383b47e0b86c5e284a1d8fd204b131af1d9717 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://win-halo.link-oke.click/ Response headers cf-cache-status HIT etag "cc7c-65086a7c-fe2dc;;;" age 417415 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xD1ordf0ILJ9oS521GFBClTOR3JHL023YeZAdbzds12R1BQ3SUBHRCrVzetWYvZIKHt5A4ji6PoawvtMb1zALEArXc8F1ne%2FMd9ZDzUSf1UHYKfyb1HSOGnrUQ%3D%3D"}],"group":"cf-nel","max_age":604800} expires Thu, 05 Dec 2024 23:27:59 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=70097&min_rtt=70078&rtt_var=26317&sent=12&recv=8&lost=0&retrans=0&sent_bytes=4174&recv_bytes=4368&delivery_rate=45269&cwnd=12000&unsent_bytes=0&cid=5c1609c7376cdb37&ts=340&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 29 Dec 2024 18:06:24 GMT content-type image/gif last-modified Mon, 18 Sep 2023 15:19:24 GMT vary Accept-Encoding priority u=1,i cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f9bb947ff3830f0-FRA accept-ranges bytes content-length 52348 server cloudflare
GET H3	200	app.gif asets.click/amp/	249 KB 250 KB	80ms 76ms	Image image/gif	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://asets.click/amp/app.gif Requested by Host: win-halo.link-oke.click URL: https://win-halo.link-oke.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 026a3546356c9742f7d248f0d12fbdf285f10f4bbe9742ee712c648cbb60a006 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://win-halo.link-oke.click/ Response headers cf-cache-status HIT etag "3e3b6-673c8dcb-c2636;;;" age 708 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ePnOZ8C%2F%2BiAI7mxXxLbHFk7JAGMrZUf5wODHcTHaxumVJZRaZYQc9kiqdulcGfXR6%2Feoc6yyi21v5zBpgQg%2F%2FiQvUU9a9TrqGUpJIsS5%2BWj2AJmf0ViQs9RE5HBVxA%3D%3D"}],"group":"cf-nel","max_age":604800} expires Tue, 26 Nov 2024 13:09:03 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=37852&min_rtt=8686&rtt_var=2869&sent=191&recv=72&lost=0&retrans=0&sent_bytes=201322&recv_bytes=7788&delivery_rate=1091398&cwnd=53400&unsent_bytes=0&cid=ba8e330155a5f97e&ts=363&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 29 Dec 2024 18:06:23 GMT content-type image/gif last-modified Tue, 19 Nov 2024 13:08:27 GMT vary Accept-Encoding priority u=3,i cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f9bb945dfb11e4c-FRA accept-ranges bytes content-length 254902 server cloudflare
GET H3	200	vs20mtreasure.webp static.rtpdb.com/game/slots/PP/	21 KB 22 KB	583ms 171ms	Image image/webp	172.67.215.158 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.rtpdb.com/game/slots/PP/vs20mtreasure.webp Requested by Host: win-halo.link-oke.click URL: https://win-halo.link-oke.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.215.158 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0188c81ca335f8d2ddbd8dd80d0aa59709c2496a88859c5a35218f515be4202b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://win-halo.link-oke.click/ Response headers cf-cache-status HIT etag "54d0-6720a24e-c3259;;;" age 709 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G7PS%2FpyhpM%2FEx%2F4QloCp5myXcNA8RMZ6Lo2uG%2Fpe%2FyyUV2PL0KrOt7aueJibD4kB9Izchj%2F4zbKQYjvNfCSZp0rRLifpUHywWBGNRwl7cZhuuQjlOkocOQtvxKrzWKB30xTB"}],"group":"cf-nel","max_age":604800} expires Tue, 12 Nov 2024 09:21:34 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=74769&min_rtt=74507&rtt_var=28127&sent=21&recv=13&lost=0&retrans=0&sent_bytes=15454&recv_bytes=6151&delivery_rate=40608&cwnd=12000&unsent_bytes=0&cid=4dc1504b21ce8492&ts=402&x=1", cfExtPri, cfHdrFlush;dur=70 date Sun, 29 Dec 2024 18:06:24 GMT content-type image/webp last-modified Tue, 29 Oct 2024 08:52:30 GMT vary Accept-Encoding priority u=3,i cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f9bb9486a914d58-FRA accept-ranges bytes content-length 21712 server cloudflare
GET H3	200	vs20schristmas.webp static.rtpdb.com/game/slots/PP/	20 KB 21 KB	575ms 163ms	Image image/webp	172.67.215.158 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.rtpdb.com/game/slots/PP/vs20schristmas.webp Requested by Host: win-halo.link-oke.click URL: https://win-halo.link-oke.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.215.158 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e86e5ef66a5b5006e64ab717e63d99fc098bde11d81dc86c1872a65a99e6d35 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://win-halo.link-oke.click/ Response headers cf-cache-status HIT etag "50ba-6720a20a-c326b;;;" age 708 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tgwuj0%2FjzOC0b7pvnuX3lk%2BNiZbrYCGhl9C6rmS%2F7iAxhH%2F0EW5Jo9gtf%2Bg80H1Nk8MTeSa%2BB2B2RwJZJnAO3fw89Eo51wfu%2BFAbRCCx%2BI%2Bd%2B5wFCl%2BCHxdthHrrTO267dEX"}],"group":"cf-nel","max_age":604800} expires Tue, 05 Nov 2024 08:57:07 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=74769&min_rtt=74507&rtt_var=28127&sent=21&recv=13&lost=0&retrans=0&sent_bytes=15454&recv_bytes=6151&delivery_rate=40608&cwnd=12000&unsent_bytes=0&cid=4dc1504b21ce8492&ts=396&x=1", cfExtPri, cfHdrFlush;dur=76 date Sun, 29 Dec 2024 18:06:24 GMT content-type image/webp last-modified Tue, 29 Oct 2024 08:51:22 GMT vary Accept-Encoding priority u=3,i cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f9bb9486a904d58-FRA accept-ranges bytes content-length 20666 server cloudflare
GET H3	200	vs25kfruit.webp static.rtpdb.com/game/slots/PP/	21 KB 22 KB	501ms 89ms	Image image/webp	172.67.215.158 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.rtpdb.com/game/slots/PP/vs25kfruit.webp Requested by Host: win-halo.link-oke.click URL: https://win-halo.link-oke.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.215.158 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0cc59162fa62ce1532f1f7826f219b8c8247d03a962245dcd53265e0c11ce8a3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://win-halo.link-oke.click/ Response headers cf-cache-status HIT etag "547c-6720a229-c32a2;;;" age 709 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SEhuTbRXqbc6H%2BGo10evT5YhgCEcfJrK0%2F37Uv3%2B6kwdez7k2C1ysT0Mzgu%2BKCseUjGYOUx%2FvMXWTu53Z3%2FwwKTDSenabZdOCYCdSTm%2FQCl0j2Ma4lcXZiDQzfP6oA1ra6f%2F"}],"group":"cf-nel","max_age":604800} expires Wed, 01 Jan 2025 05:41:15 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=74769&min_rtt=74507&rtt_var=28127&sent=11&recv=13&lost=0&retrans=0&sent_bytes=4037&recv_bytes=6151&delivery_rate=40608&cwnd=12000&unsent_bytes=0&cid=4dc1504b21ce8492&ts=395&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 29 Dec 2024 18:06:24 GMT content-type image/webp last-modified Tue, 29 Oct 2024 08:51:53 GMT vary Accept-Encoding priority u=3,i cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f9bb9486a8f4d58-FRA accept-ranges bytes content-length 21628 server cloudflare
GET H2	200	vs20gatotgates.jpg d1bnhxh1olb98c.cloudfront.net/Images/providers/PP/	15 KB 16 KB	1173ms 756ms	Image image/jpeg	2600:9000:2644:600:9:5fa:1f00:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1bnhxh1olb98c.cloudfront.net/Images/providers/PP/vs20gatotgates.jpg?v=20240219 Requested by Host: win-halo.link-oke.click URL: https://win-halo.link-oke.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2644:600:9:5fa:1f00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash f30f08084ce92b0b1970d93f068845a6dc6c855f51d722cd4fdd842c2cdd3c76 Security Headers Name Value Strict-Transport-Security max-age=15552001; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://win-halo.link-oke.click/ Response headers cf-cache-status BYPASS etag "0659dceca10d91:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QggaG2G0vd8%2FJyWOkW%2BSLk7pMkxpQdKR53B3V6i8dNwJg1ayo96ZoqZ7oWAQQpS1%2BSTQeRJjAFz4EmJ%2BTfeKbVvHXWU2jqEldW4y4WC4CxdskfCRIX4u2jtng1rKBFeD"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff server-timing cfL4;desc="?proto=TCP&rtt=1893&min_rtt=1879&rtt_var=715&sent=3&recv=7&lost=0&retrans=0&sent_bytes=147&recv_bytes=872&delivery_rate=770622&cwnd=250&unsent_bytes=0&cid=b53ff2c85465876d&ts=96&x=0" x-cache Miss from cloudfront x-amz-cf-id FDX0bacKxMeKFnP6uuDctoHkRCs8mEHA-xJgGk9n92LrJJDHJVZS7w== date Sun, 29 Dec 2024 18:06:24 GMT content-type image/jpeg last-modified Thu, 15 Dec 2022 21:18:42 GMT strict-transport-security max-age=15552001; includeSubDomains; preload cache-control max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} via 1.1 9d1f21fface75767578955e1853e754e.cloudfront.net (CloudFront) cf-ray 8f9bb94afececdde-SIN accept-ranges bytes content-length 14856 x-xss-protection 1; mode=block x-amz-cf-pop FRA60-P6 server cloudflare
GET H3	200	vs20asgard.webp static.rtpdb.com/game/slots/PP/	19 KB 19 KB	587ms 175ms	Image image/webp	172.67.215.158 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.rtpdb.com/game/slots/PP/vs20asgard.webp Requested by Host: win-halo.link-oke.click URL: https://win-halo.link-oke.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.215.158 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e01b3c4bdfdd0873c9115d9df47c0628528c8ace960bad3255b175000e13785a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://win-halo.link-oke.click/ Response headers cf-cache-status HIT etag "4b02-6720a240-c3225;;;" age 709 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e8Xd8g%2FWkmYcD7ou9rBYtk%2BgQPlCqWtqZFhfmDqcrnuhMcap2h%2FTcyoNrtFFeMhY6Yi3WCx7SRlygfFZAKzBJM8NaqwG%2BcJWmATN7yVCW6up4co%2BIvWNmChdM7PjesKYL4VZ"}],"group":"cf-nel","max_age":604800} expires Sun, 05 Jan 2025 07:41:40 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=74769&min_rtt=74507&rtt_var=28127&sent=21&recv=13&lost=0&retrans=0&sent_bytes=15454&recv_bytes=6151&delivery_rate=40608&cwnd=12000&unsent_bytes=0&cid=4dc1504b21ce8492&ts=396&x=1", cfExtPri, cfHdrFlush;dur=76 date Sun, 29 Dec 2024 18:06:24 GMT content-type image/webp last-modified Tue, 29 Oct 2024 08:52:16 GMT vary Accept-Encoding priority u=3,i cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f9bb9486a934d58-FRA accept-ranges bytes content-length 19202 server cloudflare
GET H3	200	vswaysfrywld.webp static.rtpdb.com/game/slots/PP/	18 KB 19 KB	577ms 166ms	Image image/webp	172.67.215.158 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.rtpdb.com/game/slots/PP/vswaysfrywld.webp Requested by Host: win-halo.link-oke.click URL: https://win-halo.link-oke.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.215.158 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fef7b80a6b7099cf08d8366eaaa34cba4c2a1f2df6c933162a06ea557b570111 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://win-halo.link-oke.click/ Response headers cf-cache-status HIT etag "48e2-6720a209-c330c;;;" age 709 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v0VZpIkTptB1a5jApSVfENbLiL9naViOn3XFxhSzaNcwSLVXB8WGl8u%2FfwndL8G9cNuzvNOGvubyrDxdcRWCN2D76aDD6Dv80jZvuW32bx7IwNNFf1efkvz8Wj0GzIBB0hfb"}],"group":"cf-nel","max_age":604800} expires Sun, 05 Jan 2025 06:34:09 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=74769&min_rtt=74507&rtt_var=28127&sent=21&recv=13&lost=0&retrans=0&sent_bytes=15454&recv_bytes=6151&delivery_rate=40608&cwnd=12000&unsent_bytes=0&cid=4dc1504b21ce8492&ts=397&x=1", cfExtPri, cfHdrFlush;dur=75 date Sun, 29 Dec 2024 18:06:24 GMT content-type image/webp last-modified Tue, 29 Oct 2024 08:51:21 GMT vary Accept-Encoding priority u=3,i cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f9bb9486a954d58-FRA accept-ranges bytes content-length 18658 server cloudflare
GET H3	200	vs20swordofares.webp static.rtpdb.com/game/slots/PP/	19 KB 20 KB	579ms 167ms	Image image/webp	172.67.215.158 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.rtpdb.com/game/slots/PP/vs20swordofares.webp Requested by Host: win-halo.link-oke.click URL: https://win-halo.link-oke.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.215.158 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ca6013c35c9bc40a67c1a948b221a495aac5f48350f2b3fda22f26fb045dd592 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://win-halo.link-oke.click/ Response headers cf-cache-status HIT etag "4bce-6720a227-c3276;;;" age 710 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PaQYOV8gy94D2VzQUX1z0E9Uq8k3%2BqFZ%2BhLeGqAVbsgHvYiYpbBKdtFkQV%2FB%2BuQ0M20fRXPXagQZMRwATa8yD0O2EJpwNPYfUa58i8MbEctZw1gyGeKFxNn2FsbuX6rfrN2i"}],"group":"cf-nel","max_age":604800} expires Tue, 05 Nov 2024 10:17:47 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=74769&min_rtt=74507&rtt_var=28127&sent=21&recv=13&lost=0&retrans=0&sent_bytes=15454&recv_bytes=6151&delivery_rate=40608&cwnd=12000&unsent_bytes=0&cid=4dc1504b21ce8492&ts=408&x=1", cfExtPri, cfHdrFlush;dur=64 date Sun, 29 Dec 2024 18:06:24 GMT content-type image/webp last-modified Tue, 29 Oct 2024 08:51:51 GMT vary Accept-Encoding priority u=3,i cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f9bb9486a964d58-FRA accept-ranges bytes content-length 19406 server cloudflare
GET H3	200	vsprg10cfire.webp static.rtpdb.com/game/slots/PP/	17 KB 18 KB	110ms 110ms	Image image/webp	172.67.215.158 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.rtpdb.com/game/slots/PP/vsprg10cfire.webp Requested by Host: win-halo.link-oke.click URL: https://win-halo.link-oke.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.215.158 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2c909ea0c9e8dd6b1cdb6b5910663d34fcbf9b4839822577d5c3598ed0b3fc12 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://win-halo.link-oke.click/ Response headers cf-cache-status HIT etag "455e-65ece8b6-c32f2;;;" age 709 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7uPOFEq78ltsWJoIHYmk5%2FuLz4D5j0TzsCNiMrMId7SA3yDHOpWcDYZYVRPnvWXQgLy0KbBP%2FCucU32oQKTLTkv3iBqLWH5jUe7FXALBQOfiSiYltktuPB054rRSnJszsR5K"}],"group":"cf-nel","max_age":604800} expires Sun, 05 Jan 2025 08:40:50 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=75122&min_rtt=62064&rtt_var=1818&sent=76&recv=32&lost=0&retrans=0&sent_bytes=76678&recv_bytes=7284&delivery_rate=306288&cwnd=37200&unsent_bytes=0&cid=4dc1504b21ce8492&ts=572&x=1", cfExtPri, cfHdrFlush;dur=35 date Sun, 29 Dec 2024 18:06:24 GMT content-type image/webp last-modified Sat, 09 Mar 2024 22:54:46 GMT vary Accept-Encoding priority u=3,i cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f9bb9498b614d58-FRA accept-ranges bytes content-length 17758 server cloudflare
GET H3	200	amp-auto-lightbox-0.1.js Show response cdn.ampproject.org/rtv/012410292120000/v0/	8 KB 3 KB	188ms 57ms	Script text/javascript	142.250.186.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012410292120000/v0/amp-auto-lightbox-0.1.js Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f1.1e100.net Software sffe / Resource Hash abe6c341a1a7d3678e52ea41abbd3c1dd739819dcc686ec6f568009ae2f67dbf Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://win-halo.link-oke.click Referer https://win-halo.link-oke.click/ Response headers content-encoding br etag "f0f2b169fa87a905" age 143440 report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Sun, 28 Dec 2025 02:15:43 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 28 Dec 2024 02:15:43 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control public, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 2970 x-xss-protection 0 server sffe
GET H3	200	amp-loader-0.1.js Show response cdn.ampproject.org/rtv/012410292120000/v0/	12 KB 4 KB	188ms 66ms	Script text/javascript	142.250.186.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012410292120000/v0/amp-loader-0.1.js Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f1.1e100.net Software sffe / Resource Hash 7326dfdb6af366b254ec02068d53c0a781e9ed98487a9fb05dad9d15bfcd237b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://win-halo.link-oke.click Referer https://win-halo.link-oke.click/ Response headers content-encoding br etag "b22012622c63a36b" age 143440 report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Sun, 28 Dec 2025 02:15:43 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 28 Dec 2024 02:15:43 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control public, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 3929 x-xss-protection 0 server sffe
GET DATA	200 OK	truncated /	152 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	149 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml;charset=utf-8
GET H3	200	event-mini-game-halobet.jpg asets.click/hlt/bd/	190 KB 191 KB	73ms 72ms	Image image/jpeg	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://asets.click/hlt/bd/event-mini-game-halobet.jpg Requested by Host: win-halo.link-oke.click URL: https://win-halo.link-oke.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2c38f155f9b0bddf45be9d4e0eec5bb077890fa0e5b99b96fd7621853119ecd6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://win-halo.link-oke.click/ Response headers cf-cache-status HIT etag "2f887-65de1af7-c19f5;;;" age 709 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2E14iVvU66ODpmACrhHbrIxLOdks%2BVHTQgQsC8mVGZCVkXuQ73%2F%2BmhOxXurAQIcb7HnTXWsbSwn9lYFRP7pbcVMH8WWwAGLzSZ3%2BqF8hgh1TPz4M23ydSWKKVYj5FA%3D%3D"}],"group":"cf-nel","max_age":604800} expires Sun, 11 Aug 2024 16:10:43 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=37852&min_rtt=8686&rtt_var=2869&sent=237&recv=75&lost=0&retrans=0&sent_bytes=254747&recv_bytes=8843&delivery_rate=1091398&cwnd=53400&unsent_bytes=0&cid=ba8e330155a5f97e&ts=418&x=1", cfExtPri, cfHdrFlush;dur=12 date Sun, 29 Dec 2024 18:06:23 GMT content-type image/jpeg last-modified Tue, 27 Feb 2024 17:25:11 GMT vary Accept-Encoding priority u=3,i cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f9bb9463ff31e4c-FRA accept-ranges bytes content-length 194695 server cloudflare
GET H3	200	aplikasi-halobet.png asets.click/amp/	112 KB 113 KB	75ms 74ms	Image image/png	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://asets.click/amp/aplikasi-halobet.png Requested by Host: win-halo.link-oke.click URL: https://win-halo.link-oke.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9a7bf2f9562b8bd9dca77af73c6b60e5ece72a0060439d2d18ce9ba63def1d3f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://win-halo.link-oke.click/ Response headers cf-cache-status HIT etag "1c0af-673c8ddd-c2638;;;" age 709 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uE3BywKCSuOBP2oTzgKquMQCkdqVdZ1apjGXvF8di%2BBbDL2aXTF3v2qgx%2BY3Po3fbWhYtSlWPxYOH%2FW6Sk84di%2BIegoetSL7FGzJfiPWxwGl5Pc80BhrOCFNVDhXmw%3D%3D"}],"group":"cf-nel","max_age":604800} expires Fri, 06 Dec 2024 07:17:49 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=37852&min_rtt=8686&rtt_var=2869&sent=237&recv=75&lost=0&retrans=0&sent_bytes=254747&recv_bytes=8843&delivery_rate=1091398&cwnd=53400&unsent_bytes=0&cid=ba8e330155a5f97e&ts=418&x=1", cfExtPri, cfHdrFlush;dur=15 date Sun, 29 Dec 2024 18:06:23 GMT content-type image/png last-modified Tue, 19 Nov 2024 13:08:45 GMT vary Accept-Encoding priority u=3,i cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f9bb9463ff41e4c-FRA accept-ranges bytes content-length 114863 server cloudflare
GET H3	200	Banner-Halobet-IP.png asets.click/hlt/banner/	631 KB 632 KB	75ms 74ms	Image image/png	188.114.97.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://asets.click/hlt/banner/Banner-Halobet-IP.png Requested by Host: win-halo.link-oke.click URL: https://win-halo.link-oke.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3989d8c083312d3366401b52e5ad77b297bfb10b1d0f538653d383352adb2e8a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://win-halo.link-oke.click/ Response headers cf-cache-status HIT etag "9dce0-65de1a0b-c19f1;;;" age 709 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DtJLMaTBgUvfQM27hSpryrvFDxv5XXJsz2RXXa4Gy%2FdEJXpmxDv6MgIbezf9Ayur1oXrdV8QxJTAwHI3HXehFm7BPpN4XEJRbbRXpD8dBL6SZfYbz6LU0fOlzJ7QQw%3D%3D"}],"group":"cf-nel","max_age":604800} expires Wed, 06 Nov 2024 16:05:33 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=37852&min_rtt=8686&rtt_var=2869&sent=237&recv=75&lost=0&retrans=0&sent_bytes=254747&recv_bytes=8843&delivery_rate=1091398&cwnd=53400&unsent_bytes=0&cid=ba8e330155a5f97e&ts=421&x=1", cfExtPri, cfHdrFlush;dur=12 date Sun, 29 Dec 2024 18:06:23 GMT content-type image/png last-modified Tue, 27 Feb 2024 17:21:15 GMT vary Accept-Encoding priority u=3,i cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f9bb9463ff51e4c-FRA accept-ranges bytes content-length 646368 server cloudflare
GET H3	200	googleanalytics.json Show response cdn.ampproject.org/rtv/012410292120000/v0/analytics-vendors/	2 KB 886 B	94ms 92ms	Fetch application/json	142.250.186.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012410292120000/v0/analytics-vendors/googleanalytics.json Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f1.1e100.net Software sffe / Resource Hash 6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept application/json Referer https://win-halo.link-oke.click/ Response headers content-encoding br etag "60c029e4f6a78e4b" age 87491 report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Sun, 28 Dec 2025 17:48:13 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 28 Dec 2024 17:48:13 GMT content-type application/json vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control public, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 856 x-xss-protection 0 server sffe
GET H3	200	ga4.json Show response amp.analytics-debugger.com/	7 KB 3 KB	496ms 205ms	Fetch application/json	104.21.32.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwin-halo.link-oke.click Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept application/json Referer https://win-halo.link-oke.click/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cache-control max-age=86400 content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DPmebSBED80y95N6mI7vq%2FqrlxXroBlppB5hR1FrXEJdnUGFtrs%2B3jcO8R1JIbFdH2x00zm69UFmTCoPX25aIpOYy3aVynldsLhoRqR6WeP%2Bqu1Hboa2bgRoz2dnGrbujZY9AyC7cjmbd1y%2BOA%3D%3D"}],"group":"cf-nel","max_age":604800} x-debug-em-all-ga4amp-version 20230607 access-control-allow-credentials true cf-ray 8f9bb94e499fbb3d-FRA access-control-allow-origin https://win-halo.link-oke.click alt-svc h3=":443"; ma=86400 date Sun, 29 Dec 2024 18:06:25 GMT content-type application/json; charset=utf-8 vary Accept-Encoding server cloudflare last-modified Sun, 29 Dec 2024 18:06:25 GMT
GET H2	200	amp.json Show response www.googletagmanager.com/	2 KB 1 KB	460ms 109ms	Fetch application/json	2a00:1450:4001:828::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/amp.json?id=GTM-KSVXFXM&gtm.url=https%3A%2F%2Fwin-halo.link-oke.click%2F&__amp_source_origin=https%3A%2F%2Fwin-halo.link-oke.click Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0837900ff03ad9c1b88cb96f5227139a4d10d312a36902652152fb4a74828d0b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept application/json Referer https://win-halo.link-oke.click/ Response headers access-control-expose-headers AMP-Access-Control-Allow-Source-Origin content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1033:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Dec 2024 18:06:25 GMT content-type application/json; charset=UTF-8 content-disposition attachment; filename="GTM-KSVXFXM.json" vary * strict-transport-security max-age=31536000; includeSubDomains cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1033:0 amp-access-control-allow-source-origin https://win-halo.link-oke.click access-control-allow-origin https://win-halo.link-oke.click cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 646 x-xss-protection 0 server Google Tag Manager
GET H2	200	collect www.google-analytics.com/r/	35 B 603 B	537ms 77ms	Image image/gif	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/collect?v=1&_v=a1&gtm=45Le4cc1&ds=AMP&aip=true&_s=1&dt=Halobet%3A%20Pilihan%20Terbaik%20Taruhan%20Judi%20Slot%20Online%20Saat%20Ini&sr=1600x1200&_utmht=1735495585216&cid=amp-Tm8wSKiwG9qy7p2kUcTZ1Q&tid=UA-251543991-1&dl=https%3A%2F%2Fwin-halo.link-oke.click%2F&dr=&sd=24&ul=de-de&de=UTF-8&jid=0.6763667635783226&t=pageview&_r=1&a=7643&z=0.9705864931526584 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://win-halo.link-oke.click/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:169:0"}],} x-content-type-options nosniff content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:169:0 expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 35 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Dec 2024 18:06:25 GMT last-modified Sun, 17 May 1998 03:00:00 GMT content-type image/gif server Golfe2
POST H2	204	collect region1.google-analytics.com/g/	0 549 B	880ms 98ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-Z3ZM9565J2&ds=AMP&_p=7643&cid=amp-Tm8wSKiwG9qy7p2kUcTZ1Q&ul=de-de&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwin-halo.link-oke.click%2F&dr=&dt=Halobet%3A%20Pilihan%20Terbaik%20Taruhan%20Judi%20Slot%20Online%20Saat%20Ini&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1735495585&sct=1&seg=1&_et=1000&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=win-halo.link-oke.click Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://win-halo.link-oke.click/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://win-halo.link-oke.click cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Dec 2024 18:06:26 GMT content-type text/plain server Golfe2
GET H3	200	Favicon-Halobet.png hlt.asets.click/logo/	20 KB 21 KB	112ms 112ms	Other image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hlt.asets.click/logo/Favicon-Halobet.png Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a37fd3f0d96a08f2bb0a884655f620d523286a4ceffe592fffe41bcc30d48239 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://win-halo.link-oke.click/ Response headers cf-cache-status HIT etag "4fac-651c2873-c1940;;;" age 77256 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VcHSj2oHcADYSfSYcTf6D9pwQ8TDQGDj%2FhOI1bFquNu6cMnQUcHK1P7IAfh2%2F%2FJgG6NJsVOGaJ4bMfqQjsFUP2sR%2Fe9mSdnYkSiopNv7uzHtcWN382VM%2Fno91U6F1w7Jta0%3D"}],"group":"cf-nel","max_age":604800} expires Tue, 09 Apr 2024 19:50:12 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=17699&min_rtt=10065&rtt_var=9872&sent=18&recv=14&lost=0&retrans=0&sent_bytes=8323&recv_bytes=4944&delivery_rate=80425&cwnd=12000&unsent_bytes=0&cid=683888a9fc04e1da&ts=2068&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 29 Dec 2024 18:06:25 GMT content-type image/png last-modified Tue, 03 Oct 2023 14:42:59 GMT vary Accept-Encoding priority u=1,i cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f9bb9507f59dba5-FRA accept-ranges bytes content-length 20396 server cloudflare

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.link-oke.click/	1970-01-21 10:50:31	Name: _ga Value: amp-Tm8wSKiwG9qy7p2kUcTZ1Q

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://win-halo.link-oke.click/ Message: The resource https://asets.click/bdk/bm/bonus-live-casino-badakbet.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amp.analytics-debugger.com
asets.click
cdn.ampproject.org
d1bnhxh1olb98c.cloudfront.net
hlt.asets.click
region1.google-analytics.com
static.rtpdb.com
win-halo.link-oke.click
www.google-analytics.com
www.googletagmanager.com
x-cdn.id
104.21.32.1
142.250.186.129
172.67.160.90
172.67.215.158
188.114.96.3
188.114.97.3
188.114.97.9
2001:4860:4802:34::36
2600:9000:2644:600:9:5fa:1f00:21
2a00:1450:4001:811::2001
2a00:1450:4001:812::200e
2a00:1450:4001:828::2008
0188c81ca335f8d2ddbd8dd80d0aa59709c2496a88859c5a35218f515be4202b
026a3546356c9742f7d248f0d12fbdf285f10f4bbe9742ee712c648cbb60a006
0837900ff03ad9c1b88cb96f5227139a4d10d312a36902652152fb4a74828d0b
0cc59162fa62ce1532f1f7826f219b8c8247d03a962245dcd53265e0c11ce8a3
1aa3598e3effa3c9be12f72b0b383b47e0b86c5e284a1d8fd204b131af1d9717
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce
2c38f155f9b0bddf45be9d4e0eec5bb077890fa0e5b99b96fd7621853119ecd6
2c909ea0c9e8dd6b1cdb6b5910663d34fcbf9b4839822577d5c3598ed0b3fc12
338328dedc97f4e8af0f96a11f4277add199f68669d1538cf9bb00e7d7e4761d
3989d8c083312d3366401b52e5ad77b297bfb10b1d0f538653d383352adb2e8a
43632b353e0b91b9a25a89f1dd389e810a8e41215d5f519fc1ca404d6324151c
44a6935eb5366847873e657029231d032986994916b8897da60317f9bde6abc0
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
531c367b59836a3e4af45f28df4a9bc9669b3dea4a313a26f1abb5cfa016f40c
549aacf3a12e204d376af9c1d41ee676a9bfd406f4acbdf7aed022d262ece999
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
7326dfdb6af366b254ec02068d53c0a781e9ed98487a9fb05dad9d15bfcd237b
7e86e5ef66a5b5006e64ab717e63d99fc098bde11d81dc86c1872a65a99e6d35
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ac498c33fba0e0be977df8bb06207fd1bbd2892ddd33d0dfa5e48838e5a7e81
90a0a692795e552c341d7bd98cb76ce5fc5a9ace287a92ac44ce0e6fe93b034f
98091fbd930303d762bac99e29cfb2cb4dc8e99417eae7cc9619bee0b0bbfc06
9a7bf2f9562b8bd9dca77af73c6b60e5ece72a0060439d2d18ce9ba63def1d3f
a37fd3f0d96a08f2bb0a884655f620d523286a4ceffe592fffe41bcc30d48239
abe6c341a1a7d3678e52ea41abbd3c1dd739819dcc686ec6f568009ae2f67dbf
b26e9d1dd9dffd00871f9994bf1248edb1fe4faafc99196c91fb5176000593e8
ca6013c35c9bc40a67c1a948b221a495aac5f48350f2b3fda22f26fb045dd592
dcb93840695b301a1748277b0354f10298e04cd834512d3af2cb17e6ad9ddabb
e01b3c4bdfdd0873c9115d9df47c0628528c8ace960bad3255b175000e13785a
e1df1ea5eb3649c271f9251dd0f522f71583f47396dbf6495bb6507ed06c84ed
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e
f30f08084ce92b0b1970d93f068845a6dc6c855f51d722cd4fdd842c2cdd3c76
fd53d212dc016750c318fc053f4ee98d38991b9f4f67d5771ba0ed1ed4cdd7dd
fef7b80a6b7099cf08d8366eaaa34cba4c2a1f2df6c933162a06ea557b570111